I see the data sent in another BROKER without authentication... Why, if I use the authentication?

Discussion about programs, libraries and tools that work with MicroPython. Mostly these are provided by a third party.
Target audience: All users and developers of MicroPython.
Post Reply
fandres
Posts: 8
Joined: Wed Jan 17, 2018 10:00 pm

I see the data sent in another BROKER without authentication... Why, if I use the authentication?

Post by fandres » Wed Jan 24, 2018 10:09 pm

Hello friends, I am implementing a project that uses user / password authentication. The publisher is thus:
self.client_mqtt = MQTTClient (self.CLIENT_ID, BROKER, PORT, NAME, MQTT_PASS)

On the other hand the BROKER is running mosquitto, this works well. But I've done tests with another BROKER on my PC and another client on my PC with: mosquitto_sub -d -t / #
The problem is that the PC client and the PC BROKER shows the data.

Why, if I use the authentication by user / password (Publisher) can I see the data sent in another BROKER without authentication?
I am doing something wrong?

library: umqtt.simple
Micropython: 1.9.3 with ESP8266
Top
User avatar
pythoncoder
Posts: 4949
Joined: Fri Jul 18, 2014 8:01 am
Location: UK
Contact:
Contact pythoncoder

Re: I see the data sent in another BROKER without authentication... Why, if I use the authentication?

Post by pythoncoder » Thu Jan 25, 2018 6:22 am

I think MQTT password protection is to protect the broker from rogue clients rather than to protect the client from rogue brokers.
Peter Hinch
Top
Post Reply

Return to “Programs, Libraries and Tools”