0

MQTT anonymous connection failed
Moderators: adafruit_support_bill, adafruit

Please be positive and constructive with your questions and comments.

MQTT anonymous connection failed

by jdargiel on Wed Oct 02, 2019 5:51 pm

I want to connect to the IO MQTT broker without using my account tokens to subscribe to a public feed. At the moment it looks like I can't do that, because the broker requires I provide a username/key to connect. I tried using websockets via the eclipse JS paho library, as well as MQTT.fx.

The JS library returns this error:

Code: Select all | TOGGLE FULL SIZE
"AMQJS0006E Bad Connack return code:4 Connection Refused: bad user name or password."


MQTT.fx logs this:

Code: Select all | TOGGLE FULL SIZE
org.eclipse.paho.client.mqttv3.MqttSecurityException: Bad user name or password


Is there a way to subscribe to a public feed without using the key?

I wan't to connect to the broker from a website using websockets, so using the key is out of the question, as it can be stolen.

jdargiel
 
Posts: 3
Joined: Wed Oct 02, 2019 5:41 pm

Re: MQTT anonymous connection failed

by brubell on Thu Oct 03, 2019 9:22 am

Hi jdargiel,

Could you post the MQTT connection details (broker and port) you're using to connect to Adafruit IO?

brubell
 
Posts: 528
Joined: Fri Jul 17, 2015 10:33 pm

Re: MQTT anonymous connection failed

by jdargiel on Thu Oct 03, 2019 9:52 am

For websockets I'm using
Code: Select all | TOGGLE FULL SIZE
wss://io.adafruit.com:443/mqtt/
.

Via MQTT.fx I've tried io.adafruit.com on port 1883

jdargiel
 
Posts: 3
Joined: Wed Oct 02, 2019 5:41 pm

Re: MQTT anonymous connection failed

by brubell on Thu Oct 03, 2019 10:05 am

Anonymous MQTT connections are not permitted, you'll need to supply a username and password when connecting to the Adafruit IO Broker.

brubell
 
Posts: 528
Joined: Fri Jul 17, 2015 10:33 pm

Re: MQTT anonymous connection failed

by abachman on Thu Oct 03, 2019 10:34 am

Hi jdargiel!


Same as what brubell said, unfortunately, but here's some more info.

Right now there's no way to share your data publicly via MQTT. You could make the feeds public and set up an HTTP polling system in your page and get live data that way, though I, uhhhh, strongly request that if you go that route you make the timeout longer than 30 seconds to avoid an unintentional distributed denial of service attack. If you keep a short timeout and all the users' browsers are hitting Adafruit IO fast enough they'll all get locked out.

It's kind of a similar problem with the MQTT connection. We're interested and looking into a mechanism for creating shareable account credentials (like read only MQTT access to specific feeds), but putting them on a semi-popular page and giving the world direct access to Adafruit IO would still lock everyone out. The current rate limit on MQTT authentication is about 20 requests every 10 seconds.

A better solution that you can build right now is to open a secure MQTT session on a server you control and proxy all messages through a websocket server.. I happen to have a demo app for that on (the amazing) glitch.com you can check out here: https://io-mqtt-websocket.glitch.me/. There's a button on the top right that will let you clone ("remix") the project and add your own IO credentials. End result: your credentials stay secret (as long as your server is locked down), only one MQTT connection is opened per web server process when the server starts up, only the data you want to share is re-published publicly, and all the data coming out of your server is pretty close to real-time as far as human perception is concerned.


- adam b.

abachman
 
Posts: 338
Joined: Mon Feb 01, 2010 12:48 pm

Re: MQTT anonymous connection failed

by jdargiel on Thu Oct 03, 2019 10:56 am

Thanks for the background, perspectives and alternatives. I'll think about how I can proxy the connections.

jdargiel
 
Posts: 3
Joined: Wed Oct 02, 2019 5:41 pm

Please be positive and constructive with your questions and comments.