Mnesia username 认证,配置后无法连接 Connection refused: Not authorized

环境信息

  • EMQX 版本: EMQX 开源版 4.4.2
  • 操作系统及版本: Ubuntu 16.04

问题描述:Mnesia username 认证不通过(clientid认证正常)

步骤与配置:

  1. 关闭匿名认证+开启插件emqx_auth_mnesia,重启EMQX

  2. emqx_auth_mnesia.conf配置为:
    auth.mnesia.password_hash = sha256

  3. 通过API /api/v4/auth_username 与 /api/v4/auth_clientid 添加账户

  4. 添加账户后,可以通过 id+password 连接,但是通过 username+password 连接时,无法通过认证,MQTTX提示 Error: Connection refused: Not authorized

  5. 使用emqx eval 'ets:tab2list(emqx_user).'查看本地数据库,username的密码好像没有被正确存储为sha256?

[{emqx_user,{username,<<"my_user3">>},
            <<10,232,65,155,99,49,99,97,100,54,57,53,99,51,50,56,57,49,49,53,
              57,102,102,49,50,56,50,99,99,56,97,53,100,48,52,51,54,48,102,50,
              101,50,55,102,54,53,52,101,99,55,53,48,55,54,100,52,56,56,55,53,
              50,54,55,97,100,50,51,101>>,
            1650010086707},
 {emqx_user,{username,<<"my_user6">>},
            <<177,199,80,153,50,55,53,102,99,102,99,100,50,49,56,54,51,48,99,
              99,97,55,54,54,54,98,97,98,55,102,54,97,49,98,57,53,56,53,49,55,
              100,98,52,99,48,100,50,50,57,54,54,55,57,54,101,53,55,48,57,101,
              54,101,99,55,48,55,54,100>>,
            1650010150955},
 {emqx_user,{username,<<"my_user4">>},
            <<190,208,152,244,100,97,53,57,99,53,54,53,54,100,56,98,53,101,54,
              100,49,97,49,53,98,56,49,99,48,48,57,54,51,97,54,102,100,48,55,
              102,54,53,100,55,52,100,51,50,52,51,54,51,99,101,56,57,52,49,51,
              102,99,98,102,56,101,55,52,98>>,
            1650010093472},
 {emqx_user,{username,<<"my_user7">>},
            <<74,236,3,63,51,48,55,97,100,101,101,48,57,102,54,52,100,55,49,98,
              49,97,100,56,98,53,102,52,51,50,56,48,99,51,48,52,102,98,53,48,
              52,100,49,50,53,100,56,49,98,57,100,52,57,57,51,101,101,100,53,
              98,51,102,54,97,50,56,50,51>>,
            1650010172553},
 {emqx_user,{username,<<"my_user5">>},
            <<"]V▒bd96ac84227c86eaed192d4423815e0e4b701f95dc5896ddb8e5c955d2fa6a220">>,
            1650010144879},
 {emqx_user,{username,<<"my_user1">>},
            <<130,58,123,51,100,101,102,50,99,49,100,54,57,55,56,53,49,56,98,
              52,97,50,49,54,48,102,48,99,56,97,101,55,98,54,51,97,100,101,49,
              98,98,100,53,57,56,50,51,97,53,99,99,97,99,53,102,54,49,57,50,98,
              54,49,102,56,55,56,49,97>>,
            1650010071157},
 {emqx_user,{username,<<"my_user2">>},
            <<55,94,186,138,99,53,55,52,52,52,50,98,101,55,50,100,53,50,55,99,
              99,56,51,101,51,53,49,55,101,102,98,50,57,56,100,97,57,53,50,98,
              55,49,100,99,97,49,56,53,100,51,54,51,51,100,51,57,101,51,48,56,
              51,99,99,51,53,48,98,56>>,
            1650010080502},
 {emqx_user,{clientid,<<"id">>},
            <<"޻▒n4d36e2fde5ed4fbbc634d28a53b44523afd55830f8015f176b33839d60a7613a">>,
            1650008326548}]

PS:直接修改emqx_auth_mnesia.conf配置文件效果与通过API添加账户效果相同

将日志等级设置为 debug, 在验证失败的地方会输出验证时相关的信息,先按照日志内容核对下看看

应该是MQTTX的问题,我后来用python连接的时候,使用username是可以验证的。