Service User not authorised?

alexanderpilhar · July 28, 2022, 11:33am

Hello everybody!

I’m trying to complete the following tutorial:
Tutorial: Connect your MQTT Client

But subscribing and publishing fails.

Here are the according log messages:

07/28/2022 12:51:48 INFO API DefaultMQTTHandler Subscription was not authorised for this user and topic: topic=master/mqttclient/attribute/subscribeAttribute/3OUTeS8lisOFZtI0kPxf7X, connection=MqttConnection{connectionTime=1659005498551, realm=‘master’, username=‘mqttuser’, clientId=‘mqttclient’, obsolete=‘false’}
07/28/2022 12:53:44 WARN ASSET Error processing from CLIENT - INSUFFICIENT_ACCESS: AttributeEvent{timestamp=Thu Jul 28 12:53:44 CEST 2022, attributeState=AttributeState{ref=AttributeRef{id=‘3OUTeS8lisOFZtI0kPxf7X’, name=‘writeAttribute’}, value=23, deleted=false}}

This is the service user:

This is the asset:
Unfortunately, I am not allowed to post more than one media item.

My question:
Am I doing something wrong?
Does it have to do with Service users should get permissions to the openremote client #755?

alexanderpilhar · July 28, 2022, 11:46am

Here’s the asset:

Denis · July 28, 2022, 1:26pm

What Client are you using?

Could you please provide also the publish topic?

alexanderpilhar · July 28, 2022, 1:43pm

Sure!

The client I use is MQTTX in its current version.

Topics:

subscribe: master/mqttclient/attribute/subscribeAttribute/3OUTeS8lisOFZtI0kPxf7X
publish: master/mqttclient/writeattributevalue/writeAttribute/3OUTeS8lisOFZtI0kPxf7X

Here’s the connection details:

alexanderpilhar · August 10, 2022, 6:40am

The error message when I try to subscribe:

aurygp · August 10, 2022, 1:44pm

I have the same issue.
The clientId in the mqtt connection and subscriptions string are the same .
I set services user in OR with all privileges and chose “linked assets” selecting the propper asset.

2022-08-10 15:17:10.370  WARNING [nioEventLoopGroup-3-1         ] io.moquette.broker.Authorizator          : Client does not have read permissions on the topic username: master:auremqtt, messageId: 32809, topic: master/mqtt-explorer-982c6064/attribute/subscribeAttribute/7Ik9DNCysQOVvgNltSXhb4
2022-08-10 15:17:39.289  INFO    [nioEventLoopGroup-3-2         ] mote.manager.mqtt.DefaultMQTTHandler.API : Subscription was not authorised for this user and topic: topic=master/client123/attribute/subscribeAttribute/7Ik9DNCysQOVvgNltSXhb4, connection=MqttConnection{connectionTime=1660137430354, realm='master', username='auremqtt', clientId='client123', obsolete='false'}
2022-08-10 15:17:39.291  WARNING [nioEventLoopGroup-3-2         ] io.moquette.broker.Authorizator          : Client does not have read permissions on the topic username: master:auremqtt, messageId: 33920, topic: master/client123/attribute/subscribeAttribute/7Ik9DNCysQOVvgNltSXhb4

Don · August 10, 2022, 2:06pm

Could you make sure you have the latest version of OpenRemote, redeploy, and create a new service user and test again with the new user. To rule out any outdated issues.

when doing so to make sure you are using the most recent commit
set MANAGER_VERSION=develop
(or image: openremote/manager:${MANAGER_VERSION:-develop} in the docker file)

aurygp · August 11, 2022, 4:28pm

Wow!!
A simple change with powerfull results.

#image: openremote/manager:${MANAGER_VERSION:-latest}
 image: openremote/manager:${MANAGER_VERSION:-develop}

-latest version is wrong?

Thanks a lot!

Don · August 12, 2022, 11:51am

Develop contains all latest commits, including a fix for your issue. Latest (well not really latest as you can see ) is manually set and will be updated soon.