Skip to content

Add config to adjust MQTT whether disconnect when publish or subscribe non-authorized topic #15123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
iamdrq wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add config to adjust MQTT whether disconnect when publish or subscribe non-authorized topic #15123

iamdrq wants to merge 3 commits into from
+199 −3

Conversation

@iamdrq
Copy link

@iamdrq iamdrq commented Dec 12, 2025

Proposed Changes

Thanks all works.

In MQTT spec, not clear descipe client whether disconnect when publish or subscribe non-authorized topic,

So implement has diffrent action:

HiveMQ: 

subscribe non-authorized topic:
MQTT3.1 → disconnect 
MQTT3.1.1 → SUBACK failure no disconnect
MQTT5 → reason codes no disconnect

publish non-authorized topic:
disconnect client (but MQTT5 can send reason code then disconnect)

EMQX:

subscribe non-authorized topic:
SUBACK deny (MQTT5 not authorized, MQTT3 fail) no disconnect

publish non-authorized topic:
Reject publish, no disconnect by default

Rabbitmq MQTT:

subscribe non-authorized topic:
disconnect

publish non-authorized topic:
disconnect

In AMQP spec, disconnect client when touch non-authorized topic, so Rabbitmq MQTT keep this action now.

In MQTT spec,this is not clear.
Someone hope touch non-authorized topic disconnect and someone hope not, #12902
So let's add config to adjust Rabbitmq MQTT whether disconnect when publish or subscribe non-authorized topic,
give control to the user.

rabbitmq.conf

mqtt.ignore_unauthorized=false|true (false defualt)

mqtt.ignore_unauthorized=false

disconnect client when publish or subscribe non-authorized topic, keep Rabbitmq MQTT action now

mqtt.ignore_unauthorized=true

subscribe: 
reply SUBACK(ok,non-authorized) and send retained messages for the successfully subscribed topics
and keep connection

publish: 
MQTT v5 + QoS1: reply with PUBACK including an error reason code and keep connection.
MQTT v3 or QoS0 : drop silently and keep connection.

Types of Changes

What types of changes does your code introduce to this project?

  • New feature (non-breaking change which adds functionality)

Checklist

  • Mandatory: I (or my employer/client) have have signed the CA (see https://github.com/rabbitmq/cla)
  • I have read the CONTRIBUTING.md document
  • All tests pass locally with my changes

@mergify mergify bot added the make label Dec 12, 2025
@ansd ansd self-requested a review December 12, 2025 12:47
michaelklishin
michaelklishin reviewed Dec 12, 2025
View reviewed changes
michaelklishin
michaelklishin requested changes Dec 12, 2025
View reviewed changes
ansd
ansd requested changes Dec 15, 2025
View reviewed changes
Copy link
Member

@ansd ansd left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The rationale of this PR makes sense because the MQTT 5.0 spec states:

Errors other than Malformed Packet and Protocol Errors cannot be anticipated by the sender because the receiver might have constraints which it has not communicated to the sender. A receiving Client or Server might encounter a transient error, such as a shortage of memory, that prevents successful processing of an individual MQTT Control Packet. Acknowledgment packets PUBACK, PUBREC, PUBREL, PUBCOMP, SUBACK, UNSUBACK with a Reason Code of 0x80 or greater indicate that the received packet, identified by a Packet Identifier, was in error. There are no consequences for other Sessions or other Packets flowing on the same Session.

EMQX also has a config option to toggle this disconnect on authz failure behaviour.

I find maintain_connection_on_authorization_failures is too long.

Let's name it disconnect_on_unauthorized (defaulting to true since that's today's behaviour).

@iamdrq tests are missing. Please add tests.

@michaelklishin
Copy link
Collaborator

michaelklishin commented Dec 15, 2025

mqtt.disconnect_on_unauthorized sounds reasonable.

@iamdrq
Add a config option to toggle mqtt disconnect on unauthorized topic
22f42f5 
mqtt.disconnect_on_unauthorized=true(defualt)
disconnect the clinet when publish or subscribe unauthorized topic.

mqtt.disconnect_on_unauthorized=false
subscribe unauthorized topic,
reply SUBACK(non-authorized) and send retained messages for the successfully subscribed topics and keep connection.
publish unauthorized topic,
MQTT v5 and QoS1 reply with PUBACK including an error reason code and keep connection,
MQTT v3 and QoS1 reply with PUBACK no error reason code and keep connection,
QoS0 drop silently and keep connection.
@iamdrq iamdrq requested a review from ansd December 17, 2025 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelklishin michaelklishin Awaiting requested review from michaelklishin

@ansd ansd Awaiting requested review from ansd

Assignees

No one assigned

Labels

make

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@iamdrq @michaelklishin @ansd