Update docs for acl deny feature.
This commit is contained in:
parent
bb3e35fbb9
commit
3506fe4099
@ -54,6 +54,7 @@ Broker:
|
|||||||
- Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.
|
- Added support for controlling UNSUBSCRIBE calls in v5 plugin ACL checks.
|
||||||
- Document that X509_free() must be called after using
|
- Document that X509_free() must be called after using
|
||||||
mosquitto_client_certificate(). Closes #1842.
|
mosquitto_client_certificate(). Closes #1842.
|
||||||
|
- Add "deny" acl type. Closes #1611.
|
||||||
|
|
||||||
Client library:
|
Client library:
|
||||||
- Client no longer generates random client ids for v3.1.1 clients, these are
|
- Client no longer generates random client ids for v3.1.1 clients, these are
|
||||||
|
@ -116,7 +116,8 @@
|
|||||||
contain the + or # wildcards as in
|
contain the + or # wildcards as in
|
||||||
subscriptions. The "deny" option can used to explicity
|
subscriptions. The "deny" option can used to explicity
|
||||||
deny access to a topic that would otherwise be granted
|
deny access to a topic that would otherwise be granted
|
||||||
by a broader read/write/readwrite statement.</para>
|
by a broader read/write/readwrite statement. Any "deny"
|
||||||
|
topics are handled before topics that grant read/write access.</para>
|
||||||
|
|
||||||
<para>The first set of topics are applied to anonymous
|
<para>The first set of topics are applied to anonymous
|
||||||
clients, assuming <option>allow_anonymous</option> is
|
clients, assuming <option>allow_anonymous</option> is
|
||||||
|
@ -536,13 +536,17 @@
|
|||||||
# comment.
|
# comment.
|
||||||
# Topic access is added with lines of the format:
|
# Topic access is added with lines of the format:
|
||||||
#
|
#
|
||||||
# topic [read|write|readwrite] <topic>
|
# topic [read|write|readwrite|deny] <topic>
|
||||||
#
|
#
|
||||||
# The access type is controlled using "read", "write" or "readwrite". This
|
# The access type is controlled using "read", "write", "readwrite" or "deny".
|
||||||
# parameter is optional (unless <topic> contains a space character) - if not
|
# This parameter is optional (unless <topic> contains a space character) - if
|
||||||
# given then the access is read/write. <topic> can contain the + or #
|
# not given then the access is read/write. <topic> can contain the + or #
|
||||||
# wildcards as in subscriptions.
|
# wildcards as in subscriptions.
|
||||||
#
|
#
|
||||||
|
# The "deny" option can used to explicity deny access to a topic that would
|
||||||
|
# otherwise be granted by a broader read/write/readwrite statement. Any "deny"
|
||||||
|
# topics are handled before topics that grant read/write access.
|
||||||
|
#
|
||||||
# The first set of topics are applied to anonymous clients, assuming
|
# The first set of topics are applied to anonymous clients, assuming
|
||||||
# allow_anonymous is true. User specific topic ACLs are added after a
|
# allow_anonymous is true. User specific topic ACLs are added after a
|
||||||
# user line as follows:
|
# user line as follows:
|
||||||
|
Loading…
Reference in New Issue
Block a user