Authentication with LDAP Server¤
If clients accessing the broker are managed by an LDAP server, this plugin can verify credentials for client authentication and/or topic-level authorization.
amqtt.contrib.ldap.UserAuthLdapPlugin(client authentication)amqtt.contrib.ldap.TopicAuthLdapPlugin(topic authorization)
Authenticate a user with an LDAP directory server.
User Auth¤
dataclass
¤
Bases: LdapConfig
Configuration for the User Auth LDAP Plugin.
instance-attribute
¤
base_dn: str
distinguished name (dn) of the ldap server. e.g. dc=amqtt,dc=io
instance-attribute
¤
bind_dn: str
distinguished name (dn) of known, preferably read-only, user. e.g. cn=admin,dc=amqtt,dc=io
instance-attribute
¤
bind_password: str
password for known, preferably read-only, user
instance-attribute
¤
user_attribute: str
attribute in ldap entry to match the username against
Topic Auth (ACL)¤
dataclass
¤
Bases: LdapConfig
Configuration for the LDAPAuthPlugin.
instance-attribute
¤
base_dn: str
distinguished name (dn) of the ldap server. e.g. dc=amqtt,dc=io
instance-attribute
¤
bind_dn: str
distinguished name (dn) of known, preferably read-only, user. e.g. cn=admin,dc=amqtt,dc=io
instance-attribute
¤
bind_password: str
password for known, preferably read-only, user
instance-attribute
¤
publish_attribute: str
LDAP attribute which contains a list of permissible publish topics.
instance-attribute
¤
receive_attribute: str
LDAP attribute which contains a list of permissible receive topics.
instance-attribute
¤
subscribe_attribute: str
LDAP attribute which contains a list of permissible subscribe topics.
instance-attribute
¤
user_attribute: str
attribute in ldap entry to match the username against