test for dev

Author: Philipp Lamp

Dockerfile

@@ -10,7 +10,7 @@ COPY install_hivemq.sh docker-entrypoint.sh /
 RUN chmod +x /docker-entrypoint.sh \
     && source /install_hivemq.sh \
     && rm /install_hivemq.sh
-COPY hivemq/ /opt/hivemq/
+COPY opt/ /opt/
 RUN chown -R hivemq:hivemq /opt/hivemq/*
 
 

README.md

@@ -41,6 +41,17 @@ Plugins
 -------
 To add plugins you could mount them to the plugin directory as described. For ease of use I recommend instead extending the Dockerfile.
 
+Authentication
+--------------
+By default the file authentication plugin (see http://www.hivemq.com/plugin/file-authentication/) is installed in production-ready configuration and exactly one user.
+
+| User | Password |
+| ---- | -------- |
+| hivemq | test |
+
+To disable the authentication completely (e.g. for testing purposes), start the docker image with `-e HIVEMQ_DISABLE_AUTH_PLUGIN=true`
+
+
 
 Start on docker native cluster
 ------------------------------

Vagrantfile

@@ -7,12 +7,12 @@ Vagrant.configure(2) do |config|
   (1..number_of_instances).each do |instance_number|
     config.vm.define "node#{instance_number}" do |host|
       host.vm.box = "ubuntu/trusty64"
-      host.vm.network "private_network", ip: "192.168.33.11#{instance_number}"
+      #host.vm.network "private_network", ip: "192.168.33.11#{instance_number}"
       host.vm.hostname = "node#{instance_number}"
 
       host.vm.provider "virtualbox" do |v|
         v.memory = 1024
-        v.cpus = 1
+        v.cpus = 2
       end
 
 

docker-entrypoint.sh

@@ -29,4 +29,16 @@ if [ ! -z "$SWARM_NETWORK_BASE" ]; then
 fi
 
 
+# Enable Auth Plugin if necessary
+if [ "$HIVEMQ_DISABLE_AUTH_PLUGIN"=="true" ]; then
+    echo "Not Activating Auth plugin due to HIVEMQ_DISABLE_AUTH_PLUGIN"
+    # This way is not yet compatible with docker stop and start. only with rm and run.
+else
+    echo "Enabling Auth plugin"
+    ln -s /opt/hivemq-modules/fileauth/bin/file-authentication-plugin-3.0.2.jar /opt/hivemq/plugins/file-authentication-plugin-3.0.2.jar
+    ln -s /opt/hivemq-modules/fileauth/bin/credentials.properties /opt/hivemq/plugins/credentials.properties
+    ln -s /opt/hivemq-modules/fileauth/bin/fileAuthConfiguration.properties /opt/hivemq/plugins/fileAuthConfiguration.properties
+fi
+
+
 /opt/hivemq/bin/run.sh

install_hivemq.sh

@@ -3,6 +3,7 @@
 mkdir -p /opt
 cd /opt
 
+#Install HiveMQ
 wget -O hivemq.zip http://www.hivemq.com/download.php?token=a2903f0457bc42959785c34fa1532dca
 unzip hivemq.zip
 rm hivemq.zip
@@ -16,3 +17,18 @@ chown -R hivemq:hivemq /opt/hivemq
 
 chmod +x /opt/hivemq/bin/run.sh
 
+#Install file authentication plugin
+mkdir -p /opt/file-auth-plugin
+mkdir -p /opt/tools
+
+cd /opt/file-auth-plugin
+wget -O file-auth.zip http://www.hivemq.com/wp-content/uploads/file-authentication-3.0.2-distribution.zip
+unzip file-auth.zip
+rm file-auth.zip
+
+mv file-authentication-plugin-3.0.2.jar LICENSE.txt /opt/hivemq-modules/fileauth/bin
+mv tools/file-authentication-plugin-utility-1.1.jar /opt/tools
+
+
+
+cd ..

opt/hivemq-modules/fileauth/README.txt

@@ -0,0 +1 @@
+Files in this folder will be linked to the suitable position inside /opt/hivemq if file auth is enabled.

opt/hivemq-modules/fileauth/conf/credentials.properties

@@ -0,0 +1,4 @@
+# To replace with your own credentials either mount an own file exactly to this place or use /opt/tools/file-authentication-plugin-utility-1.1.jar to create credentials
+# Since it is more reproducible, mounting is the preferred way.
+
+TODO: create initial credentials

opt/hivemq-modules/fileauth/conf/fileAuthConfiguration.properties

@@ -0,0 +1,39 @@
+# -------------------------------------------------------------------------
+#
+#                   _    _  _              __  __   ____
+#                  | |  | |(_)            |  \/  | / __ \
+#                  | |__| | _ __   __ ___ | \  / || |  | |
+#                  |  __  || |\ \ / // _ \| |\/| || |  | |
+#                  | |  | || | \ V /|  __/| |  | || |__| |
+#                  |_|  |_||_|  \_/  \___||_|  |_| \___\_\
+#
+# -------------------------------------------------------------------------
+#
+# File Authentication Plugin Configuration
+#
+# -------------------------------------------------------------------------
+
+# This property specifies the name of the file, which contains the
+# credentials of the users. Please notice that the file has to be in the
+# plugins folder.
+filename=credentials.properties
+
+# Specifies if the password is stored as plaintext or as a hashed string.
+passwordHashing.enabled=true
+
+# Here the hashing algorithm used during creation of the credentials file
+# can be declared. HiveMQ is supporting all hashing algorithms provided
+# by the Java VM.
+passwordHashing.shiroAlgo=SHA-512
+
+# Customizes the number of hashing iterations used.
+passwordHashing.iterations=1000000
+
+# Configures if the hashed password has used a salt during the hash generation.
+passwordHashingSalt.enabled=true
+
+# Specifies the order of hash and salt.
+passwordHashingSalt.isFirst=true
+passwordHashingSalt.separationChar=$
+
+