diff --git a/apps/emqx_gateway/etc/emqx_gateway.conf b/apps/emqx_gateway/etc/emqx_gateway.conf index 54e33af36..16315b012 100644 --- a/apps/emqx_gateway/etc/emqx_gateway.conf +++ b/apps/emqx_gateway/etc/emqx_gateway.conf @@ -16,14 +16,17 @@ gateway: { password: "${Packet.headers.passcode}" } - authenticators: [ - { - name: "authenticator1" - mechanism: password-based - server_type: built-in-database - user_id_type: clientid - } - ] + authentication: { + enable: true + authenticators: [ + { + name: "authenticator1" + mechanism: password-based + server_type: built-in-database + user_id_type: clientid + } + ] + } listener.tcp.1: { bind: 61613 @@ -36,7 +39,7 @@ gateway: { coap.1: { enable_stats: false - authenticators: [] + authentication.enable: false heartbeat: 30s resource: mqtt notify_type: qos @@ -49,7 +52,7 @@ gateway: { coap.2: { enable_stats: false - authenticators: [] + authentication.enable:false heartbeat: 30s resource: pubsub notify_type: non @@ -121,7 +124,7 @@ gateway: { #ssl.cacertfile: } - authenticators: [] + authentication.enable: false listener.tcp.1: { bind: 7993 diff --git a/apps/emqx_gateway/src/emqx_gateway_insta_sup.erl b/apps/emqx_gateway/src/emqx_gateway_insta_sup.erl index 58c361026..286be76e5 100644 --- a/apps/emqx_gateway/src/emqx_gateway_insta_sup.erl +++ b/apps/emqx_gateway/src/emqx_gateway_insta_sup.erl @@ -104,10 +104,12 @@ init([Insta, Ctx0, _GwDscrptr]) -> end. do_init_context(InstaId, RawConf, Ctx) -> - Auth = case maps:get(authenticators, RawConf, []) of - [] -> undefined; - AuthCfgs when is_list(AuthCfgs) -> - create_authenticators_for_gateway_insta(InstaId, AuthCfgs) + Auth = case maps:get(authentication, RawConf, #{enable => false}) of + #{enable := true, + authenticators := AuthCfgs} when is_list(AuthCfgs) -> + create_authenticators_for_gateway_insta(InstaId, AuthCfgs); + _ -> + undefined end, Ctx#{auth => Auth}. diff --git a/apps/emqx_gateway/src/emqx_gateway_schema.erl b/apps/emqx_gateway/src/emqx_gateway_schema.erl index a29c6acdf..5cb958701 100644 --- a/apps/emqx_gateway/src/emqx_gateway_schema.erl +++ b/apps/emqx_gateway/src/emqx_gateway_schema.erl @@ -46,7 +46,7 @@ fields(stomp) -> fields(stomp_structs) -> [ {frame, t(ref(stomp_frame))} , {clientinfo_override, t(ref(clientinfo_override))} - , {authenticators, fun emqx_authn_schema:authenticators/1} + , {authentication, t(ref(authentication))} , {listener, t(ref(tcp_listener_group))} ]; @@ -97,7 +97,7 @@ fields(exproto) -> fields(exproto_structs) -> [ {server, t(ref(exproto_grpc_server))} , {handler, t(ref(exproto_grpc_handler))} - , {authenticators, fun emqx_authn_schema:authenticators/1} + , {authentication, t(ref(authentication))} , {listener, t(ref(udp_tcp_listener_group))} ]; @@ -111,6 +111,11 @@ fields(exproto_grpc_handler) -> %% TODO: ssl ]; +fields(authentication) -> + [ {enable, #{type => boolean(), default => false}} + , {authenticators, fun emqx_authn_schema:authenticators/1} + ]; + fields(clientinfo_override) -> [ {username, t(string())} , {password, t(string())} @@ -209,7 +214,7 @@ fields(coap) -> fields(coap_structs) -> [ {enable_stats, t(boolean(), undefined, true)} - , {authenticators, fun emqx_authn_schema:authenticators/1} + , {authentication, t(ref(authentication))} , {heartbeat, t(duration(), undefined, "15s")} , {resource, t(union([mqtt, pubsub]), undefined, mqtt)} , {notify_type, t(union([non, con, qos]), undefined, qos)}