cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Mqtt extension "System" user

cbaurand
8-Gravel

Mqtt extension "System" user

Hello,

 

I'm starting to use Mqtt extension. All works fine. My thing is connected to the broker and i can receive and publish messages. The problem i have is, when i receive a message from the broker, the user that runs the thread is "System". Is there a way to change this user to my own "system" user ?

 

Thanks for your help,

 

Cyril.

1 ACCEPTED SOLUTION

Accepted Solutions
abjain
12-Amethyst
(To:cbaurand)

@cbaurand : I think in this case you will have to provided appropriate permission to 'System user' itself as for your own user , you will have to give permission at multiple levels. Please go through the following documentation on how a System user makes management of internal service permission easier- http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FComposer%2FSecur...

Would also recommend to go through the article: https://www.ptc.com/en/support/article/CS270968 

View solution in original post

6 REPLIES 6
PaiChung
21-Topaz II
(To:cbaurand)

I think most likely you are invoking some platform event mechanism causing it to turn as system or superuser which basically has permissions to trigger anything.

I have seen on Timers and Schedulers the ability to run under a certain user.

Now the bad news, I don't know how you can add that to your extension

@PaiChung You're right, i saw that the subscription called on a mqtt property change is done by the System User. My problem is, this System user doesn't have the visibility on the things i need at this level.

I don't want that this System user gets this visibility. I want that my own user, like a "MqttUser" gets this visibility.

abjain
12-Amethyst
(To:cbaurand)

@cbaurand : I think in this case you will have to provided appropriate permission to 'System user' itself as for your own user , you will have to give permission at multiple levels. Please go through the following documentation on how a System user makes management of internal service permission easier- http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FComposer%2FSecur...

Would also recommend to go through the article: https://www.ptc.com/en/support/article/CS270968 

View solution in original post

IF i do what you propose, my System user will have visibility on all of my assets. Isn't it something that breaks the security?

PaiChung
21-Topaz II
(To:cbaurand)

Since nobody can be logged in directly as system user it is not a threat to your security.

slangley
23-Emerald I
(To:cbaurand)

Hi @cbaurand

 

If one of the previous responses helped to answer your question, please mark the appropriate one as the Accepted Solution for the benefit of others with the same question.

 

Regards.

 

--Sharon

Announcements