cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Want the oppurtunity to discuss enhancements to PTC products? Join a working group! X

Mqtt extension "System" user

cbaurand
12-Amethyst

Mqtt extension "System" user

Hello,

 

I'm starting to use Mqtt extension. All works fine. My thing is connected to the broker and i can receive and publish messages. The problem i have is, when i receive a message from the broker, the user that runs the thread is "System". Is there a way to change this user to my own "system" user ?

 

Thanks for your help,

 

Cyril.

ACCEPTED SOLUTION

Accepted Solutions
abjain
15-Moonstone
(To:cbaurand)

@cbaurand : I think in this case you will have to provided appropriate permission to 'System user' itself as for your own user , you will have to give permission at multiple levels. Please go through the following documentation on how a System user makes management of internal service permission easier- http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FComposer%2FSecurity%2FSystemUser.html

Would also recommend to go through the article: https://www.ptc.com/en/support/article/CS270968 

View solution in original post

6 REPLIES 6
PaiChung
22-Sapphire I
(To:cbaurand)

I think most likely you are invoking some platform event mechanism causing it to turn as system or superuser which basically has permissions to trigger anything.

I have seen on Timers and Schedulers the ability to run under a certain user.

Now the bad news, I don't know how you can add that to your extension

cbaurand
12-Amethyst
(To:PaiChung)

@PaiChung You're right, i saw that the subscription called on a mqtt property change is done by the System User. My problem is, this System user doesn't have the visibility on the things i need at this level.

I don't want that this System user gets this visibility. I want that my own user, like a "MqttUser" gets this visibility.

abjain
15-Moonstone
(To:cbaurand)

@cbaurand : I think in this case you will have to provided appropriate permission to 'System user' itself as for your own user , you will have to give permission at multiple levels. Please go through the following documentation on how a System user makes management of internal service permission easier- http://support.ptc.com/help/thingworx_hc/thingworx_8_hc/en/#page/ThingWorx%2FHelp%2FComposer%2FSecurity%2FSystemUser.html

Would also recommend to go through the article: https://www.ptc.com/en/support/article/CS270968 

cbaurand
12-Amethyst
(To:abjain)

IF i do what you propose, my System user will have visibility on all of my assets. Isn't it something that breaks the security?

PaiChung
22-Sapphire I
(To:cbaurand)

Since nobody can be logged in directly as system user it is not a threat to your security.

slangley
23-Emerald II
(To:cbaurand)

Hi @cbaurand

 

If one of the previous responses helped to answer your question, please mark the appropriate one as the Accepted Solution for the benefit of others with the same question.

 

Regards.

 

--Sharon

Announcements


Top Tags