问开源的vernemq2.1.1版本，通过Dockerfile文件以及lua等配置文件实现自定义认证逻辑失败如何解决？

提问于 2025-11-19 17:07:33

回答 0关注 0查看 6

我尝试了好多方法，一直没解决，mqttx连接时报错Bad User Name or Password，然后docker的容器输出为如下，求助一下，为什么会这样，我的脚本在容器内加载了，也挂载了，并且lua脚本中是无脑放过的，无论mqttx的连接参数是什么，都会认证通过。

创建容器的命令是：

docker run -it --rm --name vernemq -p 10.0.2.72:1883:1883 -p 10.0.2.72:8883:8883 -p 10.0.2.72:8080:8080 -p 10.0.2.72:8081:8081 -p 10.0.2.72:44053:44053 -v D:\VerneMQ\vernemq.conf:/vernemq/etc/vernemq.conf -v D:\VerneMQ\vmq_diversity.conf:/vernemq/etc/vmq_diversity.conf -v D:\VerneMQ\init.lua:/vernemq/share/lua/5.2/init.lua -v D:\VerneMQ\vm.args:/vernemq/etc/vm.args vernemq-mysql:1.2 /vernemq/bin/vernemq console

2025-11-19T06:43:13.911229+00:00 [warning] <0.557.0> vmq_mqtt5_fsm:check_user/3:1119: can't authenticate client {[],<<"MQTTX-Monitor">>} from 172.17.0.1:36812 due to plugin_chain_exhausted
2025-11-19T06:43:13.911534+00:00 [debug] <0.557.0> vmq_ranch:teardown/2:190: session normally stopped
2025-11-19T06:43:14.477623+00:00 [debug] <0.260.0> vmq_swc_store:handle_info/2:799: Replica meta5: Can't initialize AE exchange due to no peer available

Dockerfile文件配置内容如下所示：

# Stage 1: The builder stage. This container is used to build the VerneMQ application.
FROM ubuntu:24.04 AS builder
 
# 使用国内镜像源替换默认源
RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \
    sed -i 's/security.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list
 
# 为 apt 设置不使用代理
RUN echo 'Acquire::http::Proxy "false";' > /etc/apt/apt.conf.d/99proxy && \
    echo 'Acquire::https::Proxy "false";' >> /etc/apt/apt.conf.d/99proxy
 
# Install necessary build dependencies (不使用代理)
RUN apt-get update && apt-get install -y \
    git \
    build-essential \
    cmake \
    rebar3 \
    erlang-dev \
    erlang-parsetools \
    erlang-tools \
    libssl-dev \
    libsnappy-dev \
    procps \
    libncurses5-dev \
    && rm -rf /var/lib/apt/lists/*
 
# 设置代理用于 GitHub 下载
ENV http_proxy=http://x.x.x.x
ENV https_proxy=http://x.x.x.x
ENV HTTP_PROXY=http://x.x.x.x
ENV HTTPS_PROXY=http://x.x.x.x
 
# Clone the VerneMQ repository, specifically the 2.1.1 tag.
RUN git clone -b 2.1.1 --depth 1 https://github.com/vernemq/vernemq.git /vernemq
 
# Set the working directory to the cloned repository.
WORKDIR /vernemq
 
# Build the VerneMQ release.
RUN make rel
 
# Stage 2: The final runtime image.
FROM ubuntu:24.04
 
# 使用国内镜像源替换默认源
RUN sed -i 's/archive.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list && \
    sed -i 's/security.ubuntu.com/mirrors.aliyun.com/g' /etc/apt/sources.list
 
# 为 apt 设置不使用代理
RUN echo 'Acquire::http::Proxy "false";' > /etc/apt/apt.conf.d/99proxy && \
    echo 'Acquire::https::Proxy "false";' >> /etc/apt/apt.conf.d/99proxy
 
# 安装 Erlang 运行时和必要的依赖 (不使用代理)
RUN apt-get update && apt-get install -y \
    erlang \
    libssl-dev \
    libsnappy1v5 \
    default-mysql-client \
    ca-certificates \
    && rm -rf /var/lib/apt/lists/*
 
# Create necessary directories
RUN mkdir -p /vernemq/etc /vernemq/share/lua
 
# Copy the compiled release from the builder stage.
COPY --from=builder /vernemq/_build/default/rel/vernemq /vernemq
 
# Copy configuration files
COPY vernemq.conf /vernemq/etc/vernemq.conf
COPY vmq_diversity.conf /vernemq/etc/vmq_diversity.conf
COPY mysql_auth.lua /vernemq/share/lua/mysql_auth.lua
 
RUN rm -f /vernemq/share/lua/auth/*mysql*.lua
 
# Set the working directory for the final image.
WORKDIR /vernemq
 
# 清除代理设置（运行时不需要）
ENV http_proxy=
ENV https_proxy=
ENV HTTP_PROXY=
ENV HTTPS_PROXY=
 
# Expose the standard VerneMQ ports.
EXPOSE 1883 8883 8080 8081 44053
 
# The default command to run when the container starts.
CMD ["/vernemq/bin/vernemq", "console"]

vernemq.conf配置内容如下所示：

## ========= 基础 =========
allow_anonymous = off
allow_register_during_netsplit = on
allow_publish_during_netsplit = on
allow_subscribe_during_netsplit = on
allow_unsubscribe_during_netsplit = on

## ========= 监听 =========
listener.tcp.default = 0.0.0.0:1883
listener.ws.default  = 0.0.0.0:8080

## ========= 日志 =========
log.console = console
log.console.level = debug

## ========= 插件 =========
plugins.vmq_diversity = on
vmq_diversity.auth_postgres.enabled = off
vmq_diversity.auth_mysql.enabled = off
vmq_diversity.auth_mongodb.enabled = off
vmq_diversity.script_dir = /vernemq/share/lua/5.2

vmq_diversity.conf配置文件如下所示：

vmq_diversity.mysql.host = host.docker.internal
vmq_diversity.mysql.port = 3306
vmq_diversity.mysql.user = xxxxx
vmq_diversity.mysql.password = xxxxxx
vmq_diversity.mysql.database = vernemq
vmq_diversity.mysql.password_hash_method = plain
vmq_diversity.script_dir = /vernemq/share/lua/5.2

vm.args配置文件内容如下所示：

## vm.args for VerneMQ 2.1.1
-name VerneMQ@10.0.2.72
-setcookie vmq
+P 256000
-env ERL_MAX_ETS_TABLES 256000
-env ERL_CRASH_DUMP /vernemq/log/erl_crash.dump

init.lua自定义认证脚本内容如下所示：

-- init.lua
print('[AUTH] init.lua loaded')

-- 1. 定义钩子
local function auth_on_register(reg)
    print('[AUTH] auth_on_register called')
    print('[AUTH] username=' .. (reg.username or 'nil'))
    print('[AUTH] client_id=' .. (reg.client_id or 'nil'))
    print('[AUTH] mountpoint=' .. (reg.mountpoint or 'nil'))
    print('[AUTH] peer_addr=' .. (reg.peer_addr or 'nil'))
    print('[AUTH] peer_port=' .. (reg.peer_port or 'nil'))

    -- 调试：打印所有注册信息
    for k,v in pairs(reg) do
        print(string.format("[AUTH] reg.%s = %s", k, tostring(v)))
    end

    return true  -- 无脑放过
end

local function auth_on_publish(pub)
    print('[AUTH] auth_on_publish called')
    return true
end

local function auth_on_subscribe(sub)
    print('[AUTH] auth_on_subscribe called')
    return true
end

-- 2. 注册钩子（直接调用全局函数）
register_auth_on_register(auth_on_register)
register_auth_on_publish(auth_on_publish)
register_auth_on_subscribe(auth_on_subscribe)

print('[AUTH] hooks registered successfully')

lua