What’s New in HiveMQ 4.25?

The HiveMQ team is proud to announce the release of HiveMQ Enterprise MQTT Platform 4.25. This release introduces Data Hub scripting in the HiveMQ Control Center, Enterprise Security Extension authentication and authorization chain managers, default JDBC drivers for use in Enterprise Security Extension SQL realms, and numerous other HiveMQ platform improvements and fixes.

Highlights

• Data Hub Transformation Scripting in the HiveMQ Control Center
• Enterprise Security Extension JDBC driver defaults
• Enterprise Security Extension Authentication and Authorization Chain Managers

Data Hub Scripts View in the HiveMQ Control Center

HiveMQ Control Center support for Data Hub simplifies usage for users who prefer graphical user interfaces. HiveMQ 4.25 adds a great new control center view that provides an intuitive way to create and manage your Data Hub transformation scripts.

How it works

The new Scripts menu item in the Data Hub section of the HiveMQ Control Center opens a list of all scripts that are currently available in the HiveMQ cluster:

From the Scripts overview, detailed views to create new scripts or manage existing scripts can be accessed:

How it helps

Managing JavaScript functions for HiveMQ Data Hub in the Control Center makes transformation scripting more accessible to a broader range of users. Our carefully designed overviews make it easier to efficiently manage your transformation scripts. Script creation wizards provide useful context-sensitive help and list all available functions as well as links to the schemas and policies the script references:

Additionally, direct source code editing on the UI allows for faster iteration during development.

For detailed information on our latest Data Hub view in the HiveMQ Control Center, see Data Hub Scripts

New Default JDBC Drivers in the Enterprise Security Extension

Starting with HiveMQ 4.25, the HiveMQ Enterprise Security Extension ships with the following JDBC drivers for use in SQL realms:

• PostgreSQL JDBC Driver
• Microsoft JDBC Driver for SQL Server
• MariaDB Java connector

Naturally, it is still possible (but not required) to provide a custom JDBC driver such as MySQL Connector/J.

How it works

You can now configure an SQL realm without providing any custom JDBC drivers.

Example ESE configuration of a PostgreSQL SQL realm:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

<realms>
    <sql-realm>
        <name>postgres-backend</name>
        <enabled>true</enabled>
        <configuration>
            <db-type>POSTGRES</db-type>
            <db-name>hivemq</db-name>
            <db-host>hostname</db-host>
            <db-port>5432</db-port>
            <db-username>hivemq</db-username>
            <db-password>password</db-password>
        </configuration>
    </sql-realm>
</realms>

For more information, see HiveMQ Enterprise Security Extension SQL Realm and SQL Database Setup.

How it helps

The inclusion of default JDBC drivers eliminates the need for a custom download and installation of JDBC drivers. The default drivers simplify your deployment process and ensure that the driver versions are always up-to-date and tested.

Enterprise Security Extension Authentication and Authorization Chain Managers

HiveMQ 4.25 introduces two new chain managers in the HiveMQ Enterprise Security Extension that allow you to combine multiple authentication or authorization managers within a selected pipeline. Chain managers facilitate the implementation of advanced authentication and authorization scenarios.

How it works

The Enterprise Security Extension chain manager iterates through a list of authentication or authorization managers and supports several strategies for handling the authentication or authorization results.

Example ESE configuration of a chain authentication manager:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18

<pipelines>
    <listener-pipeline listener="ALL">
        <chain-authentication-manager>
            <strategy>
            <check-next-on-unknown-authentication-key-or-wrong-secret/>
            </strategy>
            <chain>
                <sql-authentication-manager>
                    <realm>sql-realm</realm>
                </sql-authentication-manager>
                <file-authentication-manager>
                    <realm>file-realm</realm>
                </file-authentication-manager>
            </chain>
        </chain-authentication-manager>
        ...
    </listener-pipeline>
</pipelines>

This example shows how the authentication is first performed with the SQL authentication manager. If the device is not known or uses an unknown secret, then the file authentication manager is tried next.

For further configuration information, see Chain Authentication and Authorization Managers

How it helps

Chain authentication and authorization managers are useful in scenarios where more than one manager is required. Here are some common use cases:

• Override role-based permissions on a per-user basis.
• Merge multiple data sources into a combined data source.
• Seamlessly migrate from one data source to another.

More Noteworthy Features and Improvements

HiveMQ Enterprise MQTT Broker

• Reduced the memory footprint of cluster responses to eliminate unnecessary resource use.
• Improved the way cluster nodes exchange metadata to enhance consistency and simplify node information handling.
• Added version compatibility checks to prevent unsupported nodes from joining or merging into a cluster.
• Removed an exception that does not affect cluster functionality to avoid unnecessary clutter in the log statements.
• Fixed an issue that could cause the export of a failed diagnostic from the control center to get stuck and block all further diagnostic archive exports.

HiveMQ Data Hub

• Added the option to delete all versions of an unused schema to the HiveMQ Control Center Schemas view.
• Added the ability to run Data Hub JavaScript functions on Linux Arm64 platforms.

HiveMQ Enterprise Security Extension

• Adjusted support for MSSQL JDBC drivers to compensate for a breaking change that version 10.2.0 of the driver introduces.
• Aligned the permissions cache durations of LDAP authorization managers and MQTT user permissions for improved consistency.
• Added the ability to override the default schema search path to the ESE SQL realm when PostgreSQL is used.

HiveMQ Enterprise Extension for PostgreSQL

• Added enhanced configuration options for PostgreSQL database schema connections.

Get Started Today

To upgrade to HiveMQ 4.25 from a previous HiveMQ version, take a look at our HiveMQ Upgrade Guide. To learn more about all the features we offer, explore the HiveMQ User Guide.

About HiveMQ Team

We love writing about MQTT, IoT protocols and architecture in general. Our experts are here to help, so reach out to us if we can help!

Contact HiveMQ