What's New in HiveMQ 4.44?

The HiveMQ team is excited to announce the release of HiveMQ Enterprise MQTT Platform 4.44. This release introduces a comprehensive Kafka Integration Dashboard and a new Client Event History view in Control Center v2, flexible cache configuration options for the HiveMQ Enterprise Security Extension, stronger custom extension classloading security, and multiple performance and usability improvements to the HiveMQ broker.

Highlights

• Kafka Extension Dashboard in HiveMQ Control Center v2
• Client Event History in HiveMQ Control Center v2
• Enterprise Security Extension Cache Configuration
• Improved Custom Extension Classloader

New Kafka Dashboard in HiveMQ Control Center v2

Starting in HiveMQ 4.44, Control Center v2 introduces a comprehensive dashboard for the HiveMQ Enterprise Extension for Kafka. The new operational dashboard gives you complete visibility into the health, performance, and message throughput of your Kafka integration.

How it works

Configure and enable your Kafka integration. Open HiveMQ Control Center v2 and select Kafka from the Integrations menu. Header panels at the top of the new Kafka Dashboard provide an instant health check of your Kafka extension:

• Status panel – Quickly shows the integration status with clear UP, DEGRADED, or DOWN indicators.
• Runtime panel – Displays how long the extension has been running and whether its configuration was hot-reloaded.
• Configuration panels – Summarize key details such as the number of mappings, transformers, Kafka clusters, and brokers per data flow direction.

Together, the panels give you an at-a-glance overview of the extension and help you verify that your Kafka integration is running as expected.

Additionally, the Kafka Dashboard includes two dedicated tabs that give deeper insight into the bidirectional message flow the extension enables:

• The MQTT to Kafka tab displays the number of inbound MQTT messages consumed and how many outbound Kafka records are written.
• The Kafka to MQTT tab shows the number of inbound Kafka records consumed and how many outbound MQTT messages are published to topics.

NOTE: Similar to the CCv2 Overview Dashboard, metrics remain available for up to 72 hours.

How it helps

The new Kafka Dashboard gives you visibility into the message flow of your Kafka extension to improve operational insight and quickly detect potential issues. In upcoming releases, we plan to bring even more enhancements to the Kafka Dashboard.

Want to help shape what comes next? Let us know which features matter most to you. For full details, see our documentation.

New Client Event History in Control Center V2

In addition to the new Kafka Dashboard, HiveMQ 4.44 adds Client Event History to Control Center v2. This feature is part of our continuing commitment to enhance usability and give you deeper insights into individual client behavior.

How it works

In the HiveMQ Control Center v2, open the Client Session Overview and select the client you want to inspect. Switch to the Events tab to access a detailed chronological view of all client activities, including connections, disconnections, and message events.

NOTE: The Client Event History feature must be enabled on your HiveMQ cluster. See the documentation for configuration details.

How it helps

The Client Event History feature makes it easier to understand and debug individual client behavior. Events are provided for successful and failed connections, graceful and ungraceful disconnections, and activation of overload protection for the client. These events give you a comprehensive view into individual client activity patterns and boost your troubleshooting capabilities.

New Cache Configuration Options for HiveMQ Enterprise Security Extension

The HiveMQ Enterprise Security Extension provides powerful authentication and authorization services for the HiveMQ broker. Starting with HiveMQ 4.44, you have full control over the caching configuration for users, permissions, and roles.

How it works

During authentication, users are validated against the configured authentication managers. During authorization, permissions and roles are checked against the configured authorization managers. If your authentication or authorization managers rely on an SQL database or an LDAP system as the backend, you can now configure how users, permissions and roles are cached. Caching can significantly reduce the load on external systems and improve latency during authentication and authorization checks. This is particularly valuable if your SQL databases or LDAP systems are resource-constrained.

Example SQL Authentication Manager configuration with caching for users:

    ...
<pipelines>
  <listener-pipeline listener="ALL">
    <sql-authentication-manager>
      <realm>sql-realm-name</realm>
      <user-cache>
        <expiry-millis>60000</expiry-millis> <!-- 1 minute -->
        <maximum-size>10000</maximum-size>
      </user-cache>
    </sql-authentication-manager>
  </listener-pipeline>
</pipelines>
...
  

Example SQL Authorization Manager configuration with caching for permissions:

    ...
<sql-authorization-manager>
  <realm>sql-realm-name</realm>
  <use-authorization-key>true</use-authorization-key>
  <use-authorization-role-key>false</use-authorization-role-key>  
  <user-permission-cache>
    <expiry-millis>300000</expiry-millis> <!-- 5 minutes -->
    <maximum-size>10000</maximum-size>
  </user-permission-cache>
</sql-authorization-manager>
...
  

Example SQL Authorization Manager configuration with caching for roles:

    ...
<sql-authorization-manager>
  <realm>sql-realm-name</realm>
  <use-authorization-key>false</use-authorization-key>
  <use-authorization-role-key>true</use-authorization-role-key>  
  <role-permission-cache>
    <expiry-millis>86400000</expiry-millis> <!-- 24 hours -->
    <maximum-size>10000</maximum-size>
  </role-permission-cache>
</sql-authorization-manager>
...
  

If you do not configure caching manually, HiveMQ applies the default cache settings. A full list of default settings for each pipeline is available in our documentation.

How it helps

Changing the default caching behavior of the Enterprise Security Extension helps to fine-tune authentication and authorization processes according to the configured external systems. You can now choose how quickly changes to the authentication and authorization databases are synchronized with your HiveMQ Enterprise Security Extension.

More Secure Custom Extension Classloading

HiveMQ 4.44 introduces enhanced Java class loading security for extensions. The new isolating extension classloader creates strict separation between extension class loading and broker class loading. This improvement follows industry best practices for security and prevents accidental class sharing or unclear class separation.

How it works

For custom-built extensions, test compatibility with HiveMQ 4.44 in your staging environment before production deployment. For example, if you encounter a java.lang.ClassNotFoundException error, your custom extension is attempting to access a HiveMQ broker Java class directly. You can resolve this by including the necessary libraries within your extension package.

NOTE: If your custom extension is running correctly, no further action is needed. If you need additional migration assistance, contact your HiveMQ support representative.

How it helps

The enhanced classloader architecture helps you prevent unintended class sharing and eliminates potential version conflicts between your custom extension and the HiveMQ broker Java classes. The new classloader provides stronger security isolation for your HiveMQ cluster and helps ensure predictable extension behavior across deployments.

Additional Features and Improvements

HiveMQ Enterprise MQTT Broker

• Added comprehensive polling state information to the diagnostic archive for improved troubleshooting and system monitoring.
• Redesigned the outbound message delivery mechanism for improved performance, smarter load balancing, and enhanced scalability across subscribers and extensions.
• Fixed a rare issue that could cause the broker to crash during a shutdown.
• Fixed an issue with single writer task execution that could cause the broker to crash during shutdown.
• Fixed an issue where the Diagnostic Archive could log an incorrect count of exported client sessions and shared subscriptions.

HiveMQ Control Center v2

• Added detailed shared subscription information to the Client subscriptions view

Get Started Today

To upgrade to HiveMQ 4.44 from a previous HiveMQ version, follow our HiveMQ Upgrade Guide. To learn more about all the features the HiveMQ Platform offers, explore the HiveMQ User Guide.