ltm rule command MQTT username

iRule(1)					  BIG-IP TMSH Manual					     iRule(1)

MQTT::username
       Get or set user-name field of MQTT CONNECT message.

SYNOPSIS
       MQTT::username (NAME)?

DESCRIPTION
       This command can be used to get or set username field of MQTT message.  This command is valid only for
       following MQTT message types:

	   CONNECT

       Syntax

       MQTT::username [  ]

       MQTT::username
	   * Get the user-name field of MQTT CONNECT message.

       MQTT::username 
	   * Set the user-name field of MQTT CONNECT message to specified string.

RETURN VALUE
       When called without an argument, this command returns the user-name field of MQTT CONNECT message.

VALID DURING
       MQTT_CLIENT_INGRESS MQTT_SERVER_INGRESS MQTT_CLIENT_DATA MQTT_SERVER_DATA MQTT_CLIENT_EGRESS
       MQTT_SERVER_EGRESS

EXAMPLES
	#Enrich MQTT username with SSL client-certificate common name, reject unauthorized accesses:
	when CLIENT_ACCEPTED {
	    set cn ""
	}

	when CLIENTSSL_CLIENTCERT {
	    set cn [ lindex [ split [lindex [ split [X509::subject [SSL::cert 0]] "," ] 0 ] "=" ] 1 ]
	    log local0. "Client Cert Common Name: $cn"
	}

	when MQTT_CLIENT_INGRESS {
	    if {[MQTT::type] == "CONNECT"} {
		if {$cn == ""} {
		    MQTT::drop
		    MQTT::respond type CONNACK return_code 5
		} else {
		    set user [MQTT::username]
		    MQTT::username "$cn:$user"
		}
	    }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-13.0.0 --First introduced the command.

BIG-IP						      2020-06-23					     iRule(1)