diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml
index d9d1c47e..5d27d54c 100644
--- a/compose/docker-compose.yml
+++ b/compose/docker-compose.yml
@@ -111,9 +111,9 @@ services:
     restart: unless-stopped
     volumes:
       - /root/mosquitto.conf:/mosquitto/config/mosquitto.conf
+      - /root/dynamic-security.json:/mosquitto/config/dynamic-security.json
       - mosquitto_data:/mosquitto/data
       - mosquitto_logs:/mosquitto/log
-      - shared_certs:/mosquitto/certs
     expose:
       - "8883"
     labels:
diff --git a/docker/dynamic-security.json b/docker/dynamic-security.json
new file mode 100755
index 00000000..374b4720
--- /dev/null
+++ b/docker/dynamic-security.json
@@ -0,0 +1,54 @@
+{
+	"clients":	[{
+			"username":	"bob",
+			"textName":	"Dynsec admin user",
+			"password":	"JEfqgJum2mlJa51WTGdvEAs2Rnc8vno14yAsAhxbjo9nKs0GAgL0+YM2iOUaW/GFK8L/B0EkbP5qd1AeyBdRTg==",
+			"salt":	"MgoCdNVGYMqJh+nU",
+			"iterations":	101,
+			"roles":	[{
+					"rolename":	"admin"
+				}]
+		}],
+	"roles":	[{
+			"rolename":	"admin",
+			"acls":	[{
+					"acltype":	"publishClientSend",
+					"topic":	"$CONTROL/dynamic-security/#",
+					"allow":	true
+				}, {
+					"acltype":	"publishClientReceive",
+					"topic":	"$CONTROL/dynamic-security/#",
+					"allow":	true
+				}, {
+					"acltype":	"subscribePattern",
+					"topic":	"$CONTROL/dynamic-security/#",
+					"allow":	true
+				}, {
+					"acltype":	"publishClientReceive",
+					"topic":	"$SYS/#",
+					"allow":	true
+				}, {
+					"acltype":	"subscribePattern",
+					"topic":	"$SYS/#",
+					"allow":	true
+				}, {
+					"acltype":	"publishClientReceive",
+					"topic":	"#",
+					"allow":	true
+				}, {
+					"acltype":	"subscribePattern",
+					"topic":	"#",
+					"allow":	true
+				}, {
+					"acltype":	"unsubscribePattern",
+					"topic":	"#",
+					"allow":	true
+				}]
+		}],
+	"defaultACLAccess":	{
+		"publishClientSend":	false,
+		"publishClientReceive":	true,
+		"subscribe":	false,
+		"unsubscribe":	true
+	}
+}
\ No newline at end of file
diff --git a/docker/mosquitto.conf b/docker/mosquitto.conf
index 8d3ab239..6c3f215b 100644
--- a/docker/mosquitto.conf
+++ b/docker/mosquitto.conf
@@ -1,12 +1,20 @@
-per_listener_settings true
+# per_listener_settings true
 
-listener 8883
-allow_anonymous false
-require_certificate true
-use_identity_as_username true
-cafile /mosquitto/certs/root.pem
-certfile /mosquitto/certs/server.pem
-keyfile /mosquitto/certs/server.key
+# listener 8883
+# allow_anonymous false
+# require_certificate true
+# use_identity_as_username true
+# cafile /mosquitto/certs/root.pem
+# certfile /mosquitto/certs/server.pem
+# keyfile /mosquitto/certs/server.key
+
+# listener 1883
+# allow_anonymous true
+
+per_listener_settings false
 
 listener 1883
-allow_anonymous true
+allow_anonymous false
+plugin /usr/lib/mosquitto_dynamic_security.so
+plugin_opt_config_file /mosquitto/config/dynamic-security.json
+