Each file consists of one or more authentication records, each of which contains four fields:

• A line that starts with two forward slashes (//) or a pound sign (#) is considered a comment and ignored.
• The fields of each authentication record are separated by colons (:).
• Any white space before, after, or between fields, is ignored. If the field value contains a space, you need to add an escape character, the backslash (\), before the space. When a backslash is encountered, the following character loses any special significance and is used as is.

The clientConnect.conf, brokerConnect.conf, and serverConnect.conf are read from top to bottom. For example, when a client selects a record for automatic authentication, it uses the first record with a matching target and username. If that username is denied a connection by the server, the client does not try again. The ordering of authentication records is important because you can use wildcards for certain fields. In general, more specific authentication records should be listed first.