[
https://issues.apache.org/jira/browse/DISPATCH-8?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15491211#comment-15491211
]
Chuck Rolke commented on DISPATCH-8:
------------------------------------
Using qpid-cpp/qpidd as a model, messages could be rejected when:
# The message arrives over an authenticated user connection.
# The message.properties.user_id is present and not blank
# The message.properties.user_id is not equal to the authenticated user name
The message will be discarded and a Disposition of Rejected returned to sender.
A few considerations:
* Are the conditions stated above sufficient?
* Do we ever want to inject a user_id value when it arrives blank?
> Message:user-id must be authenticated on ingress
> ------------------------------------------------
>
> Key: DISPATCH-8
> URL: https://issues.apache.org/jira/browse/DISPATCH-8
> Project: Qpid Dispatch
> Issue Type: Bug
> Affects Versions: 0.1
> Reporter: Ted Ross
> Assignee: Chuck Rolke
> Priority: Critical
> Fix For: 0.7.0
>
>
> When a message is received on an ingress link (i.e. from an originating
> endpoint) and the message has a user-id field in its properties, that user-id
> must be authenticated.
> At first, this means that the user-id must be the same as that which was used
> to authenticate the connection.
> There may be other means of authenticating user-ids in the future, but
> Dispatch must not simply pass them on unchecked.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
