Hi All, If a tenant don't have permission to subscribe to a given topic (tenant ' a.com' try to subscribe to tenant 'b.com') currently it will keep connected even though it's not subscribed, because user authentication was successful. This is misleading to subscriber as no return code sent and it's actively connected to broker. AFAIK mqtt don't define how to handle tenancy scenarios in it's spec. Couldn't find a definition in MQTT spec 3.1.0/3.1.1 on how to reject if permission denied to subscribe to a given topic(due to tenancy).
One option to handle this scenario is to send return code 5 (Connection Refused, not authorized) to client if it doesn't have permission to subscribe to given topic. This way client will disconnect if it don't have permission to subscribe. Is this acceptable or are there any alternatives to handle this scenario? jira https://wso2.org/jira/browse/MB-1409 Thanks, Pumudu -- Pumudu Ruhunage Associate Software Engineer | WSO2 Inc M: +94 779 664493 | http://wso2.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
