Hi Pumudu, MQTT spec doesn't talk about a permission model, So IMO the closest error we can propagate to the client is "0x05 Connection Refused, not authorized".
With Regards, On Fri, Oct 2, 2015 at 6:17 PM, Pumudu Ruhunage <[email protected]> wrote: > Hi All, > > If a tenant don't have permission to subscribe to a given topic (tenant ' > a.com' try to subscribe to tenant 'b.com') currently it will keep > connected even though it's not subscribed, because user authentication was > successful. This is misleading to subscriber as no return code sent and > it's actively connected to broker. > AFAIK mqtt don't define how to handle tenancy scenarios in it's spec. > Couldn't find a definition in MQTT spec 3.1.0/3.1.1 on how to reject if > permission denied to subscribe to a given topic(due to tenancy). > > One option to handle this scenario is to send return code 5 (Connection > Refused, not authorized) to client if it doesn't have permission to > subscribe to given topic. This way client will disconnect if it don't have > permission to subscribe. Is this acceptable or are there any alternatives > to handle this scenario? > > jira https://wso2.org/jira/browse/MB-1409 > > Thanks, > Pumudu > -- > Pumudu Ruhunage > Associate Software Engineer | WSO2 Inc > M: +94 779 664493 | http://wso2.com > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Yasassri Ratnayake Software Engineer - QA WSO2 Inc ; http://wso2.com lean.enterprise.middleware *Mobile : +94715933168* *Blogs : http://yasassriratnayake.blogspot.com <http://yasassriratnayake.blogspot.com/>* * http://wso2logs.blogspot.com <http://wso2logs.blogspot.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
