[
https://issues.apache.org/jira/browse/ARTEMIS-3913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17574269#comment-17574269
]
Justin Bertram commented on ARTEMIS-3913:
-----------------------------------------
The problem with the {{catch}} block you've added in {{MQTTProtocolHandler}} is
that a plugin could throw an {{MQTTRuntimeException}} when handling _any_ kind
of packet, not just a {{CONNECT}} packet. However, sending a {{CONNACK}} packet
is _only_ valid when handling a {{CONNECT}} packet.
I would recommend that instead of using a broker plugin you implement your own
security manager. This is discussed in [the
documentation|https://activemq.apache.org/components/artemis/documentation/latest/security.html#custom-security-manager],
and there is an example in {{examples/features/standard/security-manager}}
that demonstrates how to do this. The {{authenticate}} method of the security
manager receives a
{{org.apache.activemq.artemis.spi.core.protocol.RemotingConnection}} which will
have the client ID set. You can validate the client ID and throw an
{{org.apache.activemq.artemis.api.core.ActiveMQSecurityException}} if the
validation fails. This will send a {{CONNACK}} with a reason code of {{134}} if
it's an MQTT 5 client or {{5}} otherwise. See
{{org.apache.activemq.artemis.core.protocol.mqtt.MQTTProtocolHandler#validateUser}}
for reference.
> MQTTReasonCodes byte loss of precision,must int type
> ----------------------------------------------------
>
> Key: ARTEMIS-3913
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3913
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: gongping.zhu
> Priority: Major
> Attachments: image-2022-08-02-08-23-52-965.png,
> image-2022-08-02-08-24-39-288.png, image-2022-08-02-08-31-01-074.png,
> image-2022-08-02-08-42-24-117.png, image-2022-08-02-08-43-39-442.png,
> image-2022-08-02-08-45-11-459.png, image-2022-08-02-08-54-34-267.png
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)