[jira] [Comment Edited] (AMQ-9472) Wildcard publisher auto-creates wildcard topic and breaks authorization

Mon, 08 Apr 2024 16:39:04 -0700 


    [ 
https://issues.apache.org/jira/browse/AMQ-9472?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17835076#comment-17835076
 ] 

Christopher L. Shannon edited comment on AMQ-9472 at 4/8/24 11:38 PM:
----------------------------------------------------------------------

I think this issue should be closed as "Not a Problem" or 'Won't Fix" and I 
explained why on the PR: 
[https://github.com/apache/activemq/pull/1198|https://github.com/apache/activemq/pull/1198#issuecomment-2043752900]

The reason is that we are not going to change how consumers work with regards 
to adding multiple subscriptions if it matches a wildcard

*Edit:* I think if we wanted to do anything here it would be more considered a 
new feature or improvement and not a bug fix and need to be configurable as 
explained in: 
https://github.com/apache/activemq/pull/1198#issuecomment-2043856614


was (Author: christopher.l.shannon):
I think this issue should be closed as "Not a Problem" or 'Won't Fix" and I 
explained why on the PR: 
[https://github.com/apache/activemq/pull/1198|https://github.com/apache/activemq/pull/1198#issuecomment-2043752900]

The reason is that we are not going to change how consumers work with regards 
to adding multiple subscriptions if it matches a wildcard

> Wildcard publisher auto-creates wildcard topic and breaks authorization
> -----------------------------------------------------------------------
>
>                 Key: AMQ-9472
>                 URL: https://issues.apache.org/jira/browse/AMQ-9472
>             Project: ActiveMQ Classic
>          Issue Type: Bug
>          Components: Broker
>            Reporter: Albertas Vyšniauskas
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> Hi,
> after publishing a message to wildcard topic, a wildcard topic is 
> auto-created and interacts poorly with authorization rules.
> Suppose that authorization map contains the following entries:
> <authorizationEntry read="admin" write="admin" admin="admin" topic=">" />
> <authorizationEntry read="user" topic="A.B" />
> Admin creates "A.B" topic and publishes a message to "A.>" causing 
> auto-creation of "A.>" topic.
> User attempts to consume "A.B" topic, but receives "User user is not 
> authorized to read from: topic://A.>" error.
> I asked on user mailing list if wildcard publishing is supposed to work at 
> all, as I could not find any documentation about that. Unfortunately I did 
> not receive any response, so I have to assume that it does.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to