OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

mqtt message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Created: (MQTT-52) Handling permission problems

Handling permission problems

                 Key: MQTT-52
                 URL: http://tools.oasis-open.org/issues/browse/MQTT-52
             Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
          Issue Type: Improvement
          Components: edits
    Affects Versions: 3.1.1
            Reporter: Richard Coppen
             Fix For: 3.1.1

What should a server do if a client attempts to perform an operation that is disallowed?
For example:
1. Attempts to publish to a topic for which they do not have permission

The input specification (which is not based on RFC2119 terminology) provides ambiguous guidance for such a scenario. 

"Note that if a server implementation does not authorize a PUBLISH to be made by a client; it has no way of informing that client. It must therefore make a positive acknowledgement, according to the normal QoS rules, and the client will not be informed that it was not authorized to publish the message."

This behavior is problematic (strictly enforced or not) since a valid client talking to a poorly configured server will continue to process work unaware of the problem. In practice it is very difficult, if not impossible, to write a client application with error handling and recovery logic to defend against it.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]