[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Created: (MQTT-52) Handling permission problems
Handling permission problems
----------------------------
Key: MQTT-52
URL: http://tools.oasis-open.org/issues/browse/MQTT-52
Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
Issue Type: Improvement
Components: edits
Affects Versions: 3.1.1
Reporter: Richard Coppen
Fix For: 3.1.1
What should a server do if a client attempts to perform an operation that is disallowed?
For example:
1. Attempts to publish to a topic for which they do not have permission
The input specification (which is not based on RFC2119 terminology) provides ambiguous guidance for such a scenario.
"Note that if a server implementation does not authorize a PUBLISH to be made by a client; it has no way of informing that client. It must therefore make a positive acknowledgement, according to the normal QoS rules, and the client will not be informed that it was not authorized to publish the message."
This behavior is problematic (strictly enforced or not) since a valid client talking to a poorly configured server will continue to process work unaware of the problem. In practice it is very difficult, if not impossible, to write a client application with error handling and recovery logic to defend against it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]