[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Updated: (MQTT-52) Handling permission problems
[ http://tools.oasis-open.org/issues/browse/MQTT-52?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Coppen updated MQTT-52: ------------------------------- Component/s: core (was: edits) > Handling permission problems > ---------------------------- > > Key: MQTT-52 > URL: http://tools.oasis-open.org/issues/browse/MQTT-52 > Project: OASIS Message Queuing Telemetry Transport (MQTT) TC > Issue Type: Improvement > Components: core > Affects Versions: 3.1.1 > Reporter: Richard Coppen > Fix For: 3.1.1 > > > What should a server do if a client attempts to perform an operation that is disallowed? > For example: > 1. Attempts to publish to a topic for which they do not have permission > The input specification (which is not based on RFC2119 terminology) provides ambiguous guidance for such a scenario. > "Note that if a server implementation does not authorize a PUBLISH to be made by a client; it has no way of informing that client. It must therefore make a positive acknowledgement, according to the normal QoS rules, and the client will not be informed that it was not authorized to publish the message." > This behavior is problematic (strictly enforced or not) since a valid client talking to a poorly configured server will continue to process work unaware of the problem. In practice it is very difficult, if not impossible, to write a client application with error handling and recovery logic to defend against it. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]