You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by ianriley <ia...@lunaba.se> on 2016/12/05 18:08:34 UTC

broker message-level authorization and revoking authority

Hi,

We're using activemq as an mqtt broker. We're using OAuth2 for
authentication, which we've implemented via a brokerfilter that intercepts
connections, and checks whether the sender has a valid token. However, we'd
like to be able to do this whenever a client either publishes or consumes a
message, not just on connection - this is because we want the ability to
disconnect from a client if its token is revoked while the it is still
connected to the broker.
I see that we may be able to do this for consumers using the
MessageAuthorizationPolicy interface with the isAllowedToConsume method; but
I'm not sure how we would go about implementing a similar policy for
publishers.
The fact that I haven't found any posts on this topic make me think I may be
missing something obvious, so apologies in advance if that's the case.
Thanks for your help.

Ian



--
View this message in context: http://activemq.2283324.n4.nabble.com/broker-message-level-authorization-and-revoking-authority-tp4719771.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.