PublishAuthorizer, SubscriptionAuthorizer class is getting triggered post PublishInboundInterceptor and SubscribeInboundInterceptor

Hi Team,

We are working on the extension logic in our project the expected flow for subscribe and publish should be authentication → publish/subscribe Authorizer → PublishInboundInterceptor/SubscribeInboundInterceptor.

However while performing integration testing on the extension code the flow seen
authentication → PublishInboundInterceptor/SubscribeInboundInterceptor → publish/subscribe Authorizer

Could you please look into this and let us know if it is an expected extension behaviour?

Hi neha.khan,

Welcome to the board and glad you are interested in HiveMQ extension development.

To answer your question. Yes it is expected behaviour. Interception happens before Authorization.

Regards Flo

1 Like

Thanks @FloLi for such a quick response!
Since expected flow is Authentication → Authorization → Publish/Subscribe implementation.

Could you suggest a better way to approach the same i.e., Alternative for PublishInboundInterceptor/ SubscribeInboundInterceptor
or Publish/Subscribe Authorizer?

Hello @neha.khan ,

The flow that you have asked about is the expected behaviour:

What is that the alternative you are looking for? What is your use case?

Dasha from HiveMQ team

Hi @Daria_H,

The use case is we have some custom logic for when a client publish a message or subscribe to a topic but before that we want to do authorization.


Hi @neha.khan

As you decide the authorization in your custom authorizer, cant you just implement your custom logic in the Publish/Subscribe authorizer?

Maybe something like this:

new PublishAuthorizer() {
    public void authorizePublish(
            @NotNull final PublishAuthorizerInput publishAuthorizerInput,
            @NotNull final PublishAuthorizerOutput publishAuthorizerOutput) {
        final boolean publishAuthorized = checkAuthorized(publishAuthorizerInput);
        if(publishAuthorized) {
        } else {

Regards Flo