TopicPermission priorities

PremiumBurger · May 9, 2020, 7:24am

Hi,

Im working on a HiveMQ CE extension. Im trying to implement a custom authorization approach using topic permissions within a ClientInitializer.

What I want to achieve is to DENY activity whithin a restricted topic tree using a the wildcard but ALLOW some specific activity wihtin this tree:

Builders.topicPermission()
                .topicFilter("restricted/#")
                .activity(TopicPermission.MqttActivity.ALL)
                .type(TopicPermission.PermissionType.DENY)
                .build();


Builders.topicPermission()
                .topicFilter("restricted/xyz/test")
                .activity(TopicPermission.MqttActivity.ALL)
                .type(TopicPermission.PermissionType.ALLOW)
                .build();

Is there a possibility that the specific permission is treated with higher priority than the wildcard permission? Actually as an exception to the wildcard permission…

Thanks for help!
PB

FloLi · May 9, 2020, 8:17am

Hi PremiumBurger,

The Priority of the permissions is set by the chronological order of the permissions.
Means that the first permissions that will be added is the first permission that will be checked.

I think in your case you added the wildcard permission first and then the specific permission.
Please try it the other way around.

If you still having problems, just ask.

Have a great weekend.

Regards
Florian Limpöck

PremiumBurger · May 9, 2020, 8:57am

Oh
That works!
Thanks for the tip!

FloLi · May 9, 2020, 9:29am

You are very welcome

Topic		Replies	Views
TopicPermission for topic containing + HiveMQ Extension SDK	1	999	August 30, 2020
Can't add permission to topic starting with $ HiveMQ Community Edition	2	722	September 16, 2019
Possible to Restrict Wildcards Per User?	2	554	February 25, 2021
Security on Topics	6	331	September 12, 2023
Subscribe possible without permission HiveMQ Community Edition	2	741	November 11, 2020

TopicPermission priorities

Related Topics