TopicPermission priorities

Hi,

Im working on a HiveMQ CE extension. Im trying to implement a custom authorization approach using topic permissions within a ClientInitializer.

What I want to achieve is to DENY activity whithin a restricted topic tree using a the wildcard but ALLOW some specific activity wihtin this tree:

Builders.topicPermission()
                .topicFilter("restricted/#")
                .activity(TopicPermission.MqttActivity.ALL)
                .type(TopicPermission.PermissionType.DENY)
                .build();


Builders.topicPermission()
                .topicFilter("restricted/xyz/test")
                .activity(TopicPermission.MqttActivity.ALL)
                .type(TopicPermission.PermissionType.ALLOW)
                .build();

Is there a possibility that the specific permission is treated with higher priority than the wildcard permission? Actually as an exception to the wildcard permission…

Thanks for help!
PB

Hi PremiumBurger,

The Priority of the permissions is set by the chronological order of the permissions.
Means that the first permissions that will be added is the first permission that will be checked.

I think in your case you added the wildcard permission first and then the specific permission.
Please try it the other way around.

If you still having problems, just ask.

Have a great weekend.

Regards
Florian Limpöck

2 Likes

Oh :man_facepalming:
That works!
Thanks for the tip!

1 Like

You are very welcome

1 Like