[jira] [Created] (AMQ-5160) MQTT retained messages bypass Authentication / Authorization

Surf (JIRA) Wed, 23 Apr 2014 14:05:54 -0700

Surf created AMQ-5160:
-------------------------

             Summary: MQTT retained messages bypass Authentication / 
Authorization
                 Key: AMQ-5160
                 URL: https://issues.apache.org/jira/browse/AMQ-5160
             Project: ActiveMQ
          Issue Type: Bug
          Components: MQTT
    Affects Versions: 5.9.1
            Reporter: Surf
            Priority: Critical



I am using MQTT on AMQ 5.9.1
After latest MQTT hardening from [~dhirajsb] , there is an issue of MQTT 
retained messages.

Simple case:
Set Authentication / Authorization for two different TOPICS.
Send retained message to one topic.

Try to subscribe "#" with other second user.
It will show retained messages published by TOPIC 1. 

here i have attached test configurations.





--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Created] (AMQ-5160) MQTT retained messages bypass Authentication / Authorization

Reply via email to