> I would like to better understand how this is supposed to work... What specifically do you not understand?
> ...and see if there are any improvements that could be made here. I imagine improvements could be made, but that question is pretty vague. Are you referring specifically to your suggestion on the Jira? You asked, "...could it perhaps make sense for Artemis throw an error if the `HDR_VALIDATED_USER` contents, if present, do not match the `validatedUser` for the connection on the server side? Otherwise, how can downstream applications have access to the authenticated user for a given incoming AMQP message?" I didn't quite understand your question. Are you asking if Artemis could be changed so that if the user sending the message sets the "_AMQ_ValidatedUser" property with a value that doesn't match the name of the user which the broker validates for that user's connection then the broker would reject the message with an exception? For what it's worth, a foundational tenet of most messaging applications (especially asynchronous ones) is a fundamental separation of consumers and producers. Generally speaking this simplifies application design and facilitates better scaling. By having the consumers care about who sent the message they are consuming this tenet is broken. You may want to revisit your application design to see if this is absolutely necessary. To be clear, this feature was implemented in Artemis for backwards compatibility with ActiveMQ 5.x. Justin On Wed, Jun 3, 2020 at 9:17 AM Dirkjan Ochtman <d...@apache.org> wrote: > Hi there, > > I posted in ARTEMIS-2751 about how one might check the provenance of > incoming AMQP messages, but so far haven't seen any response. I would like > to better understand how this is supposed to work and see if there are any > improvements that could be made here. > > Kind regards, > > Dirkjan >
