Can a BrokerFilter be used to message-level authorization of messages sent from one broker to another in a network of brokers?
Suppose you have a hub and spoke architecture, where there may be many 'spoke brokers' that connect to one hub broker using duplex connections. In this topology, we want to have all security policies enforced in the hub broker (i.e. assume that spoke brokers can be compromised). We have partitioned our topic namespace so that each spoke broker has a well-defined subset of topics that it may use. I have implemente a custom AuthorizationMap that can prevent a client on one spoke from subscribing to topics from another spoke. However, Advisory messages are propagated to all brokers, so one can look at the Jetty admin console and see the entire namespace of all topics. I'd like to do message-level filtering of advisories so that each spoke only sees advisories for its subset of topics. It appeared to me that Message-Level Authorization would give me the hook I need, but I discovered that this applies only to filtering of messages between client applications and a broker, whereas I need the filtering on the network connection between brokers. I'm now studying the BrokerFilter interface which seems promising, but I'd appreciate it if anyone can save me some time by telling me either that 1) no, BrokerFilter can't do this, or 2) yes, BrokerFilter can, and then give short outline of how to do it. Thanks, Jim Lloyd
