Hi, When a client is connecting with AMQP 1.0 to the C++ broker and the node from which it wants to consume messages doesn't exist, the broker throws an amqp:not-found error even when ACL rules deny the user to access or publish from the given node (queue).
For a security reasons, I would assume that the ACL check for access or publish rules should be done before revealing that the queue doesn't exist. The broker should not reveal any details about its configuration if the ACL rights don't allow it. This problem might to some extent exist also with AMQP 0.10. But the Qpid AMQP 0.10 clients always query the existence of a queue/exchange before connecting to it and the QueueQuery / QueueDeclare calls are ACL protected, so the Qpid based AMQP 0.10 client always receives the ACL error before the not-found error. But I guess if you skip the QueueQuery / QueueDeclare and go directly to MessageSubscribe the same problem as with AMQP 1.0 might exist in AMQP 0.10 as well. Do you think it makes sense to change this behaviour? Is it worth raising a JIRA? Thanks & Regards Jakub
