Open tommas-factorylab opened 5 years ago
tommas-factorylab
commented
5 years ago Furthermore, am I correct to think that it is not possible to include a specific auth_id of an excluded auth_role? The way I understand the RFC, once a subscriber is excluded in any way, it wont receive the message, even if the inclusion is more specific than the exclusion.. Is this correct?
oberstet
commented
5 years ago pls find a complete example here https://github.com/crossbario/crossbar-examples/tree/master/exclude_subscribers
tommas-factorylab
commented
5 years ago Hi,
I am aware of the example provided, but in that case clients communicative via the router with each other. I am trying to get router components to communicate with each other via exclusion/inclusion, and this does not seem to be working as documented. Hence I suspect and issue.
The second question was an extra question that I have. I thought it would be better if a did not also start a question via the mailing list. If you prefer that, that is fine.
I would appreciate if you could reopen the issue.
oberstet
commented
5 years ago ok, sorry, the fact that you specifically refer to router components did get lost on me;) the example https://github.com/crossbario/crossbar-examples/tree/master/exclude_subscribers could be easily expanded by adding a 2nd node config that loads the example components, or a 3rd config that loads the components in a container worker. because those are the actual technical options.
in general, router components should only be used for dynamic authenticators/authorizers, not general app components. and even those, better run in container workers if security and robustness concerns are overweighted vs ("first request") performance
Hi,
Topic whitelisting between router components does not seem to work. I have a subscriber with role 'a' that is subscribed to topic 'uri'. If I then publish using the code below, the message is not received bu the subscriber:
self.publish(u'uri', message, options=PublishOptions(eligible_authrole=[u'a']))I would expect that my subscriber does receive the message. Is this correct?