michaelklishin
commented
5 years ago There's already an issue for that https://github.com/rabbitmq/rabbitmq-mqtt/issues/152.
Closed kbudde closed 5 years ago
michaelklishin
commented
5 years ago There's already an issue for that https://github.com/rabbitmq/rabbitmq-mqtt/issues/152.
michaelklishin
commented
5 years ago No, that's not really a duplicate but this plugin doesn't control what kind of context it gets, so I'll file a separate one in the MQTT plugin.
acogoluegnes
commented
5 years ago @kbudde Have you tried actually? Because client_id should be propagated to the HTTP backend, at least for topic authorization.
The MQTT plugin adds the client_id to the context for topic authorization: https://github.com/rabbitmq/rabbitmq-mqtt/blob/d92fa2aed107147e4bab1ae8cc0dc5dddfcc4b75/src/rabbit_mqtt_processor.erl#L855-L863
The HTTP backend plugin propagates it to the actual backend: https://github.com/rabbitmq/rabbitmq-auth-backend-http/blob/96d66359c2f122fd5f05f958a18050e601bb53de/src/rabbit_auth_backend_http.erl#L75-L84
kbudde
commented
5 years ago Hi,
the client_id is there for topic authorization. It is as well included in the header of the user request with a different name (var_map..)
According to the documentation https://www.rabbitmq.com/access-control.html#topic-authorisation the client_id can be used in topic authorisation.
Is the client_id currently provided to the web server? If not I think it makes sense to add this information to at least user_path and topic_path requests.