Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request : Make reply only readable by original requester #664

Closed
1 of 2 tasks
nuharaf opened this issue Apr 3, 2018 · 3 comments
Closed
1 of 2 tasks

Feature request : Make reply only readable by original requester #664

nuharaf opened this issue Apr 3, 2018 · 3 comments
Assignees
@derekcollison

Comments

@nuharaf
Copy link

nuharaf commented Apr 3, 2018
edited
Loading

  • Defect
  • Feature Request or Change Proposal

Feature Requests

Use Case:

Presently, when using Request API , the reply can be read by any client subscribing to _INBOX.*.* or _INBOX.>. While client do not actually subscribe to _INBOX.*.* but instead _INBOX.<someRandomNUID>.* , it is still possible to do so. Making reply only readable by original requester fit better to request reply pattern

Proposed Change:

Add mechanism to disallow subscribing using wildcard (only explicit token allowed) for certain token level. Say, subscribing to notAWildcard.notaWildcard.* is allowed but to *.*.* is disallowed. A more general approach is adding negative permission (subject which not allowed to subscribe), but I thinks it is more complex.

Who Benefits From The Change(s)?

Developer using NATS for IoT devices

Alternative Approaches

  • Give each device different username. say Device-1 , Device-2 ... Device-n . Device then use _INBOX.DeviceID. for reply inbox and adjust configuration accordingly. Cons :
    -- config grow proportionaly with the amount of device.
    -- incompatibility with Request API
authorization {
  Device1 = {
    publish = ">"
    subscribe = "_INBOX.Device1.*"
  } 
 Device2 = {
    publish = ">"
    subscribe = "_INBOX.Device2.*"
  } 
 Device3 = {
    publish = ">"
    subscribe = "_INBOX.Device3.*"
  } 
...
  • Use separate account for each device (I hear multi tenant is coming soon), but I think it is to expensive.
@derekcollison
Copy link
Member

Thanks for the feedback, we have had several requests for this type of functionality. We will get something done.

@derekcollison derekcollison self-assigned this Apr 3, 2018
@derekcollison
Copy link
Member

We have some good insight into how this will work across accounts which are coming soon. But also just added PR to do negative permissions via 'deny" clauses.

#725

@derekcollison
Copy link
Member

We allow deny clauses and we also now have account support and anonymous replies for service endpoints that are imported. Closing for now, but feel free to open back up if needed.

@nuharaf nuharaf mentioned this issue Nov 3, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@derekcollison derekcollison

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@derekcollison @nuharaf