Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
The exclusive and auto-delete subscription options can be combined to create a private reply queue.
The current Apollo snapshot does not seem to always delete unconsumed messages, allowing a rogue client to consume them.
My test scenario:
- c1 subscribes to /queue/foo with exclusive:true and auto-delete:true and ack:client
- c1 sends messages with the appropriate reply-to header, expecting replies to go to /queue/foo
- (rogue) c2 subscribes to /queue/foo with the intent to steal messages, it does not get any because of exclusive:true
- c1 receives and acks messages and then decides to quit
- there are not yet delivered or not yet acked messages in the queue
- c1 unsubscribes and disconnects
- the broker delivers the pending messages to c2 before/while deleting the queue
IMHO, the broker should not deliver messages to c2 in this situation.
The best solution is probably to forbid subscribing to a queue that has a subscription with both exclusive:true and auto-delete:true.