are there any best practice policies or advice on the following situation:
In an application each user needs his private channel for incoming notifications. In all those channels new messages may be published by a set of services provided by the backend which has its own role (or set of roles). Publishing to those channels can easily be restricted using the authentication role of the backend services and a dynamic authentication/authorization mechanism.
Now, what would be the best way to restrict the users to be able to subscribe only to their own channel, assuming all users have the same authentication role (e.g. ‘user’)? Right now i can think of the following
- Create a channel with random name for each user, e.g. ‘com.myapp.notifications.<random_string>’. Each user can access all channels by the access restrictions set by the authorization service, but a user knows only his own channel. Using brute force to subscribe to other channels is very difficult because of the big namespace (assuming the string is long and random). Personally i don’t like this approach very much as it does not give real security because it highly depends on trial and error.
Can you recommend another way how to realize this in a safe way?