I have a service bus topic with 50 subscribers with their own filters. How I can secure a message from rest of 49 subscriber if some one guess the subscriber name? Is there anyway I can validate subscriber credentials?
Right now my plan B is create a 50 queues, so that each one will have their own secured connection string. Could some one suggest right approach?
If you want to stay within a single namespace and still ensure that tenants cannot see other messages, you could go with a path hierarchy (tenant1/queue, tenant2/queue) and a custom token provider. Custom token provider would be deciding based on the tenant making request if an entity (queue can be accessed or not.
You could build a web service that a user authenticates with and the web service would hand the appropriate token that carries the desired rights, and the management of those rights happens in the Service Bus SAS rules. Issued token would span an entity a user has access to.
