Topic ownership enables you to give a specific security principal special access to a topic when the topic is created. Ownership grants READ_TOPIC, MODIFY_TOPIC and UPDATE_TOPIC permissions for the topic to sessions authenticated with that principal.

Use the OWNER topic property to set ownership.

The format of the property value is:

$Principal is "name"

where name is the name of the principal.

Topic ownership is useful in cases where you need a principal that can create topics on behalf of other users that may not have permission to create topics themselves.

Topic ownership grants additional permissions to the named principal, it does not remove permissions for other users.

Topic ownership can, however, be used in combination with other security features, such as path isolation, to provide a 'private' topic for a given user. This can be useful in cases where your application requires a user to have privileged access to their own special topic. For example, it might be a private topic that only the user should see, or each user might have their own topic used to broadcast status information to other users.

All other sessions will only have the permissions granted by the security store.

Automatic topic removal can be used to remove a principal's private topic if that principal no longer has an active session for a period of time.

Topic ownership and topic views

Topic views respect the OWNER property when evaluating source topics. As a result, a source topic is selected for evaluation by a topic view if the principal of the topic view is the same as the owner of the source topic.

The OWNER property (if present) is copied from a source topic to all reference topics that are derived from it. Granting ownership of a source topic also grants ownership of all derived reference topics.

Both the topic view principal and the OWNER property (if set) are treated as owners of a reference topic. This means that the principal of the view which created a reference topic has full access to it, as well as any OWNER principal specified.