During our tests we discovered a strange broker behavior (may be a new bug) that affects the durable subscription done by mqtt client with virtual topic enabled.
We set up clients ACL using the amq simpleAuthenticationPlugin (the ACLs are on top of the test sclass AclVtTest).
We connected a mqtt client with a client id ending with 2 numbers (for example clientId-10) and subscribe (durable) to a topic (someprefix/client10). Then connect a second mqtt client with a client id ending with the first of the 2 numbers of the previous client (for example clientId-1) and subscribe (durable) to a topic (someprefix/client1). What happens is that the second client tries also to subscribe someprefix/client10.
We attached a unit test to verify that. If you take a look to the broker log you can see clearly the SecurityException raised by the broker in the testAclDurableVt test when the second client tries to connect and subscribe. This exception isn’t raised for example if the clients use a suffix after the numbers (test testAclDurableVtWithSuffix).