netmq
netmq copied to clipboard
zeromq
Authentication
No, it's not implemented into NetMQ. You may very well plug your own authentication method on the messages you are working with.
Consider using JWT (JSON Web Tokens) - https://jwt.io/ It's damn simple and straightforward to use. There's already libraries on Nuget implementing this.
Otherwise, NetMQ and ZeroMQ are frameworks to care about the transport layer, and only that.
Best, J.W.
Em qui, 13 de out de 2016 às 17:05, awb99 [email protected] escreveu:
Is authentication implemented in NetMQ? Environment
NetMQ Version: Operating System: .NET Version:
Expected behaviour Actual behaviour Steps to reproduce the behaviour
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620, or mute the thread https://github.com/notifications/unsubscribe-auth/AA4zG7CnEzWTHITB6hhZTb1OT1OtBoVdks5qzo7ygaJpZM4KWTs- .
I see. Is there a way how to close a connection? So say I do a challenge / response authentication.. And if this fails the server closes the connection. Can I do whitelist to accept connections? Any way how a pub socket can wait in publishing data until it has been authenticated?
I am planning of implementing a token based permisisoning system based on this example :+1: http://somdoron.com/2014/12/token-pubsub/
But what I don't get is, if the publisher only sends data to the correct client. Or if one really would have to encrypt all data that is sent via the publisher, so that only authenticate clients can access the data.
I did read that zmq publisher does publish to ALL connected clients ALL subscribed data.
If you do it correctly, only to the correct clients.
On Oct 14, 2016 1:45 PM, "forteco" [email protected] wrote:
I am planning of implementing a token based permisisoning system based on this example 👍 http://somdoron.com/2014/12/token-pubsub/
But what I don't get is, if the publisher only sends data to the correct client. Or if one really would have to encrypt all data that is sent via the publisher, so that only authenticate clients can access the data.
I did read that zmq publisher does publish to ALL connected clients ALL subscribed data.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620#issuecomment-253768110, or mute the thread https://github.com/notifications/unsubscribe-auth/AClv9mrQZuEFSgOtDTLYpXOrSRkmGB7Lks5qz11LgaJpZM4KWTs- .
@somdoron: so in your token-pubsub solution, if there are two different clients connected to the same server via tcp, and they subscribe to 2 differnent instruments, then they should NOT get the instruments subscribed by the other client? I believe with an older verion of the c zmq engine, it would have sent it on the wire. And only the library would not show it. So Net MQ is different in this regards then... OR: the new ZMQ library also does it now differently (which would make sense).
Both in libzmq and netmq you need to enable manual subscriptions. Instruments wont arrive if not allowed
On Fri, Oct 14, 2016, 14:40 forteco [email protected] wrote:
@somdoron https://github.com/somdoron: so in your token-pubsub solution, if there are two different clients connected to the same server via tcp, and they subscribe to 2 differnent instruments, then they should NOT get the instruments subscribed by the other client? I believe with an older verion of the c zmq engine, it would have sent it on the wire. And only the library would not show it. So Net MQ is different in this regards then...
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620#issuecomment-253777189, or mute the thread https://github.com/notifications/unsubscribe-auth/AClv9sDcxvDKn7RmNwnHtueFByU3ePCUks5qz2oXgaJpZM4KWTs- .
Would you please tell how to enable manual subscriptions? Tks!
Em sex, 14 de out de 2016 08:45, Doron Somech [email protected] escreveu:
Both in libzmq and netmq you need to enable manual subscriptions. Instruments wont arrive if not allowed
On Fri, Oct 14, 2016, 14:40 forteco [email protected] wrote:
@somdoron https://github.com/somdoron: so in your token-pubsub solution, if there are two different clients connected to the same server via tcp, and they subscribe to 2 differnent instruments, then they should NOT get the instruments subscribed by the other client? I believe with an older verion of the c zmq engine, it would have sent it on the wire. And only the library would not show it. So Net MQ is different in this regards then...
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620#issuecomment-253777189, or mute the thread < https://github.com/notifications/unsubscribe-auth/AClv9sDcxvDKn7RmNwnHtueFByU3ePCUks5qz2oXgaJpZM4KWTs-
.
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620#issuecomment-253778098, or mute the thread https://github.com/notifications/unsubscribe-auth/AA4zG_kJV2Or-Y_-OwhSSwwEHfKtVirGks5qz2tcgaJpZM4KWTs- .
@somdoron Since nobody made a RPC library for NetMQ, I hacked a RabbitMQ RPC library, to use NetMQ: https://github.com/awb99/NetMQ.RPC
A simple calculator service accessible via RPC via NetMQ Request/Response sockets.
Very cool, let me know if you want to move it to netmq organization on github:
Github.com/netmq
@somdoron I would be honored! But please keep in mind, that I quickly hacked the project..
Will give you a permission later today, also take a look at https://github.com/somdoron/NetMQ.High
You might learn some relevant patterns.
On Sun, Oct 23, 2016, 16:31 awb99 [email protected] wrote:
@somdoron https://github.com/somdoron I would be honored! But please keep in mind, that I quickly hacked the project..
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620#issuecomment-255588725, or mute the thread https://github.com/notifications/unsubscribe-auth/AClv9ssdhgretEyaHmBC4CWJVRFjxCGRks5q22G4gaJpZM4KWTs- .
Yes, it is somdoron.
Also you can contact me by email at:
somdoron AT gmail DOT com
On Wed, Oct 26, 2016 at 11:19 PM, awb99 [email protected] wrote:
Do you have Skype? I would like to discuss some ides for the rpc library
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/zeromq/netmq/issues/620#issuecomment-256464944, or mute the thread https://github.com/notifications/unsubscribe-auth/AClv9rUOPsvwm7a4IOCZshQ8LRVsli7pks5q37XggaJpZM4KWTs- .
Is it worth reconsidering this issue? I am attempting to write a client for a server that is not in my control. It utilises zmq's plain text authentication. http://api.zeromq.org/master:zmq-plain See also [ZMQ_PLAIN_USERNAME] [ZMQ_PLAIN_PASSWORD], and [ZMQ_ZAP_DOMAIN] sections in http://api.zeromq.org/master:zmq-setsockopt, which are relevant to my requirements.
That effort is ongoing and will probably be implemented in a month (during the zeromq hackathon)
Is there any news on plain username & password authentication being implemented? Wanted to use it to connect to a publisher on the same network but unfortunately it does not seem to be available for .net yet. I even thought about implementing the client-side of plain authentication in netmq myself, following this description in the docs but I'm not sure, if I could do it.
Anything else the subscriber has to do for plain authentication except adding username and password to the hello message?
That effort is ongoing and will probably be implemented in a month (during the zeromq hackathon)
This issue has been automatically marked as stale because it has not had activity for 365 days. It will be closed if no further activity occurs within 56 days. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
