[zeromq-dev] SASL support?
Allan Wind
allan_wind at lifeintegrity.com
Mon Jan 25 20:21:42 CET 2010
On 2010-01-25T15:13:33, Adrian von Bidder wrote:
> From an application programmer's perspective, I'm not sure the network level
> is the right place for all of this. Especially authentication (encryption
> possibly less so) is often tightly coupled to authorization (key / token /
> passowrd / ... management based on software component / user / ...) which,
> to me, would suggest a layer that sits between 0MQ and the application.
It would be possible to tunnel between two trusted 0mq instances
(think <http://www.stunnel.org/>), no? It would make it an
optional component. Similar it should then be possible to
implement a gateway between that implement the necessary
authentication, authorization and accounting (AAA).
omniorb, I think, solved this by providing hooks (Interceptors)
for user supplied code to be called the right time (connect,
receipt of message etc). See
<http://omniorb.sourceforge.net/omni40/omniORB.pdf> p. 85ff.
/Allan
--
Allan Wind
Life Integrity, LLC
<http://lifeintegrity.com>
More information about the zeromq-dev
mailing list