[zeromq-dev] SASL support?

Allan Wind allan_wind at lifeintegrity.com
Mon Jan 25 20:21:42 CET 2010

On 2010-01-25T15:13:33, Adrian von Bidder wrote:
> From an application programmer's perspective, I'm not sure the network level 
> is the right place for all of this.  Especially authentication (encryption 
> possibly less so) is often tightly coupled to authorization (key / token / 
> passowrd / ... management based on software component / user / ...) which, 
> to me, would suggest a layer that sits between 0MQ and the application.

It would be possible to tunnel between two trusted 0mq instances 
(think <http://www.stunnel.org/>), no?  It would make it an 
optional component. Similar it should then be possible to 
implement a gateway between that implement the necessary 
authentication, authorization and accounting (AAA).

omniorb, I think, solved this by providing hooks (Interceptors) 
for user supplied code to be called the right time (connect, 
receipt of message etc).  See 
<http://omniorb.sourceforge.net/omni40/omniORB.pdf> p. 85ff.

Allan Wind
Life Integrity, LLC

More information about the zeromq-dev mailing list