[zeromq-dev] TPubSub pattern

Doron Somech somdoron at gmail.com
Sat Jan 25 13:52:11 CET 2014


Hi All,

I created a new pattern in NetMQ which I think will also benefit ZeroMQ,
the pattern called TPubSub, the T is for Token, anyway if you have a better
name please do suggest.

The idea is to create a pubsub where the publisher decide on the subscriber
subscriptions, this is to achieve permission based subscriptions.

Instead of subscriptions the subscriber will send the publisher a token,
the publisher upon receiving the token will decide on the subscriber
subscriptions.
The token can be an x509 certificate or blob received by authorizing with
another service (can be a simple web service) and receiving an signed blob
with the client identity and maybe client permissions.

The publisher receiving the blob will be able to make sure it's authentic
and to set the client permission according to the permissions.

The TSub can set a token which will be send to any TPub the TSub is
connected to using zmq_setsockopt with option ZMQ_TSUB_TOKEN or send a
message prefixed with zero.

The TPub will receive any messages send by the TSub, the first frame will
be the identity (as in router) and then the message send by the TSub, the
TPub can set TSub subscriptions with first call to zmq_setsockopt with
ZMQ_TPUB_SELECT and the peer identity and then call zmq_setsockopt  with
ZMQ_TPUB_SUBSCRIBE or ZMQ_TPUB_UNSUBSCRIBE along with the subscription.

You can take a look at the branch here:
https://github.com/somdoron/netmq/tree/fpubsub
Most of the magic happen at the TPub
<https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ/zmq/TPub.cs>and
TSub <https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ/zmq/TSub.cs> you
can also take a look at the unit testing to see how to use it:
https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ.Tests/TPubSubTests.cs
.

I will add a pull request to NetMQ soon, I need to add some more testing
and want to hear your thoughts.

Also together with ZMTP 3.0 hopefully coming to all zeromq libraries we can
really have a secure pubsub.

Small example in C#:

using(NetMQContext context = NetMQContext.Create())
{
    using (TPublisherSocket publisherSocket =
context.CreateTPublisherSocket())
    {
        publisherSocket.Bind("tcp://127.0.0.1:5557");

        using (TSubscriberSocket subscriberSocket =
context.CreateTSubscriberSocket())
        {
            subscriberSocket.SetToken("all");
            subscriberSocket.Connect("tcp://127.0.0.1:5557");


            // first is the identity
            byte[] identity = publisherSocket.Receive();

            // now is the token, token always start with zero
            byte[] token = publisherSocket.Receive();


            Debug.Assert(token[0] == 0);

            string tokenString = Encoding.ASCII.GetString(token, 1,
token.Length - 1);

            if (tokenString == "all")
            {
                publisherSocket.SelectPeer(identity);

                // The peer will be subscribed to all messages
                publisherSocket.SubscribePeer("");
            }

            publisherSocket.Send("Hello");

            string messsage = subscriberSocket.ReceiveString();

            Debug.Assert("Hello" == messsage);
        }
    }
}

Regards,

Doron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20140125/837df250/attachment.htm>


More information about the zeromq-dev mailing list