[zeromq-dev] TPubSub pattern
Pieter Hintjens
ph at imatix.com
Mon Jan 27 22:08:29 CET 2014
Hi Doron.,
Token-based pub-sub sounds interesting. I'm not sure how this fits
into what we're already doing with authentication. There's a
zeromq-dev thread on providing authentication credentials to the
caller per message.
-Pieter
On Sat, Jan 25, 2014 at 6:52 AM, Doron Somech <somdoron at gmail.com> wrote:
> Hi All,
>
> I created a new pattern in NetMQ which I think will also benefit ZeroMQ, the
> pattern called TPubSub, the T is for Token, anyway if you have a better name
> please do suggest.
>
> The idea is to create a pubsub where the publisher decide on the subscriber
> subscriptions, this is to achieve permission based subscriptions.
>
> Instead of subscriptions the subscriber will send the publisher a token, the
> publisher upon receiving the token will decide on the subscriber
> subscriptions.
> The token can be an x509 certificate or blob received by authorizing with
> another service (can be a simple web service) and receiving an signed blob
> with the client identity and maybe client permissions.
>
> The publisher receiving the blob will be able to make sure it's authentic
> and to set the client permission according to the permissions.
>
> The TSub can set a token which will be send to any TPub the TSub is
> connected to using zmq_setsockopt with option ZMQ_TSUB_TOKEN or send a
> message prefixed with zero.
>
> The TPub will receive any messages send by the TSub, the first frame will be
> the identity (as in router) and then the message send by the TSub, the TPub
> can set TSub subscriptions with first call to zmq_setsockopt with
> ZMQ_TPUB_SELECT and the peer identity and then call zmq_setsockopt with
> ZMQ_TPUB_SUBSCRIBE or ZMQ_TPUB_UNSUBSCRIBE along with the subscription.
>
> You can take a look at the branch here:
> https://github.com/somdoron/netmq/tree/fpubsub
> Most of the magic happen at the TPub and TSub you can also take a look at
> the unit testing to see how to use it:
> https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ.Tests/TPubSubTests.cs.
>
> I will add a pull request to NetMQ soon, I need to add some more testing and
> want to hear your thoughts.
>
> Also together with ZMTP 3.0 hopefully coming to all zeromq libraries we can
> really have a secure pubsub.
>
> Small example in C#:
>
> using(NetMQContext context = NetMQContext.Create())
> {
> using (TPublisherSocket publisherSocket =
> context.CreateTPublisherSocket())
> {
> publisherSocket.Bind("tcp://127.0.0.1:5557");
>
> using (TSubscriberSocket subscriberSocket =
> context.CreateTSubscriberSocket())
> {
> subscriberSocket.SetToken("all");
> subscriberSocket.Connect("tcp://127.0.0.1:5557");
>
> // first is the identity
> byte[] identity = publisherSocket.Receive();
>
> // now is the token, token always start with zero
> byte[] token = publisherSocket.Receive();
>
> Debug.Assert(token[0] == 0);
>
> string tokenString = Encoding.ASCII.GetString(token, 1,
> token.Length - 1);
>
> if (tokenString == "all")
> {
> publisherSocket.SelectPeer(identity);
>
> // The peer will be subscribed to all messages
> publisherSocket.SubscribePeer("");
> }
>
> publisherSocket.Send("Hello");
>
> string messsage = subscriberSocket.ReceiveString();
>
> Debug.Assert("Hello" == messsage);
> }
> }
> }
>
> Regards,
>
> Doron
>
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
More information about the zeromq-dev
mailing list