[zeromq-dev] CURVE authentication hook for zauth agent

Chuck Price chuck at peloton-tech.com
Wed Jun 17 21:02:06 CEST 2015


My application needs to support authentication of 100’s of thousands of clients. I’m uncomfortable with having to manage this many client certs in a directory, as well as the cost in file operations to load these certs into my app.

A solution that would work for me is to be able to register an authentication hook function with zauth, which would call back to my code for authentication. I imagine a new message to the zauth agent, something like
“AUTH_HOOK”, passing a pointer to my function which would take the client key as a parameter, and return a bool (true if allowed, false if denied).

A typical implementation might be for my function to look up the key in, say, Redis, or some other database.

Thoughts? One consideration that immediately leaps out as a problem is cross-language support for such an API.

Thanks,

-chuck


More information about the zeromq-dev mailing list