[zeromq-dev] ZMQPP and metadata in ZAP reply

David Jelenc david.jelenc at fri.uni-lj.si
Sat Apr 30 00:15:37 CEST 2016


Hi Arnaud,

many thanks for your response.

If my take on this is correct, I can read the "listofactions" from each 
message that is sent by an authenticated client as a metadata property 
of that message?

This seems simple enough. I shall let you know what comes of this. :)

Best,
David

On 29. 04. 2016 23:25, Arnaud Kapp wrote:
> Hello David,
>
>  > I sense, this part has to be addressed in libzmq and not in zmqpp,
> but I’m not sure where.
>
> In theory libzmq supports your use case. You'd have to write your own
> ZAP handler manualy and return your metada as part of the ZAP reply (as
> specified in ZRFC27)
> You cannot use zmqpp::auth for this, it's not flexible enough.
>
>  > However, I see no way for accessing the additional parts of the ZAP
> reply on my server.
>
> Your "listofactions" metadata property would be available on any
> messages from the matching client.
> To retrieve a metadata/property from a message with zmqpp you can use:
> msg.get_property("pname", out);
>
> I know this works for the "Identity" property. Unless libzmq doesn't
> implement it for generic properties, it should work.
> Let us know how you fare.
>
> On Fri, Apr 29, 2016 at 3:39 PM, David Jelenc
> <david.jelenc at fri.uni-lj.si <mailto:david.jelenc at fri.uni-lj.si>> wrote:
>
>     According to http://rfc.zeromq.org/spec:27, the ZAP reply contains
>     several fields, including the metadata filed that can be used to
>     store additional data regarding the authenticating clients.
>
>     I’d like to use this filed to store some authorization data: the
>     idea is that, using ZAP, my server queries an AAA server that either
>     accepts or rejects the the connecting client. If the client is
>     accepted, the AAA also provides a list of actions the accepted
>     client is allowed to perform. I’d like to store this actions in the
>     metadata field of the ZAP reply.
>
>     I’m using zmqpp C++ bindings, where the metadata is currently
>     hardcoded to be empty
>     (https://github.com/zeromq/zmqpp/blob/develop/src/zmqpp/zap_request.cpp#L83).
>     However, this is easily addressed.
>
>     My main concern is now on the server side: where and how do I
>     process this metadata?
>
>     The API is such that if the ZAP reply contains status code 200 and a
>     OK message, the client is allowed to connect. However, I see no way
>     for accessing the additional parts of the ZAP reply on my server.
>
>     I sense, this part has to be addressed in libzmq and not in zmqpp,
>     but I’m not sure where.
>
>     Any help would be greatly appreciated.
>
>     Best,
>     David
>     _______________________________________________
>     zeromq-dev mailing list
>     zeromq-dev at lists.zeromq.org <mailto:zeromq-dev at lists.zeromq.org>
>     http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
>
>
> --
> Kapp Arnaud - Xaqq
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>



More information about the zeromq-dev mailing list