[zeromq-dev] ZMQPP and metadata in ZAP reply
David Jelenc
david.jelenc at fri.uni-lj.si
Sat Apr 30 00:15:37 CEST 2016
Hi Arnaud,
many thanks for your response.
If my take on this is correct, I can read the "listofactions" from each
message that is sent by an authenticated client as a metadata property
of that message?
This seems simple enough. I shall let you know what comes of this. :)
Best,
David
On 29. 04. 2016 23:25, Arnaud Kapp wrote:
> Hello David,
>
> > I sense, this part has to be addressed in libzmq and not in zmqpp,
> but I’m not sure where.
>
> In theory libzmq supports your use case. You'd have to write your own
> ZAP handler manualy and return your metada as part of the ZAP reply (as
> specified in ZRFC27)
> You cannot use zmqpp::auth for this, it's not flexible enough.
>
> > However, I see no way for accessing the additional parts of the ZAP
> reply on my server.
>
> Your "listofactions" metadata property would be available on any
> messages from the matching client.
> To retrieve a metadata/property from a message with zmqpp you can use:
> msg.get_property("pname", out);
>
> I know this works for the "Identity" property. Unless libzmq doesn't
> implement it for generic properties, it should work.
> Let us know how you fare.
>
> On Fri, Apr 29, 2016 at 3:39 PM, David Jelenc
> <david.jelenc at fri.uni-lj.si <mailto:david.jelenc at fri.uni-lj.si>> wrote:
>
> According to http://rfc.zeromq.org/spec:27, the ZAP reply contains
> several fields, including the metadata filed that can be used to
> store additional data regarding the authenticating clients.
>
> I’d like to use this filed to store some authorization data: the
> idea is that, using ZAP, my server queries an AAA server that either
> accepts or rejects the the connecting client. If the client is
> accepted, the AAA also provides a list of actions the accepted
> client is allowed to perform. I’d like to store this actions in the
> metadata field of the ZAP reply.
>
> I’m using zmqpp C++ bindings, where the metadata is currently
> hardcoded to be empty
> (https://github.com/zeromq/zmqpp/blob/develop/src/zmqpp/zap_request.cpp#L83).
> However, this is easily addressed.
>
> My main concern is now on the server side: where and how do I
> process this metadata?
>
> The API is such that if the ZAP reply contains status code 200 and a
> OK message, the client is allowed to connect. However, I see no way
> for accessing the additional parts of the ZAP reply on my server.
>
> I sense, this part has to be addressed in libzmq and not in zmqpp,
> but I’m not sure where.
>
> Any help would be greatly appreciated.
>
> Best,
> David
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org <mailto:zeromq-dev at lists.zeromq.org>
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
>
>
>
> --
> Kapp Arnaud - Xaqq
>
>
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
More information about the zeromq-dev
mailing list