Re: [zeromq-dev] TPubSub pattern
Thanks Pieter,
NetMQ doesn't have authentication yet, but once authentication is in place
the token is not needed (and the credentials can be retrieved per message).
What is do needed for me at least is a way for the publisher to decide if
subscriber subscription request is accepted or not, or another way to say
it the publisher is deciding on the subscriptions of each subscriber
(mainly because of permission of each subscriber).
Maybe using XPUB with special setting which doesn't automatically add the
subscription to the trie, once the subscription message is read we can call
set socket option with SUBSCRIBE and the subscription and the XPUB will
know to attach the subscription to the last pipe message was received from
(or we can implement the select feature).
Today in my company we are using DEALER-ROUTER and have a copy of the trie
data structure outside netmq.
Regards,
Doron
On Mon, Jan 27, 2014 at 11:08 PM, Pieter Hintjens p...@imatix.com wrote:
Hi Doron.,
Token-based pub-sub sounds interesting. I'm not sure how this fits
into what we're already doing with authentication. There's a
zeromq-dev thread on providing authentication credentials to the
caller per message.
-Pieter
On Sat, Jan 25, 2014 at 6:52 AM, Doron Somech somdo...@gmail.com wrote:
Hi All,
I created a new pattern in NetMQ which I think will also benefit ZeroMQ,
the
pattern called TPubSub, the T is for Token, anyway if you have a better
name
please do suggest.
The idea is to create a pubsub where the publisher decide on the
subscriber
subscriptions, this is to achieve permission based subscriptions.
Instead of subscriptions the subscriber will send the publisher a token,
the
publisher upon receiving the token will decide on the subscriber
subscriptions.
The token can be an x509 certificate or blob received by authorizing with
another service (can be a simple web service) and receiving an signed
blob
with the client identity and maybe client permissions.
The publisher receiving the blob will be able to make sure it's authentic
and to set the client permission according to the permissions.
The TSub can set a token which will be send to any TPub the TSub is
connected to using zmq_setsockopt with option ZMQ_TSUB_TOKEN or send a
message prefixed with zero.
The TPub will receive any messages send by the TSub, the first frame
will be
the identity (as in router) and then the message send by the TSub, the
TPub
can set TSub subscriptions with first call to zmq_setsockopt with
ZMQ_TPUB_SELECT and the peer identity and then call zmq_setsockopt with
ZMQ_TPUB_SUBSCRIBE or ZMQ_TPUB_UNSUBSCRIBE along with the subscription.
You can take a look at the branch here:
https://github.com/somdoron/netmq/tree/fpubsub
Most of the magic happen at the TPub and TSub you can also take a look at
the unit testing to see how to use it:
https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ.Tests/TPubSubTests.cs
.
I will add a pull request to NetMQ soon, I need to add some more testing
and
want to hear your thoughts.
Also together with ZMTP 3.0 hopefully coming to all zeromq libraries we
can
really have a secure pubsub.
Small example in C#:
using(NetMQContext context = NetMQContext.Create())
{
using (TPublisherSocket publisherSocket =
context.CreateTPublisherSocket())
{
publisherSocket.Bind(tcp://127.0.0.1:5557);
using (TSubscriberSocket subscriberSocket =
context.CreateTSubscriberSocket())
{
subscriberSocket.SetToken(all);
subscriberSocket.Connect(tcp://127.0.0.1:5557);
// first is the identity
byte[] identity = publisherSocket.Receive();
// now is the token, token always start with zero
byte[] token = publisherSocket.Receive();
Debug.Assert(token[0] == 0);
string tokenString = Encoding.ASCII.GetString(token, 1,
token.Length - 1);
if (tokenString == all)
{
publisherSocket.SelectPeer(identity);
// The peer will be subscribed to all messages
publisherSocket.SubscribePeer();
}
publisherSocket.Send(Hello);
string messsage = subscriberSocket.ReceiveString();
Debug.Assert(Hello == messsage);
}
}
}
Regards,
Doron
___
zeromq-dev mailing list
zeromq-dev@lists.zeromq.org
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
___
zeromq-dev mailing list
zeromq-dev@lists.zeromq.org
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
___
zeromq-dev mailing list
zeromq-dev@lists.zeromq.org
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
Re: [zeromq-dev] TPubSub pattern
Am 28.01.2014 um 09:45 schrieb Doron Somech somdo...@gmail.com:
Thanks Pieter,
NetMQ doesn't have authentication yet, but once authentication is in place
the token is not needed (and the credentials can be retrieved per message).
What is do needed for me at least is a way for the publisher to decide if
subscriber subscription request is accepted or not, or another way to say it
the publisher is deciding on the subscriptions of each subscriber (mainly
because of permission of each subscriber).
Maybe using XPUB with special setting which doesn't automatically add the
subscription to the trie, once the subscription message is read we can call
set socket option with SUBSCRIBE and the subscription and the XPUB will know
to attach the subscription to the last pipe message was received from (or we
can implement the select feature).
actually I think XPUB/XSUB is so useful that with a bit more generalized input
message processing for many task one would get away with a single socket
solution; I found I frequently need a ROUTER besides XPUB really just to submit
messages to the actor behind the XPUB
explicit tagging of a message as subscribe/unsubscribe/other and support for
multipart would go a long way
- Michael
Today in my company we are using DEALER-ROUTER and have a copy of the trie
data structure outside netmq.
Regards,
Doron
On Mon, Jan 27, 2014 at 11:08 PM, Pieter Hintjens p...@imatix.com wrote:
Hi Doron.,
Token-based pub-sub sounds interesting. I'm not sure how this fits
into what we're already doing with authentication. There's a
zeromq-dev thread on providing authentication credentials to the
caller per message.
-Pieter
On Sat, Jan 25, 2014 at 6:52 AM, Doron Somech somdo...@gmail.com wrote:
Hi All,
I created a new pattern in NetMQ which I think will also benefit ZeroMQ, the
pattern called TPubSub, the T is for Token, anyway if you have a better name
please do suggest.
The idea is to create a pubsub where the publisher decide on the subscriber
subscriptions, this is to achieve permission based subscriptions.
Instead of subscriptions the subscriber will send the publisher a token, the
publisher upon receiving the token will decide on the subscriber
subscriptions.
The token can be an x509 certificate or blob received by authorizing with
another service (can be a simple web service) and receiving an signed blob
with the client identity and maybe client permissions.
The publisher receiving the blob will be able to make sure it's authentic
and to set the client permission according to the permissions.
The TSub can set a token which will be send to any TPub the TSub is
connected to using zmq_setsockopt with option ZMQ_TSUB_TOKEN or send a
message prefixed with zero.
The TPub will receive any messages send by the TSub, the first frame will be
the identity (as in router) and then the message send by the TSub, the TPub
can set TSub subscriptions with first call to zmq_setsockopt with
ZMQ_TPUB_SELECT and the peer identity and then call zmq_setsockopt with
ZMQ_TPUB_SUBSCRIBE or ZMQ_TPUB_UNSUBSCRIBE along with the subscription.
You can take a look at the branch here:
https://github.com/somdoron/netmq/tree/fpubsub
Most of the magic happen at the TPub and TSub you can also take a look at
the unit testing to see how to use it:
https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ.Tests/TPubSubTests.cs.
I will add a pull request to NetMQ soon, I need to add some more testing and
want to hear your thoughts.
Also together with ZMTP 3.0 hopefully coming to all zeromq libraries we can
really have a secure pubsub.
Small example in C#:
using(NetMQContext context = NetMQContext.Create())
{
using (TPublisherSocket publisherSocket =
context.CreateTPublisherSocket())
{
publisherSocket.Bind(tcp://127.0.0.1:5557);
using (TSubscriberSocket subscriberSocket =
context.CreateTSubscriberSocket())
{
subscriberSocket.SetToken(all);
subscriberSocket.Connect(tcp://127.0.0.1:5557);
// first is the identity
byte[] identity = publisherSocket.Receive();
// now is the token, token always start with zero
byte[] token = publisherSocket.Receive();
Debug.Assert(token[0] == 0);
string tokenString = Encoding.ASCII.GetString(token, 1,
token.Length - 1);
if (tokenString == all)
{
publisherSocket.SelectPeer(identity);
// The peer will be subscribed to all messages
publisherSocket.SubscribePeer();
}
publisherSocket.Send(Hello);
string messsage = subscriberSocket.ReceiveString();
Debug.Assert(Hello == messsage);
}
}
}
Regards,
Doron
Re: [zeromq-dev] TPubSub pattern
Hi Doron.,
Token-based pub-sub sounds interesting. I'm not sure how this fits
into what we're already doing with authentication. There's a
zeromq-dev thread on providing authentication credentials to the
caller per message.
-Pieter
On Sat, Jan 25, 2014 at 6:52 AM, Doron Somech somdo...@gmail.com wrote:
Hi All,
I created a new pattern in NetMQ which I think will also benefit ZeroMQ, the
pattern called TPubSub, the T is for Token, anyway if you have a better name
please do suggest.
The idea is to create a pubsub where the publisher decide on the subscriber
subscriptions, this is to achieve permission based subscriptions.
Instead of subscriptions the subscriber will send the publisher a token, the
publisher upon receiving the token will decide on the subscriber
subscriptions.
The token can be an x509 certificate or blob received by authorizing with
another service (can be a simple web service) and receiving an signed blob
with the client identity and maybe client permissions.
The publisher receiving the blob will be able to make sure it's authentic
and to set the client permission according to the permissions.
The TSub can set a token which will be send to any TPub the TSub is
connected to using zmq_setsockopt with option ZMQ_TSUB_TOKEN or send a
message prefixed with zero.
The TPub will receive any messages send by the TSub, the first frame will be
the identity (as in router) and then the message send by the TSub, the TPub
can set TSub subscriptions with first call to zmq_setsockopt with
ZMQ_TPUB_SELECT and the peer identity and then call zmq_setsockopt with
ZMQ_TPUB_SUBSCRIBE or ZMQ_TPUB_UNSUBSCRIBE along with the subscription.
You can take a look at the branch here:
https://github.com/somdoron/netmq/tree/fpubsub
Most of the magic happen at the TPub and TSub you can also take a look at
the unit testing to see how to use it:
https://github.com/somdoron/netmq/blob/fpubsub/src/NetMQ.Tests/TPubSubTests.cs.
I will add a pull request to NetMQ soon, I need to add some more testing and
want to hear your thoughts.
Also together with ZMTP 3.0 hopefully coming to all zeromq libraries we can
really have a secure pubsub.
Small example in C#:
using(NetMQContext context = NetMQContext.Create())
{
using (TPublisherSocket publisherSocket =
context.CreateTPublisherSocket())
{
publisherSocket.Bind(tcp://127.0.0.1:5557);
using (TSubscriberSocket subscriberSocket =
context.CreateTSubscriberSocket())
{
subscriberSocket.SetToken(all);
subscriberSocket.Connect(tcp://127.0.0.1:5557);
// first is the identity
byte[] identity = publisherSocket.Receive();
// now is the token, token always start with zero
byte[] token = publisherSocket.Receive();
Debug.Assert(token[0] == 0);
string tokenString = Encoding.ASCII.GetString(token, 1,
token.Length - 1);
if (tokenString == all)
{
publisherSocket.SelectPeer(identity);
// The peer will be subscribed to all messages
publisherSocket.SubscribePeer();
}
publisherSocket.Send(Hello);
string messsage = subscriberSocket.ReceiveString();
Debug.Assert(Hello == messsage);
}
}
}
Regards,
Doron
___
zeromq-dev mailing list
zeromq-dev@lists.zeromq.org
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
___
zeromq-dev mailing list
zeromq-dev@lists.zeromq.org
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
