I’m still mystified about this line > and then each message will report the > authenticated sender.
Can you explain? On Jan 1, 2014, at 5:28 AM, Pieter Hintjens <[email protected]> wrote: > The ZAP handler gets the identity of the client (along with all > metadata) and can validate it. So you can use client identity + public > key authentication, and then each message will report the > authenticated sender. > > On Tue, Dec 31, 2013 at 7:08 PM, Drew Crawford <[email protected]> > wrote: >> I think I can supply a patch that is at least good enough to get cleaned up >> and merged by a zmq dev. The open question at this point is which way the >> correlation should get resolved. One possibility is to populate the ZAP >> identity with the router identity instead of the empty string. Another >> possibility is to populate the userid from ZAP somewhere in the router. >> There are other possibilities that have not occurred to me. >> >> I know enough to make a run at any of these, but not enough to identify the >> best solution from the set of options. I’m hoping a dev can pop out of the >> woodwork and identify which solution is the one that should be tried. >> >> Drew >> On Dec 31, 2013, at 11:51 AM, Nicolas Delaby <[email protected]> wrote: >> >>> On 12/31/2013 06:30 PM, Drew Crawford wrote: >>>> Hi Nicolas, >>>> >>>> I’m reasonably sure we have the same problem, and I’ve gotten somewhat >>>> further along without solving it. We may want to compare notes. Take a >>>> look at my thread "How do I find out which ZAP user I'm talking to?”. >>> >>> Hi Drew, >>> Yes indeed, we are facing same issue. >>> So far I'm using an ugly hack assuming that the immediate next recv() >>> contains the identity of the peer I just authorized within my >>> zap_handler. This code is not used yet on production, so I believe it >>> works only by chance. I wanted to have confirmation from zeromq dev. >>> >>> My attitude on open-source project is to come with a pull request when >>> my needs are not fulfilled. But unfortunately C++ is way far beyond my >>> skills. So I hope to find here new ideas I didn't thought about it. >>> >>> Your testimony doesn't make me feel more confident :) >>> >>> As an ultimate workaround I will probably fallback on zmq.PLAIN + stunnel. >>> >>> Cheers, >>> Nicolas >>> _______________________________________________ >>> zeromq-dev mailing list >>> [email protected] >>> http://lists.zeromq.org/mailman/listinfo/zeromq-dev >> >> _______________________________________________ >> zeromq-dev mailing list >> [email protected] >> http://lists.zeromq.org/mailman/listinfo/zeromq-dev > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
