You can in fact write your own authentication handler, in C, and link it with libzmq. We use a protocol called ZAP; you can make a simple bridge that talks to an external handler in a different language. So, not using zauth at all, and instead writing something equivalent that does more what you need.
On Wed, Jun 17, 2015 at 9:02 PM, Chuck Price <[email protected]> wrote: > My application needs to support authentication of 100’s of thousands of > clients. I’m uncomfortable with having to manage this many client certs in a > directory, as well as the cost in file operations to load these certs into my > app. > > A solution that would work for me is to be able to register an authentication > hook function with zauth, which would call back to my code for > authentication. I imagine a new message to the zauth agent, something like > “AUTH_HOOK”, passing a pointer to my function which would take the client key > as a parameter, and return a bool (true if allowed, false if denied). > > A typical implementation might be for my function to look up the key in, say, > Redis, or some other database. > > Thoughts? One consideration that immediately leaps out as a problem is > cross-language support for such an API. > > Thanks, > > -chuck > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
