Crossbar.io: new authentication app templates (WAMP-CRA)
134 views
Skip to first unread message
Tobias Oberstein
Nov 4, 2014, 5:59:30 PM11/4/14
to autobahnws, cross...@googlegroups.com
Hi all,
I've polished up WAMP-CRA in Crossbar.io
https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication
and added 2 application templates:
1)
WAMP-CRA with static credentials (from node config):
crossbar init --template authenticate:wampcra
2)
WAMP-CRA with dynamic credentials (from calling an app procedure):
crossbar init --template authenticate:wampcradynamic
==
Any kind of testing would be highly welcome! Well, feedback also of course;)
Cheers,
/Tobias
Note: Code is on trunk still (will be in next release).
I've polished up WAMP-CRA in Crossbar.io
https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication
and added 2 application templates:
1)
WAMP-CRA with static credentials (from node config):
crossbar init --template authenticate:wampcra
2)
WAMP-CRA with dynamic credentials (from calling an app procedure):
crossbar init --template authenticate:wampcradynamic
==
Any kind of testing would be highly welcome! Well, feedback also of course;)
Cheers,
/Tobias
Note: Code is on trunk still (will be in next release).
redabo...@gmail.com
Nov 8, 2014, 7:30:19 PM11/8/14
to autob...@googlegroups.com, cross...@googlegroups.com
Dear Tobias,
Thank you for this update. This looks great. However, I seem to always be unlucky the moment I try anything related to authentication with crossbar.
Here is the output that I am getting with two different Ubuntu boxes.
This happens as soon as the test client attempts to connect.
2014-11-09 00:26:59+0000 [Controller 14182] Router 'worker1': transport 'transport1' started
2014-11-09 00:27:01+0000 [Router 14187] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX HelloDetails(roles = [<autobahn.wamp.role.RoleSubscriberFeatures instance at 0x0000000006aba560>, <autobahn.wamp.role.RolePublisherFeatures instance at 0x0000000006aba580>, <autobahn.wamp.role.RoleCallerFeatures instance at 0x0000000006aba5a0>, <autobahn.wamp.role.RoleCalleeFeatures instance at 0x0000000006aba5e0>], authmethods = [u'wampcra'], authid = peter, pending_session = 8386608723826634) {u'type': u'static', u'users': {u'peter': {u'role': u'frontend', u'secret': u'prq7+YkJ1/KlW1X0YczMHw==', u'salt': u'salt123', u'iterations': 100, u'keylen': 16}, u'joe': {u'secret': u'secret2', u'role': u'frontend'}}}
2014-11-09 00:27:01+0000 [Router 14187] YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY prq7+YkJ1/KlW1X0YczMHw== frontend
2014-11-09 00:27:01+0000 [Router 14187] Traceback (most recent call last):
2014-11-09 00:27:01+0000 [Router 14187] File "/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/session.py", line 130, in onHello
2014-11-09 00:27:01+0000 [Router 14187] self._pending_auth = PendingAuthWampCra(None, details.authid, user['role'], u'static', user['secret'])
2014-11-09 00:27:01+0000 [Router 14187] File "/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/auth.py", line 90, in __init__
2014-11-09 00:27:01+0000 [Router 14187] self.signature = auth.compute_wcs(secret, self.challenge)
2014-11-09 00:27:01+0000 [Router 14187] File "/home/redaborchardt/pypy-2.3.1-linux64/site-packages/autobahn/wamp/auth.py", line 232, in compute_wcs
2014-11-09 00:27:01+0000 [Router 14187] assert(type(key) == bytes)
2014-11-09 00:27:01+0000 [Router 14187] AssertionError
Rgds,
Reda
Thank you for this update. This looks great. However, I seem to always be unlucky the moment I try anything related to authentication with crossbar.
Here is the output that I am getting with two different Ubuntu boxes.
This happens as soon as the test client attempts to connect.
2014-11-09 00:26:59+0000 [Controller 14182] Router 'worker1': transport 'transport1' started
2014-11-09 00:27:01+0000 [Router 14187] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX HelloDetails(roles = [<autobahn.wamp.role.RoleSubscriberFeatures instance at 0x0000000006aba560>, <autobahn.wamp.role.RolePublisherFeatures instance at 0x0000000006aba580>, <autobahn.wamp.role.RoleCallerFeatures instance at 0x0000000006aba5a0>, <autobahn.wamp.role.RoleCalleeFeatures instance at 0x0000000006aba5e0>], authmethods = [u'wampcra'], authid = peter, pending_session = 8386608723826634) {u'type': u'static', u'users': {u'peter': {u'role': u'frontend', u'secret': u'prq7+YkJ1/KlW1X0YczMHw==', u'salt': u'salt123', u'iterations': 100, u'keylen': 16}, u'joe': {u'secret': u'secret2', u'role': u'frontend'}}}
2014-11-09 00:27:01+0000 [Router 14187] YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY prq7+YkJ1/KlW1X0YczMHw== frontend
2014-11-09 00:27:01+0000 [Router 14187] Traceback (most recent call last):
2014-11-09 00:27:01+0000 [Router 14187] File "/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/session.py", line 130, in onHello
2014-11-09 00:27:01+0000 [Router 14187] self._pending_auth = PendingAuthWampCra(None, details.authid, user['role'], u'static', user['secret'])
2014-11-09 00:27:01+0000 [Router 14187] File "/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/auth.py", line 90, in __init__
2014-11-09 00:27:01+0000 [Router 14187] self.signature = auth.compute_wcs(secret, self.challenge)
2014-11-09 00:27:01+0000 [Router 14187] File "/home/redaborchardt/pypy-2.3.1-linux64/site-packages/autobahn/wamp/auth.py", line 232, in compute_wcs
2014-11-09 00:27:01+0000 [Router 14187] assert(type(key) == bytes)
2014-11-09 00:27:01+0000 [Router 14187] AssertionError
Rgds,
Reda
Tobias Oberstein
Nov 10, 2014, 6:10:45 AM11/10/14
to autob...@googlegroups.com, cross...@googlegroups.com
Am 09.11.2014 01:30, schrieb redabo...@gmail.com:
> Dear Tobias,
>
> Thank you for this update. This looks great. However, I seem to always
> be unlucky the moment I try anything related to authentication with
> crossbar.
Hi Reda,
> Dear Tobias,
>
> Thank you for this update. This looks great. However, I seem to always
> be unlucky the moment I try anything related to authentication with
> crossbar.
please try updating to the latest release (Crossbar.io 0.9.10)
pip install -U crossbar
cd ~/mynode1
crossbar init --template authenticate:wampcra
crossbar start
This works for me on Windows and Ubuntu. Please let me know what this
does for you ..
Cheers,
/Tobias
> You received this message because you are subscribed to the Google
> Groups "Autobahn" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to autobahnws+...@googlegroups.com
> <mailto:autobahnws+...@googlegroups.com>.
> To post to this group, send email to autob...@googlegroups.com
> <mailto:autob...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/autobahnws/29700bc8-b89a-41fb-9bab-68ce1fca8bdc%40googlegroups.com
> <https://groups.google.com/d/msgid/autobahnws/29700bc8-b89a-41fb-9bab-68ce1fca8bdc%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
redabo...@gmail.com
Nov 10, 2014, 6:57:47 PM11/10/14
to autob...@googlegroups.com, cross...@googlegroups.com
Greg Miller
Nov 21, 2014, 10:24:50 AM11/21/14
to autob...@googlegroups.com, cross...@googlegroups.com
I got the nodejs version installed and running, and for the most part I understand what is going on. But I have a couple of questions.
Is it possible to send more info in the connection object? I have a multi-tenant app and to follow your example of having a standalone process to do the authentication I would need to know the tenant. If not, then I can have one auth process for each tenant, or merge the auth process into the backend process where I have one for each tenant.
When a call is made to a backend function how do I know who the caller is? There's a third argument 'extra' to a called function (args, kwargs, extra), that has
{caller: undefined, progress: null}
Thanks!
Is it possible to send more info in the connection object? I have a multi-tenant app and to follow your example of having a standalone process to do the authentication I would need to know the tenant. If not, then I can have one auth process for each tenant, or merge the auth process into the backend process where I have one for each tenant.
When a call is made to a backend function how do I know who the caller is? There's a third argument 'extra' to a called function (args, kwargs, extra), that has
{caller: undefined, progress: null}
Thanks!
redabo...@gmail.com
Nov 21, 2014, 12:09:10 PM11/21/14
to autob...@googlegroups.com, cross...@googlegroups.com
You can use an option call {disclose_me: true}. Example: sess.call('com.base.requestGuestAccount',[], {},{disclose_me: true})
Reply all
Reply to author
Forward
0 new messages