Creating new Realms, or protecting subscriptions

[Mickey Upbas]

We're working on an application that allows for many users to associate with many devices. Users should only be able to interact with devices they own. 

As I understand it, I can only hide URIs through realms; a user in realm1 cannot interact with devices that publish in realm2. Since I have a dynamic number of devices and users the realms must also be dynamic. 

Do I understand this correctly? Is there any other way for a device to publish in such a way that user1 has access but user2 does not? If this is not possible, and you have not completed the management API then we simply cannot use crossbar-- a pity, since it suits our needs perfectly in every other way!

[alexande...@googlemail.com]

Hi Michel!

Realms are really intended to separate between applications running on the same router (not that this means that you can't use them differentlyl. For what you want I'd suggest using roles, which can restrict URI access as well. However, that doesn't solve the problem of dynamically adding users.
As things are, you can use dynamic authorization (see http://crossbar.io/docs/Authorization/#dynamic-authorization).

Hope this helps!

Rewards

Alex

--
You received this message because you are subscribed to the Google Groups "Crossbar" group.
To unsubscribe from this group and stop receiving emails from it, send an email to crossbario+...@googlegroups.com.
To post to this group, send email to cross...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/crossbario/2de4e5c5-9737-41a0-8221-b40e6068bb5b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.