Custom authentication extension for message system nats (gnatsd)

Others 2022-04-27 14:59:16 views: 0

Because of the simple research on the source code of the mqtt server mosquitto, I feel that its performance has bottlenecks in many places. For example, the network layer does not use epoll, and the topic uses the tree (doesn't it have to traverse to death when there are a large number of topics) There are still many..., so I went online again. I searched for information on other messaging systems, and found that gnatsd's performance is very powerful. Although its function is weaker than mqtt, it may also fit my project to some extent.
First of all, I want to learn about the authentication system of gnatsd. At first, I found that it is written in the configuration file, so that it is possible for a small number of users or a large number of users to share passwords and permissions, but if you want to use different passwords for all users And permission control will not work.

Custom Authentication Solutions

I haven't started to use it officially, I haven't downloaded the code, I just checked the code on github and finally found a solution:

server/auth.go:
// Authentication is an interface for implementing authentication
type Authentication interface {
    // Check if a client is authorized to connect
    Check(c ClientAuthentication) bool
}

server/auth.go
if s.opts.CustomRouterAuthentication != nil {
        return s.opts.CustomRouterAuthentication.Check(c)
    }
server/opts.go:
CustomClientAuthentication Authentication `json:"-"`

Authentication is performed in auto.go, and each time it is judged that if it CustomRouterAuthenticationis not empty, the CustomRouterAuthentication.Checkauthentication is performed.

CustomRouterAuthenticationThe methods that implement Authenticationthe interface Check.

So when the server is initialized, you can pass in a custom one CustomClientAuthentication, for example:

opts := DefaultOptions()
opts.CustomClientAuthentication = &clientAuth
s := RunServer(opts)

The custom authentication class can imitate the mosquitto auth plugin plugin to use the query database for authentication, such as querying Redis.

Attached is the discussion on authentication in Issues:
Enable external Authentication (authn) and Authorization (authz) via Extensible Auth Provider. #434

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325671560&siteId=291194637
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com