authid and authrole in called procedure

#1

Hi,

I’ve got an Autobahnjs client authenticating with WAMPCRA - that’s working fine and am getting the following credentials back:

{ authrole: ‘sysadmin’,
authmethod: ‘wampcra’,
authprovider: ‘static’,
roles:
{ broker: { features: [Object] },
dealer: { features: [Object] } },
authid: ‘peter’ }

When the client then calls a procedure:

session.call(‘com.myapp.proc1’, [2, 3], {}, {disclose_me: true})

The authid and authrole don’t appear in the called procedure:

function myproc1(args, kwargs, details) {
console.log(details);

gives:

{ caller: 801111784, progress: null, procedure: undefined }

Any idea what I’m missing here - I’d have thought the authid and authrole would have been automatically included in the details object?

Tried this with the latest crossbar and autobahn (fantastic news and many thanks Tobias - lots of great new features that are going to be a huge benefit).

Cheers

Mike

0 Likes

#2

One quick follow up - it looked like some sections in the programming guides might be useful but I’m getting a 404 on:

http://crossbar.io/docs/Caller-Identification/

some others doing the same:

http://crossbar.io/docs/Progressive-Call-Results/
http://crossbar.io/docs/Publisher-Black-and-Whitelisting/
http://crossbar.io/docs/Publisher-Exclusion/
http://crossbar.io/docs/Publisher-Identification/

···

On Mon, Mar 2, 2015 at 1:44 PM, Mike Raistrick michael....@googlemail.com wrote:

Hi,

I’ve got an Autobahnjs client authenticating with WAMPCRA - that’s working fine and am getting the following credentials back:

{ authrole: ‘sysadmin’,
authmethod: ‘wampcra’,
authprovider: ‘static’,
roles:
{ broker: { features: [Object] },
dealer: { features: [Object] } },
authid: ‘peter’ }

When the client then calls a procedure:

session.call(‘com.myapp.proc1’, [2, 3], {}, {disclose_me: true})

The authid and authrole don’t appear in the called procedure:

function myproc1(args, kwargs, details) {
console.log(details);

gives:

{ caller: 801111784, progress: null, procedure: undefined }

Any idea what I’m missing here - I’d have thought the authid and authrole would have been automatically included in the details object?

Tried this with the latest crossbar and autobahn (fantastic news and many thanks Tobias - lots of great new features that are going to be a huge benefit).

Cheers

Mike

0 Likes

#3

Hi Mike,

When the client then calls a procedure:

session.call('com.myapp.proc1', [2, 3], {}, {disclose_me: true})

The authid and authrole don't appear in the called procedure:

function myproc1(args, kwargs, details) {
   console.log(details);
...

gives:

{ caller: 801111784, progress: null, procedure: undefined }

Any idea what I'm missing here - I'd have thought the authid and
authrole would have been automatically included in the details object?

The session ID already discloses the caller (801111784 in this case).

If you want to retrieve details about a specific WAMP session identified by ID (like authid etc), you can use the WAMP meta procedure "wamp.session.get".

See: http://crossbar.io/docs/Session-Metaevents-and-Procedures/

Tried this with the latest crossbar and autobahn (fantastic news and
many thanks Tobias - lots of great new features that are going to be a
huge benefit).

Thanks! Please let us know if you use any of the new stuff and what you do ..

Cheers,
/Tobias

0 Likes

#4

Yes, because those pages still need to be written;)

https://github.com/crossbario/crossbarwww/issues/46

···

Am 02.03.2015 um 15:59 schrieb Mike Raistrick:

One quick follow up - it looked like some sections in the programming
guides might be useful but I'm getting a 404 on:

http://crossbar.io/docs/Caller-Identification/

some others doing the same:

http://crossbar.io/docs/Progressive-Call-Results/
http://crossbar.io/docs/Publisher-Black-and-Whitelisting/
http://crossbar.io/docs/Publisher-Exclusion/
http://crossbar.io/docs/Publisher-Identification/

0 Likes

#5

Hi Tobias,

thanks for the reply - yes I was actually just playing with doing exactly what you suggest. It works perfectly.

I hope to do a separate writeup of the architecture of the application I’m developing - but basically I guess you’d describe it as an ‘multi-tenant application portal’ (at least until I can think of a better description).

Datomic as the backend database. Real time events from various routers, switches and voip platforms.
Application logic and data stores in node modules with backend/internal and frontend /external API interafaces with the API sitting on top of WAMP.

Frontend clients use the API to drive ReactJS.

Crossbar as the glue!

The main sticking point is finding a managable permissions model (given the multi-tenant bit + multiple roles).
I’m hoping that the pattern based pubsub will help there - so having for example a sysadmin or reseller subscribing to api.callcenters.* (dynamically authorized) and customerA subscribing to api.callcenters.customerA (also dynamically authorized).

A change to a callenter belonging to customerA will then just be published to api.callcenters.customerA as a single call. At least that’s the idea!

Thanks again

Mike

PS - Although it’s somehwat chicken and egg - I’m more than happy to help out with documentation where I can. Feel free to contact me directly if you’d like

···

On Mon, Mar 2, 2015 at 3:06 PM, Tobias Oberstein tobias.o...@gmail.com wrote:

One quick follow up - it looked like some sections in the programming

guides might be useful but I’m getting a 404 on:

http://crossbar.io/docs/Caller-Identification/

some others doing the same:

http://crossbar.io/docs/Progressive-Call-Results/

http://crossbar.io/docs/Publisher-Black-and-Whitelisting/

http://crossbar.io/docs/Publisher-Exclusion/

http://crossbar.io/docs/Publisher-Identification/
Am 02.03.2015 um 15:59 schrieb Mike Raistrick:

Yes, because those pages still need to be written;)

https://github.com/crossbario/crossbarwww/issues/46

You received this message because you are subscribed to the Google Groups “Autobahn” group.

To unsubscribe from this group and stop receiving emails from it, send an email to autobahnws+unsubscribe@googlegroups.com.

To post to this group, send email to autob...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/autobahnws/54F47C74.90501%40gmail.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes