Basic questions

#1

I came across Autobahn/Crossbar a few days ago and really like it! It’s really impressive stuff. I got the demo going in Nodejs, and I understand most of what I’ve tried and read in the docs. But I have a few questions, I’m sure there will be more.

Typically the projects I work on are B2B multi-tenant apps. Everyone has the same app, but a different DB. Would a realm be appropriate to segregate traffic so that pub/sub and RPCs stayed within a tenant? Or is it better to have the tenant code be part of the pub/sub URI? The only drawback I can see to using realms is having to update config.json to when adding/removing tenants. The drawback to tenant based URIs would the volume of them.

Is there a maximum to the number of realms, pub/sub URIs?

I read through the Persona section but didn’t really see or understand how a user was deemed to be allowed to login. Does Persona call back to my system to see if an email address is allowed to login?

When a call is made to a remote procedure how do I know which user made the call?

That’s it…for now!

Thanks very much!

0 Likes

#2

I came across Autobahn/Crossbar a few days ago and really like it! It's
really impressive stuff. I got the demo going in Nodejs, and I

Thanks! great to hear!

understand most of what I've tried and read in the docs. But I have a
few questions, I'm sure there will be more.

Typically the projects I work on are B2B multi-tenant apps. Everyone
has the same app, but a different DB. Would a realm be appropriate to
segregate traffic so that pub/sub and RPCs stayed within a tenant? Or

Yes, that would be one option.

is it better to have the tenant code be part of the pub/sub URI? The

That's another option.

A third option is not to map tenants to realms or URIs at all, but e.g. with RPC, process the tenant caller in the called procedure (see your question below and answer).

Which of the above approaches is "the best" depends on your concrete app and factors. All 3 are fine in certain situations.

only drawback I can see to using realms is having to update config.json
to when adding/removing tenants. The drawback to tenant based URIs

FWIW, Crossbar.io has a management API that allows to create realms (and do any other management) while running ...

would the volume of them.

Is there a maximum to the number of realms, pub/sub URIs?

No. Memory is the limit.

I read through the Persona section but didn't really see or understand
how a user was deemed to be allowed to login. Does Persona call back to
my system to see if an email address is allowed to login?

Crossbar.io differentiates strictly between authentication (who is it?) vs authorization (what is she allowed to do?).

Persona is one specific authentication scheme. When a connecting client has been authenticated, the actions it is authorized to perform are determined _based_ on the identity of the client that was established.

When a call is made to a remote procedure how do I know which user made
the call?

In general, the router knows (of course) - to route the call to the appropriate callee.

In general, callees do not know about the caller. Decoupling.

However, you can request the router to forward caller info at the point of invocation:

E.g. in AutobahnPython:

https://github.com/tavendo/AutobahnPython/blob/master/examples/twisted/wamp/basic/rpc/options/backend.py#L49

This feature ("caller disclosure") is part of the WAMP Advanced Profile and needs to be supported by the router and client.

E.g. Crossbar.io has it. As does AutobahnPython ..

Cheers,
/Tobias

···

Am 26.10.2014 21:15, schrieb Greg Miller:

That's it....for now!

Thanks very much!

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com
<mailto:autobahnws+...@googlegroups.com>.
To post to this group, send email to autob...@googlegroups.com
<mailto:autob...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autobahnws/5b7708a4-65de-432e-bc6f-2c96edb60cc1%40googlegroups.com
<https://groups.google.com/d/msgid/autobahnws/5b7708a4-65de-432e-bc6f-2c96edb60cc1%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes