Crossbar.io: new authentication app templates (WAMP-CRA)

#1

Hi all,

I've polished up WAMP-CRA in Crossbar.io

https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication

and added 2 application templates:

1)
WAMP-CRA with static credentials (from node config):

crossbar init --template authenticate:wampcra

2)
WAMP-CRA with dynamic credentials (from calling an app procedure):

crossbar init --template authenticate:wampcradynamic

···

==

Any kind of testing would be highly welcome! Well, feedback also of course;)

Cheers,
/Tobias

Note: Code is on trunk still (will be in next release).

0 Likes

#2

Dear Tobias,

Thank you for this update. This looks great. However, I seem to always
be unlucky the moment I try anything related to authentication with
crossbar.

Hi Reda,

please try updating to the latest release (Crossbar.io 0.9.10)

pip install -U crossbar
cd ~/mynode1
crossbar init --template authenticate:wampcra
crossbar start

This works for me on Windows and Ubuntu. Please let me know what this does for you ..

Cheers,
/Tobias

···

Am 09.11.2014 01:30, schrieb redabo...@gmail.com:

Here is the output that I am getting with two different Ubuntu boxes.

This happens as soon as the test client attempts to connect.

2014-11-09 00:26:59+0000 [Controller 14182] Router 'worker1': transport
'transport1' started
2014-11-09 00:27:01+0000 [Router 14187]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
HelloDetails(roles = [<autobahn.wamp.role.RoleSubscriberFeatures
instance at 0x0000000006aba560>,
<autobahn.wamp.role.RolePublisherFeatures instance at
0x0000000006aba580>, <autobahn.wamp.role.RoleCallerFeatures instance at
0x0000000006aba5a0>, <autobahn.wamp.role.RoleCalleeFeatures instance at
0x0000000006aba5e0>], authmethods = [u'wampcra'], authid = peter,
pending_session = 8386608723826634) {u'type': u'static', u'users':
{u'peter': {u'role': u'frontend', u'secret':
u'prq7+YkJ1/KlW1X0YczMHw==', u'salt': u'salt123', u'iterations': 100,
u'keylen': 16}, u'joe': {u'secret': u'secret2', u'role': u'frontend'}}}
2014-11-09 00:27:01+0000 [Router 14187]
YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
prq7+YkJ1/KlW1X0YczMHw== frontend
2014-11-09 00:27:01+0000 [Router 14187] Traceback (most recent call
last):
2014-11-09 00:27:01+0000 [Router 14187] File
"/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/session.py",
line 130, in onHello
2014-11-09 00:27:01+0000 [Router 14187] self._pending_auth =
PendingAuthWampCra(None, details.authid, user['role'], u'static',
user['secret'])
2014-11-09 00:27:01+0000 [Router 14187] File
"/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/auth.py",
line 90, in __init__
2014-11-09 00:27:01+0000 [Router 14187] self.signature =
auth.compute_wcs(secret, self.challenge)
2014-11-09 00:27:01+0000 [Router 14187] File
"/home/redaborchardt/pypy-2.3.1-linux64/site-packages/autobahn/wamp/auth.py",
line 232, in compute_wcs
2014-11-09 00:27:01+0000 [Router 14187] assert(type(key) == bytes)
2014-11-09 00:27:01+0000 [Router 14187] AssertionError

Rgds,
Reda

On Tuesday, 4 November 2014 22:59:30 UTC, Tobias Oberstein wrote:

    Hi all,

    I've polished up WAMP-CRA in Crossbar.io

    https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication
    <https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication>

    and added 2 application templates:

    1)
    WAMP-CRA with static credentials (from node config):

    crossbar init --template authenticate:wampcra

    2)
    WAMP-CRA with dynamic credentials (from calling an app procedure):

    crossbar init --template authenticate:wampcradynamic

    ==

    Any kind of testing would be highly welcome! Well, feedback also of
    course;)

    Cheers,
    /Tobias

    Note: Code is on trunk still (will be in next release).

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com
<mailto:autobahnws+...@googlegroups.com>.
To post to this group, send email to autob...@googlegroups.com
<mailto:autob...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autobahnws/29700bc8-b89a-41fb-9bab-68ce1fca8bdc%40googlegroups.com
<https://groups.google.com/d/msgid/autobahnws/29700bc8-b89a-41fb-9bab-68ce1fca8bdc%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes

#3

Dear Tobias,

Thank you for this update. This looks great. However, I seem to always be unlucky the moment I try anything related to authentication with crossbar.
Here is the output that I am getting with two different Ubuntu boxes.

This happens as soon as the test client attempts to connect.

2014-11-09 00:26:59+0000 [Controller 14182] Router ‘worker1’: transport ‘transport1’ started
2014-11-09 00:27:01+0000 [Router 14187] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX HelloDetails(roles = [<autobahn.wamp.role.RoleSubscriberFeatures instance at 0x0000000006aba560>, <autobahn.wamp.role.RolePublisherFeatures instance at 0x0000000006aba580>, <autobahn.wamp.role.RoleCallerFeatures instance at 0x0000000006aba5a0>, <autobahn.wamp.role.RoleCalleeFeatures instance at 0x0000000006aba5e0>], authmethods = [u’wampcra’], authid = peter, pending_session = 8386608723826634) {u’type’: u’static’, u’users’: {u’peter’: {u’role’: u’frontend’, u’secret’: u’prq7+YkJ1/KlW1X0YczMHw==’, u’salt’: u’salt123’, u’iterations’: 100, u’keylen’: 16}, u’joe’: {u’secret’: u’secret2’, u’role’: u’frontend’}}}
2014-11-09 00:27:01+0000 [Router 14187] YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY prq7+YkJ1/KlW1X0YczMHw== frontend
2014-11-09 00:27:01+0000 [Router 14187] Traceback (most recent call last):
2014-11-09 00:27:01+0000 [Router 14187] File “/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/session.py”, line 130, in onHello
2014-11-09 00:27:01+0000 [Router 14187] self._pending_auth = PendingAuthWampCra(None, details.authid, user[‘role’], u’static’, user[‘secret’])
2014-11-09 00:27:01+0000 [Router 14187] File “/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/auth.py”, line 90, in init
2014-11-09 00:27:01+0000 [Router 14187] self.signature = auth.compute_wcs(secret, self.challenge)
2014-11-09 00:27:01+0000 [Router 14187] File “/home/redaborchardt/pypy-2.3.1-linux64/site-packages/autobahn/wamp/auth.py”, line 232, in compute_wcs
2014-11-09 00:27:01+0000 [Router 14187] assert(type(key) == bytes)
2014-11-09 00:27:01+0000 [Router 14187] AssertionError

Rgds,
Reda

···

On Tuesday, 4 November 2014 22:59:30 UTC, Tobias Oberstein wrote:

Hi all,

I’ve polished up WAMP-CRA in Crossbar.io

https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication

and added 2 application templates:

WAMP-CRA with static credentials (from node config):

crossbar init --template authenticate:wampcra

WAMP-CRA with dynamic credentials (from calling an app procedure):

crossbar init --template authenticate:wampcradynamic

==

Any kind of testing would be highly welcome! Well, feedback also of course;)

Cheers,

/Tobias

Note: Code is on trunk still (will be in next release).

0 Likes

#4

Absolutely wonderful! That worked.
Thank you.

···

On Monday, 10 November 2014 11:10:45 UTC, Tobias Oberstein wrote:

Am 09.11.2014 01:30, schrieb reda...@gmail.com:

Dear Tobias,

Thank you for this update. This looks great. However, I seem to always

be unlucky the moment I try anything related to authentication with

crossbar.

Hi Reda,

please try updating to the latest release (Crossbar.io 0.9.10)

pip install -U crossbar

cd ~/mynode1

crossbar init --template authenticate:wampcra

crossbar start

This works for me on Windows and Ubuntu. Please let me know what this
does for you …

Cheers,

/Tobias

Here is the output that I am getting with two different Ubuntu boxes.

This happens as soon as the test client attempts to connect.

2014-11-09 00:26:59+0000 [Controller 14182] Router ‘worker1’: transport

‘transport1’ started

2014-11-09 00:27:01+0000 [Router 14187]

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

HelloDetails(roles = [<autobahn.wamp.role.RoleSubscriberFeatures

instance at 0x0000000006aba560>,

<autobahn.wamp.role.RolePublisherFeatures instance at

0x0000000006aba580>, <autobahn.wamp.role.RoleCallerFeatures instance at

0x0000000006aba5a0>, <autobahn.wamp.role.RoleCalleeFeatures instance at

0x0000000006aba5e0>], authmethods = [u’wampcra’], authid = peter,

pending_session = 8386608723826634) {u’type’: u’static’, u’users’:

{u’peter’: {u’role’: u’frontend’, u’secret’:

u’prq7+YkJ1/KlW1X0YczMHw==’, u’salt’: u’salt123’, u’iterations’: 100,

u’keylen’: 16}, u’joe’: {u’secret’: u’secret2’, u’role’: u’frontend’}}}

2014-11-09 00:27:01+0000 [Router 14187]

YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY

prq7+YkJ1/KlW1X0YczMHw== frontend

2014-11-09 00:27:01+0000 [Router 14187] Traceback (most recent call

last):

2014-11-09 00:27:01+0000 [Router 14187] File

“/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/session.py”,

line 130, in onHello

2014-11-09 00:27:01+0000 [Router 14187] self._pending_auth =

PendingAuthWampCra(None, details.authid, user[‘role’], u’static’,

user[‘secret’])

2014-11-09 00:27:01+0000 [Router 14187] File

“/home/redaborchardt/pypy-2.3.1-linux64/site-packages/crossbar/router/auth.py”,

line 90, in init

2014-11-09 00:27:01+0000 [Router 14187] self.signature =

auth.compute_wcs(secret, self.challenge)

2014-11-09 00:27:01+0000 [Router 14187] File

“/home/redaborchardt/pypy-2.3.1-linux64/site-packages/autobahn/wamp/auth.py”,

line 232, in compute_wcs

2014-11-09 00:27:01+0000 [Router 14187] assert(type(key) == bytes)

2014-11-09 00:27:01+0000 [Router 14187] AssertionError

Rgds,

Reda

On Tuesday, 4 November 2014 22:59:30 UTC, Tobias Oberstein wrote:

Hi all,
I've polished up WAMP-CRA in Crossbar.io
[https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication](https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication)
<[https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication](https://github.com/crossbario/crossbar/wiki/WAMP-CRA-Authentication)>
and added 2 application templates:
1)
WAMP-CRA with static credentials (from node config):
crossbar init --template authenticate:wampcra
2)
WAMP-CRA with dynamic credentials (from calling an app procedure):
crossbar init --template authenticate:wampcradynamic
==
Any kind of testing would be highly welcome! Well, feedback also of
course;)
Cheers,
/Tobias
Note: Code is on trunk still (will be in next release).

You received this message because you are subscribed to the Google

Groups “Autobahn” group.

To unsubscribe from this group and stop receiving emails from it, send

an email to autobahnws+...@googlegroups.com

mailto:autobahnws+unsub...@googlegroups.com.

To post to this group, send email to auto...@googlegroups.com

mailto:autob...@googlegroups.com.

To view this discussion on the web visit

https://groups.google.com/d/msgid/autobahnws/29700bc8-b89a-41fb-9bab-68ce1fca8bdc%40googlegroups.com

<https://groups.google.com/d/msgid/autobahnws/29700bc8-b89a-41fb-9bab-68ce1fca8bdc%40googlegroups.com?utm_medium=email&utm_source=footer>.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#5

I got the nodejs version installed and running, and for the most part I understand what is going on. But I have a couple of questions.

Is it possible to send more info in the connection object? I have a multi-tenant app and to follow your example of having a standalone process to do the authentication I would need to know the tenant. If not, then I can have one auth process for each tenant, or merge the auth process into the backend process where I have one for each tenant.

When a call is made to a backend function how do I know who the caller is? There’s a third argument ‘extra’ to a called function (args, kwargs, extra), that has
{caller: undefined, progress: null}

Thanks!

0 Likes

#6

You can use an option call {disclose_me: true}. Example: sess.call(‘com.base.requestGuestAccount’,[], {},{disclose_me: true})

···

On Friday, 21 November 2014 15:24:50 UTC, Greg Miller wrote:

I got the nodejs version installed and running, and for the most part I understand what is going on. But I have a couple of questions.

Is it possible to send more info in the connection object? I have a multi-tenant app and to follow your example of having a standalone process to do the authentication I would need to know the tenant. If not, then I can have one auth process for each tenant, or merge the auth process into the backend process where I have one for each tenant.

When a call is made to a backend function how do I know who the caller is? There’s a third argument ‘extra’ to a called function (args, kwargs, extra), that has
{caller: undefined, progress: null}

Thanks!

0 Likes