Crossbar.io & PHP

#1

Hi All,

We have a current setup in production using Ratchet PHP, ZeroMQ & Autobahn JS however it’s WAMPv1 and we have issues with Autobahn loosing connection, especially in Chrome (I posted a few days back).

Recently, I’ve been investigating crossbar.io and have a few of the examples setup. But i’m wondering if what I’m attempting to do is feesible with crossbar?

Our production setup at the moment revolves around a number of internal PHP components that push messages to our Ratchet installation along with a topic identifier. External clients then connect with AutobahnJS and Subscribe only to various topics. We don’t accept any Publish messages from external clients.

What would be the best way to replicate this with crossbar?

Thanks

0 Likes

#2

Hi Jason,

Hi All,

We have a current setup in production using Ratchet PHP, ZeroMQ &
Autobahn JS however it's WAMPv1 and we have issues with Autobahn loosing
connection, especially in Chrome (I posted a few days back).

Recently, I've been investigating crossbar.io and have a few of the
examples setup. But i'm wondering if what I'm attempting to do is
feesible with crossbar?

Absolutely. This is 1 scenario that we want to support with Crossbar: JS/Browser + all backend components in PHP.

Crossbar will also be happy to start/monitor your PHP components, but it's not a requirement. You can start them also yourself (e.g. using OS boot scripts etc).

Our production setup at the moment revolves around a number of internal
PHP components that push messages to our Ratchet installation along with
a topic identifier. External clients then connect with AutobahnJS and

There are 2 options here:

You can have the PHP application components use Thruway (https://github.com/voryx/Thruway) to hook them up via WAMP2 to Crossbar. This allows you to use all 4 interactions in your PHP component (call/register/publish/subscribe).

You can also use the "HTTP Push Bridge" built into Crossbar. Using this, you can publish events by doing a plain old HTTP/POST.

https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service

E.g. this can be used when PHP runs not under React, but say plain old mod_php. But it's "publish-only" (no call/register/subscribe).

Subscribe only to various topics. We don't accept any Publish messages
from external clients.

Please see:

https://github.com/crossbario/crossbar/wiki/Authorization

The simple static authorization would be enough in your use case:

Have the browsers connect with role "frontend" and only be allowed to subscribe. Have the backend components connect as role "backend" with extended permissions.

NOTE: Above authorization feature is not yet implemented in Crossbar - it's high prio, but not yet here _today_.

What would be the best way to replicate this with crossbar?

Implementing your PHP app components via Thruway will give you the most flexibility / power. If you only ever need "push", using the HTTP Push Bridge is also fine.

Hope this helps .. feel free to ask more!

/Tobias

···

Am 08.07.2014 16:04, schrieb Jason Yates:

Thanks

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com
<mailto:autobahnws+...@googlegroups.com>.
To post to this group, send email to autob...@googlegroups.com
<mailto:autob...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com
<https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes

#3

Tobias,

Thanks for the fast response!

The HTTP Push Bridge sounds perfect for what we need, our internal components only need to push data out to clients.

Is there any other option for the frontend clients to block them publishing? Our clients have no need at all to ever publish messages, they simply listen for updates. Whilst I can obviously not include any frontend code for publishing, it doesn’t stop a malicious user from hacking around and managing it. It’s kind of a killer feature for us.

I may have missed a section of the documentation, but do you have any performance stats? We push around 10 messages a second at peak and we have huge issues with Ratchet at AutobahnJS (WAMPv1) and clients disconnecting and having to refresh. Crossbar seems a far more robust solution so I’m hoping it will give us a huge boost in performance.

Thanks

···

On Tuesday, July 8, 2014 3:42:26 PM UTC+1, Tobias Oberstein wrote:

Hi Jason,

Am 08.07.2014 16:04, schrieb Jason Yates:

Hi All,

We have a current setup in production using Ratchet PHP, ZeroMQ &

Autobahn JS however it’s WAMPv1 and we have issues with Autobahn loosing

connection, especially in Chrome (I posted a few days back).

Recently, I’ve been investigating crossbar.io and have a few of the

examples setup. But i’m wondering if what I’m attempting to do is

feesible with crossbar?

Absolutely. This is 1 scenario that we want to support with Crossbar:
JS/Browser + all backend components in PHP.

Crossbar will also be happy to start/monitor your PHP components, but
it’s not a requirement. You can start them also yourself (e.g. using OS
boot scripts etc).

Our production setup at the moment revolves around a number of internal

PHP components that push messages to our Ratchet installation along with

a topic identifier. External clients then connect with AutobahnJS and

There are 2 options here:

You can have the PHP application components use Thruway
(https://github.com/voryx/Thruway) to hook them up via WAMP2 to
Crossbar. This allows you to use all 4 interactions in your PHP
component (call/register/publish/subscribe).

You can also use the “HTTP Push Bridge” built into Crossbar. Using this,
you can publish events by doing a plain old HTTP/POST.

https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service

E.g. this can be used when PHP runs not under React, but say plain old
mod_php. But it’s “publish-only” (no call/register/subscribe).

Subscribe only to various topics. We don’t accept any Publish messages

from external clients.

Please see:

https://github.com/crossbario/crossbar/wiki/Authorization

The simple static authorization would be enough in your use case:

Have the browsers connect with role “frontend” and only be allowed to
subscribe. Have the backend components connect as role “backend” with
extended permissions.

NOTE: Above authorization feature is not yet implemented in Crossbar -
it’s high prio, but not yet here today.

What would be the best way to replicate this with crossbar?

Implementing your PHP app components via Thruway will give you the most
flexibility / power. If you only ever need “push”, using the HTTP Push
Bridge is also fine.

Hope this helps … feel free to ask more!

/Tobias

Thanks

You received this message because you are subscribed to the Google

Groups “Autobahn” group.

To unsubscribe from this group and stop receiving emails from it, send

an email to autobahnws+...@googlegroups.com

mailto:autobahnws+unsub...@googlegroups.com.

To post to this group, send email to auto...@googlegroups.com

mailto:autob...@googlegroups.com.

To view this discussion on the web visit

https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com

<https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer>.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#4

Jason,

Tobias,

Thanks for the fast response!

The HTTP Push Bridge sounds perfect for what we need, our internal
components only need to push data out to clients.

Alright. Then it'll only get easier for you, since you don't need any kind of WAMP implementation in your PHP at all!

Is there any other option for the frontend clients to block them
publishing? Our clients have no need at all to ever publish messages,

Not today. As mentioned, implementing the authorization scheme as outlined in Crossbar is high prio. We are resource constrained. If you really need it urgently, you can throw money at us and you'll have it in a week (yes, we do need to eat also;)

they simply listen for updates. Whilst I can obviously not include any
frontend code for publishing, it doesn't stop a malicious user from
hacking around and managing it. It's kind of a killer feature for us.

I perfectly understand the need for this authorization .. no question.

I may have missed a section of the documentation, but do you have any
performance stats? We push around 10 messages a second at peak and we

10/sec .. that's .. nothing;)

Crossbar will dispatch like

"1,000 PubSub events/sec with 32+ bytes payload to 1,000 subscribers with average latency of 25 ms at a CPU load of 65%."

on a RaspberryPi!

http://tavendo.com/blog/post/autobahn-pi-benchmark/

have huge issues with Ratchet at AutobahnJS (WAMPv1) and clients
disconnecting and having to refresh. Crossbar seems a far more robust
solution so I'm hoping it will give us a huge boost in performance.

I'd expect that. Yes. Running Crossbar on any kind of small x86 server thing under PyPy/Twisted will go a looong way before you run into performance issues.

Given that we will have scale-out to multiple nodes with Crossbar also, you have "piece in mind" even then. But I doubt you need that for the numbers you push.

It's often underestimated what efficiently designed networking software can do when running on modern hardware .. a single Xeon core has so much steam that it's often able to saturate a 10GbE link ..

Cheers,
/Tobias

···

Am 08.07.2014 16:52, schrieb Jason Yates:

Thanks

On Tuesday, July 8, 2014 3:42:26 PM UTC+1, Tobias Oberstein wrote:

    Hi Jason,

    Am 08.07.2014 16:04, schrieb Jason Yates:
     > Hi All,
     >
     > We have a current setup in production using Ratchet PHP, ZeroMQ &
     > Autobahn JS however it's WAMPv1 and we have issues with Autobahn
    loosing
     > connection, especially in Chrome (I posted a few days back).
     >
     > Recently, I've been investigating crossbar.io
    <http://crossbar.io> and have a few of the
     > examples setup. But i'm wondering if what I'm attempting to do is
     > feesible with crossbar?

    Absolutely. This is 1 scenario that we want to support with Crossbar:
    JS/Browser + all backend components in PHP.

    Crossbar will also be happy to start/monitor your PHP components, but
    it's not a requirement. You can start them also yourself (e.g. using OS
    boot scripts etc).

     >
     > Our production setup at the moment revolves around a number of
    internal
     > PHP components that push messages to our Ratchet installation
    along with
     > a topic identifier. External clients then connect with AutobahnJS
    and

    There are 2 options here:

    You can have the PHP application components use Thruway
    (https://github.com/voryx/Thruway
    <https://github.com/voryx/Thruway>) to hook them up via WAMP2 to
    Crossbar. This allows you to use all 4 interactions in your PHP
    component (call/register/publish/subscribe).

    You can also use the "HTTP Push Bridge" built into Crossbar. Using
    this,
    you can publish events by doing a plain old HTTP/POST.

    https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service
    <https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service>

    E.g. this can be used when PHP runs not under React, but say plain old
    mod_php. But it's "publish-only" (no call/register/subscribe).

     > Subscribe only to various topics. We don't accept any Publish
    messages
     > from external clients.

    Please see:

    https://github.com/crossbario/crossbar/wiki/Authorization
    <https://github.com/crossbario/crossbar/wiki/Authorization>

    The simple static authorization would be enough in your use case:

    Have the browsers connect with role "frontend" and only be allowed to
    subscribe. Have the backend components connect as role "backend" with
    extended permissions.

    NOTE: Above authorization feature is not yet implemented in Crossbar -
    it's high prio, but not yet here _today_.

     >
     > What would be the best way to replicate this with crossbar?

    Implementing your PHP app components via Thruway will give you the most
    flexibility / power. If you only ever need "push", using the HTTP Push
    Bridge is also fine.

    Hope this helps .. feel free to ask more!

    /Tobias

     >
     > Thanks
     >
     > --
     > You received this message because you are subscribed to the Google
     > Groups "Autobahn" group.
     > To unsubscribe from this group and stop receiving emails from it,
    send
     > an email to autobah...@googlegroups.com <javascript:>
     > <mailto:autobahnws+...@googlegroups.com <javascript:>>.
     > To post to this group, send email to auto...@googlegroups.com
    <javascript:>
     > <mailto:auto...@googlegroups.com <javascript:>>.
     > To view this discussion on the web visit
     >
    https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com>

     >
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer>>.

     > For more options, visit https://groups.google.com/d/optout
    <https://groups.google.com/d/optout>.

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com
<mailto:autobahnws+...@googlegroups.com>.
To post to this group, send email to autob...@googlegroups.com
<mailto:autob...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com
<https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes

#5

Hi Tobias,

Do you have an email address I can contact you on regarding having the authorization component included ASAP?

I’ve managed to get a basic development environment setup with the HTTP pusher already and so far it seems to work well. The only other issue I have at the moment (besides authorization) is that I don’t need crossbar to serve any content but it appears I have to have the web part active. Short of just serving an empty index.html, is there any other way to disable it?

Thanks

···

On Tuesday, July 8, 2014 4:08:20 PM UTC+1, Tobias Oberstein wrote:

Jason,

Am 08.07.2014 16:52, schrieb Jason Yates:

Tobias,

Thanks for the fast response!

The HTTP Push Bridge sounds perfect for what we need, our internal

components only need to push data out to clients.

Alright. Then it’ll only get easier for you, since you don’t need any
kind of WAMP implementation in your PHP at all!

Is there any other option for the frontend clients to block them

publishing? Our clients have no need at all to ever publish messages,

Not today. As mentioned, implementing the authorization scheme as
outlined in Crossbar is high prio. We are resource constrained. If you
really need it urgently, you can throw money at us and you’ll have it in
a week (yes, we do need to eat also;)

they simply listen for updates. Whilst I can obviously not include any

frontend code for publishing, it doesn’t stop a malicious user from

hacking around and managing it. It’s kind of a killer feature for us.

I perfectly understand the need for this authorization … no question.

I may have missed a section of the documentation, but do you have any

performance stats? We push around 10 messages a second at peak and we

10/sec … that’s … nothing;)

Crossbar will dispatch like

“1,000 PubSub events/sec with 32+ bytes payload to 1,000 subscribers
with average latency of 25 ms at a CPU load of 65%.”

on a RaspberryPi!

http://tavendo.com/blog/post/autobahn-pi-benchmark/

have huge issues with Ratchet at AutobahnJS (WAMPv1) and clients

disconnecting and having to refresh. Crossbar seems a far more robust

solution so I’m hoping it will give us a huge boost in performance.

I’d expect that. Yes. Running Crossbar on any kind of small x86 server
thing under PyPy/Twisted will go a looong way before you run into
performance issues.

Given that we will have scale-out to multiple nodes with Crossbar also,
you have “piece in mind” even then. But I doubt you need that for the
numbers you push.

It’s often underestimated what efficiently designed networking software
can do when running on modern hardware … a single Xeon core has so much
steam that it’s often able to saturate a 10GbE link …

Cheers,

/Tobias

Thanks

On Tuesday, July 8, 2014 3:42:26 PM UTC+1, Tobias Oberstein wrote:

Hi Jason,
Am 08.07.2014 16:04, schrieb Jason Yates:
 > Hi All,
 >
 > We have a current setup in production using Ratchet PHP,  ZeroMQ &
 > Autobahn JS however it's WAMPv1 and we have issues with Autobahn
loosing
 > connection, especially in Chrome (I posted a few days back).
 >
 > Recently, I've been investigating [crossbar.io](http://crossbar.io)
<[http://crossbar.io](http://crossbar.io)> and have a few of the
 > examples setup. But i'm wondering if what I'm attempting to do is
 > feesible with crossbar?
Absolutely. This is 1 scenario that we want to support with Crossbar:
JS/Browser + all backend components in PHP.
Crossbar will also be happy to start/monitor your PHP components, but
it's not a requirement. You can start them also yourself (e.g. using OS
boot scripts etc).
 >
 > Our production setup at the moment revolves around a number of
internal
 > PHP components that push messages to our Ratchet installation
along with
 > a topic identifier. External clients then connect with AutobahnJS
and
There are 2 options here:
You can have the PHP application components use Thruway
([https://github.com/voryx/Thruway](https://github.com/voryx/Thruway)
<[https://github.com/voryx/Thruway](https://github.com/voryx/Thruway)>) to hook them up via WAMP2 to
Crossbar. This allows you to use all 4 interactions in your PHP
component (call/register/publish/subscribe).
You can also use the "HTTP Push Bridge" built into Crossbar. Using
this,
you can publish events by doing a plain old HTTP/POST.
[https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service](https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service)
<[https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service](https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service)>
E.g. this can be used when PHP runs not under React, but say plain old
mod_php. But it's "publish-only" (no call/register/subscribe).
 > Subscribe only to various topics. We don't accept any Publish
messages
 > from external clients.
Please see:
[https://github.com/crossbario/crossbar/wiki/Authorization](https://github.com/crossbario/crossbar/wiki/Authorization)
<[https://github.com/crossbario/crossbar/wiki/Authorization](https://github.com/crossbario/crossbar/wiki/Authorization)>
The simple static authorization would be enough in your use case:
Have the browsers connect with role "frontend" and only be allowed to
subscribe. Have the backend components connect as role "backend" with
extended permissions.
NOTE: Above authorization feature is not yet implemented in Crossbar -
it's high prio, but not yet here _today_.
 >
 > What would be the best way to replicate this with crossbar?
Implementing your PHP app components via Thruway will give you the most
flexibility / power. If you only ever need "push", using the HTTP Push
Bridge is also fine.
Hope this helps .. feel free to ask more!
/Tobias
 >
 > Thanks
 >
 > --
 > You received this message because you are subscribed to the Google
 > Groups "Autobahn" group.
 > To unsubscribe from this group and stop receiving emails from it,
send
 > an email to autobahnws+...@googlegroups.com <javascript:>
 > <mailto:autobahnws+unsub...@googlegroups.com <javascript:>>.
 > To post to this group, send email to auto...@googlegroups.com
<javascript:>
 > <mailto:autob...@googlegroups.com <javascript:>>.
 > To view this discussion on the web visit
 >
[https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com](https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com)
<[https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com](https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com)>
 >
<[https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer](https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer)
<[https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer](https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer)>>.
 > For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout)
<[https://groups.google.com/d/optout](https://groups.google.com/d/optout)>.

You received this message because you are subscribed to the Google

Groups “Autobahn” group.

To unsubscribe from this group and stop receiving emails from it, send

an email to autobahnws+...@googlegroups.com

mailto:autobahnws+unsub...@googlegroups.com.

To post to this group, send email to auto...@googlegroups.com

mailto:autob...@googlegroups.com.

To view this discussion on the web visit

https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com

<https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com?utm_medium=email&utm_source=footer>.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#6

Hi Tobias,

Do you have an email address I can contact you on regarding having
the authorization component included ASAP?

Please contact me at: tobias dot oberstein at tavendo dot de

I've managed to get a basic development environment setup with the HTTP
pusher already and so far it seems to work well. The only other issue I
have at the moment (besides authorization) is that I don't need crossbar
to serve any content but it appears I have to have the web part active.

Yep, for convenience reasons, the example pusher configuration of Crossbar starts a static Web server also. That's not required for the bridge.

Short of just serving an empty index.html, is there any other way to
disable it?

I need to enable this option (https://github.com/crossbario/crossbar/issues/88), which is trivial - I do that later right away.

Then you can just run the HTTP bridge and nothing else.

/Tobias

···

Am 08.07.2014 17:32, schrieb Jason Yates:

Thanks

On Tuesday, July 8, 2014 4:08:20 PM UTC+1, Tobias Oberstein wrote:

    Jason,

    Am 08.07.2014 16:52, schrieb Jason Yates:
     > Tobias,
     >
     > Thanks for the fast response!
     >
     > The HTTP Push Bridge sounds perfect for what we need, our internal
     > components only need to push data out to clients.

    Alright. Then it'll only get easier for you, since you don't need any
    kind of WAMP implementation in your PHP at all!

     >
     > Is there any other option for the frontend clients to block them
     > publishing? Our clients have no need at all to ever publish
    messages,

    Not today. As mentioned, implementing the authorization scheme as
    outlined in Crossbar is high prio. We are resource constrained. If you
    really need it urgently, you can throw money at us and you'll have
    it in
    a week (yes, we do need to eat also;)

     > they simply listen for updates. Whilst I can obviously not
    include any
     > frontend code for publishing, it doesn't stop a malicious user from
     > hacking around and managing it. It's kind of a killer feature for
    us.

    I perfectly understand the need for this authorization .. no question.

     >
     > I may have missed a section of the documentation, but do you have
    any
     > performance stats? We push around 10 messages a second at peak
    and we

    10/sec .. that's .. nothing;)

    Crossbar will dispatch like

    "1,000 PubSub events/sec with 32+ bytes payload to 1,000 subscribers
    with average latency of 25 ms at a CPU load of 65%."

    on a RaspberryPi!

    http://tavendo.com/blog/post/autobahn-pi-benchmark/
    <http://tavendo.com/blog/post/autobahn-pi-benchmark/>

     > have huge issues with Ratchet at AutobahnJS (WAMPv1) and clients
     > disconnecting and having to refresh. Crossbar seems a far more
    robust
     > solution so I'm hoping it will give us a huge boost in performance.

    I'd expect that. Yes. Running Crossbar on any kind of small x86 server
    thing under PyPy/Twisted will go a looong way before you run into
    performance issues.

    Given that we will have scale-out to multiple nodes with Crossbar also,
    you have "piece in mind" even then. But I doubt you need that for the
    numbers you push.

    It's often underestimated what efficiently designed networking software
    can do when running on modern hardware .. a single Xeon core has so
    much
    steam that it's often able to saturate a 10GbE link ..

    Cheers,
    /Tobias

     >
     > Thanks
     >
     > On Tuesday, July 8, 2014 3:42:26 PM UTC+1, Tobias Oberstein wrote:
     >
     > Hi Jason,
     >
     > Am 08.07.2014 16:04, schrieb Jason Yates:
     > > Hi All,
     > >
     > > We have a current setup in production using Ratchet PHP,
      ZeroMQ &
     > > Autobahn JS however it's WAMPv1 and we have issues with
    Autobahn
     > loosing
     > > connection, especially in Chrome (I posted a few days back).
     > >
     > > Recently, I've been investigating crossbar.io
    <http://crossbar.io>
     > <http://crossbar.io> and have a few of the
     > > examples setup. But i'm wondering if what I'm attempting
    to do is
     > > feesible with crossbar?
     >
     > Absolutely. This is 1 scenario that we want to support with
    Crossbar:
     > JS/Browser + all backend components in PHP.
     >
     > Crossbar will also be happy to start/monitor your PHP
    components, but
     > it's not a requirement. You can start them also yourself
    (e.g. using OS
     > boot scripts etc).
     >
     > >
     > > Our production setup at the moment revolves around a
    number of
     > internal
     > > PHP components that push messages to our Ratchet installation
     > along with
     > > a topic identifier. External clients then connect with
    AutobahnJS
     > and
     >
     > There are 2 options here:
     >
     > You can have the PHP application components use Thruway
     > (https://github.com/voryx/Thruway
    <https://github.com/voryx/Thruway>
     > <https://github.com/voryx/Thruway
    <https://github.com/voryx/Thruway>>) to hook them up via WAMP2 to
     > Crossbar. This allows you to use all 4 interactions in your PHP
     > component (call/register/publish/subscribe).
     >
     > You can also use the "HTTP Push Bridge" built into Crossbar.
    Using
     > this,
     > you can publish events by doing a plain old HTTP/POST.
     >
     > https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service
    <https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service>
     >
    <https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service
    <https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service>>
     >
     > E.g. this can be used when PHP runs not under React, but say
    plain old
     > mod_php. But it's "publish-only" (no call/register/subscribe).
     >
     > > Subscribe only to various topics. We don't accept any Publish
     > messages
     > > from external clients.
     >
     > Please see:
     >
     > https://github.com/crossbario/crossbar/wiki/Authorization
    <https://github.com/crossbario/crossbar/wiki/Authorization>
     > <https://github.com/crossbario/crossbar/wiki/Authorization
    <https://github.com/crossbario/crossbar/wiki/Authorization>>
     >
     > The simple static authorization would be enough in your use
    case:
     >
     > Have the browsers connect with role "frontend" and only be
    allowed to
     > subscribe. Have the backend components connect as role
    "backend" with
     > extended permissions.
     >
     > NOTE: Above authorization feature is not yet implemented in
    Crossbar -
     > it's high prio, but not yet here _today_.
     >
     > >
     > > What would be the best way to replicate this with crossbar?
     >
     > Implementing your PHP app components via Thruway will give
    you the most
     > flexibility / power. If you only ever need "push", using the
    HTTP Push
     > Bridge is also fine.
     >
     > Hope this helps .. feel free to ask more!
     >
     > /Tobias
     >
     > >
     > > Thanks
     > >
     > > --
     > > You received this message because you are subscribed to
    the Google
     > > Groups "Autobahn" group.
     > > To unsubscribe from this group and stop receiving emails
    from it,
     > send
     > > an email to autobah...@googlegroups.com <javascript:>
     > > <mailto:autobahnws+...@googlegroups.com
    <javascript:> <javascript:>>.
     > > To post to this group, send email to
    auto...@googlegroups.com
     > <javascript:>
     > > <mailto:auto...@googlegroups.com <javascript:>>.
     > > To view this discussion on the web visit
     > >
     >
    https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com>

     >
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com>>

     >
     > >
     >
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer>

     >
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer
    <https://groups.google.com/d/msgid/autobahnws/8a2bffac-77cb-49b9-b9af-46466934efa4%40googlegroups.com?utm_medium=email&utm_source=footer>>>.

     >
     > > For more options, visit https://groups.google.com/d/optout
    <https://groups.google.com/d/optout>
     > <https://groups.google.com/d/optout
    <https://groups.google.com/d/optout>>.
     >
     > --
     > You received this message because you are subscribed to the Google
     > Groups "Autobahn" group.
     > To unsubscribe from this group and stop receiving emails from it,
    send
     > an email to autobah...@googlegroups.com <javascript:>
     > <mailto:autobahnws+...@googlegroups.com <javascript:>>.
     > To post to this group, send email to auto...@googlegroups.com
    <javascript:>
     > <mailto:auto...@googlegroups.com <javascript:>>.
     > To view this discussion on the web visit
     >
    https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com
    <https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com>

     >
    <https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com?utm_medium=email&utm_source=footer
    <https://groups.google.com/d/msgid/autobahnws/0a1440de-7b5f-42fe-a8a4-075c10d2c3cf%40googlegroups.com?utm_medium=email&utm_source=footer>>.

     > For more options, visit https://groups.google.com/d/optout
    <https://groups.google.com/d/optout>.

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com
<mailto:autobahnws+...@googlegroups.com>.
To post to this group, send email to autob...@googlegroups.com
<mailto:autob...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autobahnws/52b3ad52-ea26-443c-b914-3a45ad83d222%40googlegroups.com
<https://groups.google.com/d/msgid/autobahnws/52b3ad52-ea26-443c-b914-3a45ad83d222%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes

#7

pusher already and so far it seems to work well. The only other issue I
have at the moment (besides authorization) is that I don't need crossbar
to serve any content but it appears I have to have the web part active.
Short of just serving an empty index.html, is there any other way to
disable it?

Alright, added that feature:

https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service#running-standalone

/Tobias

PS: You will need Crossbar trunk until we do a new release:

git clone git@github.com:crossbario/crossbar.git
cd crossbar/crossbar
python setup.py install

0 Likes

#8

Tobias,

Many thanks. That works perfectly.

I am however getting an error when I enable TLS with the following config

“tls”: {

“key”: “push.crt”,

“certificate”: “push.key”,

“dhparam”: “dhparam.pem”,

“ciphers”: “ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS”

}

014-07-08 16:18:53-0400 [Router 686] Using explicit cipher list.

2014-07-08 16:18:53-0400 [Router 686] Ok, OpenSSL Diffie-Hellman ciphers parameter file loaded.

2014-07-08 16:18:53-0400 [Router 686] Warning: OpenSSL failed to set ECDH default curve [‘Context’ object has no attribute ‘set_tmp_ecdh_curve’]

Thanks

···

On Tuesday, July 8, 2014 5:46:08 PM UTC+1, Tobias Oberstein wrote:

pusher already and so far it seems to work well. The only other issue I

have at the moment (besides authorization) is that I don’t need crossbar

to serve any content but it appears I have to have the web part active.

Short of just serving an empty index.html, is there any other way to

disable it?

Alright, added that feature:

https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service#running-standalone

/Tobias

PS: You will need Crossbar trunk until we do a new release:

git clone git@github.com:crossbario/crossbar.git

cd crossbar/crossbar

python setup.py install

0 Likes

#9

Hi Jason,

Tobias,

Many thanks. That works perfectly.

Great! That was quick.

I am however getting an error when I enable TLS with the following config

...

2014-07-08 16:18:53-0400 [Router 686] Warning: OpenSSL failed to
set ECDH default curve ['Context' object has no attribute
'set_tmp_ecdh_curve']

You mean the warning?

That means: some ciphers are not available. The elliptic curve based ones (EC**).

The reason is: Crossbar supports EC ciphers even when pyOpenSSL does not yet - but that depends on a patched pyOpenSSL.

pyOpenSSL 0.15 will officially support EC ciphers (but with a slightly different API than the patched one), Crossbar then needs to migrate to that:

https://github.com/crossbario/crossbar/issues/73

However, pyOpenSSL is not there yet:

https://github.com/pyca/pyopenssl/issues?milestone=2&state=open

Cheers,
/Tobias

···

Am 08.07.2014 22:47, schrieb Jason Yates:

0 Likes

#10

Tobias,

I’ll fire it up again shortly and grab the output but the application crashes after the ECDH warning. It won’t run with any combination of TLS configured. Is that expected based on what you said with pyOpenSSL?

Thanks

···

On Wednesday, July 9, 2014 3:54:09 PM UTC+1, Tobias Oberstein wrote:

Hi Jason,

Am 08.07.2014 22:47, schrieb Jason Yates:

Tobias,

Many thanks. That works perfectly.

Great! That was quick.

I am however getting an error when I enable TLS with the following config

2014-07-08 16:18:53-0400 [Router 686] Warning: OpenSSL failed to

set ECDH default curve [‘Context’ object has no attribute

‘set_tmp_ecdh_curve’]

You mean the warning?

That means: some ciphers are not available. The elliptic curve based
ones (EC**).

The reason is: Crossbar supports EC ciphers even when pyOpenSSL does not
yet - but that depends on a patched pyOpenSSL.

pyOpenSSL 0.15 will officially support EC ciphers (but with a slightly
different API than the patched one), Crossbar then needs to migrate to that:

https://github.com/crossbario/crossbar/issues/73

However, pyOpenSSL is not there yet:

https://github.com/pyca/pyopenssl/issues?milestone=2&state=open

Cheers,

/Tobias

0 Likes

#11

No, this is not expected.

Yes, please send the log output so we can investigate the issue ..

/Tobias

···

Am 09.07.2014 17:01, schrieb Jason Yates:

Tobias,

I'll fire it up again shortly and grab the output but the application
crashes after the ECDH warning. It won't run with any combination of TLS
configured. Is that expected based on what you said with pyOpenSSL?

0 Likes

#12

Tobias,

I’ve just tried this again and it works fine. So I’ll presume user error from before!

Thanks

···

On Wednesday, July 9, 2014 4:34:20 PM UTC+1, Tobias Oberstein wrote:

Am 09.07.2014 17:01, schrieb Jason Yates:

Tobias,

I’ll fire it up again shortly and grab the output but the application

crashes after the ECDH warning. It won’t run with any combination of TLS

configured. Is that expected based on what you said with pyOpenSSL?

No, this is not expected.

Yes, please send the log output so we can investigate the issue …

/Tobias

0 Likes

#13

Tobias,

I've just tried this again and it works fine. So I'll presume user error
from before!

Alright, great! In the meantime, I've fixed the ECDH warning.

When using Crossbar and pyOpenSSL trunk, you now have proper ECDH.

https://github.com/crossbario/crossbar/wiki/Secure-WebSocket-and-HTTPS#prerequisites-for-ec-support

···

Am 09.07.2014 22:28, schrieb Jason Yates:

Thanks

On Wednesday, July 9, 2014 4:34:20 PM UTC+1, Tobias Oberstein wrote:

    Am 09.07.2014 17:01, schrieb Jason Yates:
     > Tobias,
     >
     > I'll fire it up again shortly and grab the output but the
    application
     > crashes after the ECDH warning. It won't run with any combination
    of TLS
     > configured. Is that expected based on what you said with pyOpenSSL?

    No, this is not expected.

    Yes, please send the log output so we can investigate the issue ..

    /Tobias

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com
<mailto:autobahnws+...@googlegroups.com>.
To post to this group, send email to autob...@googlegroups.com
<mailto:autob...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/autobahnws/f4b259f0-846a-48f9-b25e-6aa44f4178f8%40googlegroups.com
<https://groups.google.com/d/msgid/autobahnws/f4b259f0-846a-48f9-b25e-6aa44f4178f8%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes