Thanks for the information and helpful links Tobias!
I’ve tried implementing rlinks but I’m not sure which of my issues I’m facing are bugs or expected behaviour. Could you help me out? The only showstopper is my final point where registered methods are not recoverable after an outage.
I’m testing with a two node, one client setup each running in its own docker container:
Central CB <-- Local CB <-- Client AB
I have a “Central” crossbar node, which accepts an rlink from a “Local” crossbar node. Plus an autobahn python “Client” connected to Local
When Local starts up:
1. A number of wamp.*
calls are made from Local to Central which can get blocked by custom authorizers. Is there a list of what should be accepted by custom authorizers here?
2. Local tries to re-register Central’s custom authenticators and authorizers on Central (and fails). Why? 
When the Client registers a method via Local:
3. Local appears to register the method twice and fails the second time due to conflict, possibly it’s replicating its own registration back from Central?
When Central stops/dies:
4. Client remains connected to Local and does not see any connection issues, is that expected?
When Central recovers:
5. Local reconnects but does NOT re-register registrations made by Client previously. How should the system recover after an outage of Central?
Crossbar configs for reference:
Central config.json
{
"version": 2,
"controller": {
"id": "central"
},
"workers": [
{
"type": "router",
"options": {
"pythonpath": [
".."
]
},
"components": [
{
"type": "class",
"classname": "authenticate.Authenticator",
"realm": "office",
"role": "central"
},
{
"type": "class",
"classname": "authorize.Authorizer",
"realm": "office",
"role": "central"
}
],
"realms": [
{
"name": "office",
"roles": [
{
"name": "central",
"permissions": [
{
"uri": "central.",
"match": "prefix",
"allow": {
"register": true
}
}
]
},
{
"name": "local",
"authorizer": "central.authorize.local"
},
{
"name": "client",
"authorizer": "central.authorize.client"
}
]
}
],
"transports": [
{
"type": "web",
"endpoint": {
"type": "tcp",
"port": 8070
},
"paths": {
"rlink": {
"type": "websocket",
"auth": {
"cryptosign": {
"type": "dynamic",
"authenticator": "central.authenticate.rlink",
"authenticator-realm": "office"
}
}
},
"client": {
"type": "websocket",
"auth": {
"anonymous": {
"type": "dynamic",
"authenticator": "central.authenticate.client",
"authenticator-realm": "office"
}
}
}
}
}
]
}
]
}
Local config.json
{
"version": 2,
"controller": {
"id": "local"
},
"workers": [
{
"type": "router",
"realms": [
{
"name": "office",
"rlinks": [
{
"id": "rlink_local_central",
"authid": "local",
"realm": "office",
"transport": {
"type": "websocket",
"endpoint": {
"type": "tcp",
"host": "central",
"port": 80
},
"url": "ws://central/rlink"
}
}
],
"roles": [
{
"name": "client",
"authorizer": "central.authorize.client"
}
]
}
],
"transports": [
{
"type": "websocket",
"endpoint": {
"type": "unix",
"path": "/host/socket"
},
"auth": {
"anonymous": {
"type": "static",
"role": "client"
}
}
}
]
}
]
}