RPC asks: who is calling me?

#1

Is there a way (that I am not seeing) to allow a registered RPC to determine who is calling it? Or the role of the caller?

Thanks,
Steve

0 Likes

#2

Hi Steve, if you add the “disclose_me” option at the client end, the server will be able to see the session id, for example;

client.js

session.call(topic,[args],{},{disclose_me:true}).then(success,fail);

server.py

def topic(self, params, details):

session_id = getattr(details,‘caller’)

I think you should then be able to lookup the details you want using “wamp.session.get” meta procedure …

···

On Thursday, 24 March 2016 21:30:41 UTC, Steve Ditlinger wrote:

Is there a way (that I am not seeing) to allow a registered RPC to determine who is calling it? Or the role of the caller?

Thanks,
Steve

0 Likes

#3

Hi,

Hi Steve, if you add the "disclose_me" option at the client end, the
server will be able to see the session id, for example;

This no longer works using the current release, which now implements the revisions of the WAMP spec regarding caller/publisher disclosure.

Here is a complete example of the new way:

https://github.com/crossbario/crossbarexamples/tree/master/disclose

Note: all of session ID, authid and authrole are disclosed to the caller/subscriber.

Cheers,
/Tobias

···

Am 26.03.2016 um 04:53 schrieb Gareth Bult:

client.js
session.call(topic,[args],{},{disclose_me:true}).then(success,fail);

server.py
def topic(self, params, details):
   session_id = getattr(details,'caller')

I think you should then be able to lookup the details you want using
"wamp.session.get" meta procedure ..

On Thursday, 24 March 2016 21:30:41 UTC, Steve Ditlinger wrote:

    Is there a way (that I am not seeing) to allow a registered RPC to
    determine who is calling it? Or the role of the caller?

    Thanks,
    Steve

--
You received this message because you are subscribed to the Google
Groups "Crossbar" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to crossbario+...@googlegroups.com
<mailto:crossbario+...@googlegroups.com>.
To post to this group, send email to cross...@googlegroups.com
<mailto:cross...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/crossbario/d7702c57-fdcf-4dea-aefe-afa82635c8af%40googlegroups.com
<https://groups.google.com/d/msgid/crossbario/d7702c57-fdcf-4dea-aefe-afa82635c8af%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.

0 Likes

#4

Hi Tobias,

If there is no backwards compatibility here then this is a fairly major issue … I’m looking at the API docs and they don’t appear to have changed (?) , is there somewhere I could look to see how the new stuff works, i.e. some new API docs??

tia

0 Likes

#5

Does this configuration mean that “disclose” cannot be specified as true for roles that have a dynamic authorizer? i.e. a role cannot have both a “permissions” and an “authorizer” configuration set in the config.json

Steve

···

On Thursday, March 24, 2016 at 2:30:41 PM UTC-7, Steve Ditlinger wrote:

Is there a way (that I am not seeing) to allow a registered RPC to determine who is calling it? Or the role of the caller?

Thanks,
Steve

0 Likes