W.Applications.M.P, Applicarions=Agents - where PRINCIPALS?

#1
 [2, 3251278072152162,
{
"authid": "peter",
"authrole": "user",
"authmethod": "wampcra",
"authprovider": "userdb",
"roles": ...
}
]

really missing principals

{
"authid": "app23",
"principals":["peter"], ["vasya"]
 "authrole": "cli.web.user",
"authmethod": "wampcra",
"authprovider": "userdb"
           "roles": ...
}

I hope you get the idea


need second rounds  of autentification to add principals to wampclient,
and rpc to kill principals:

wamp.session.kill_principal
arguments
authid:id or session:sessionid and principal:peter
router remove principal,
send ???welcome???  or anather message to wampclient, with new session meta
return - ok

how to organize the second rounds  of autentification
- not always and not everyone needs the principals, so to break the existing authentication scheme is not necessary
- the second circles the authorization must follow the first, does not make sense to add of the principal is not the authorized client
- cannot add principal to the client if the client is anonymous
- the authentication principal must be look as a common authentication
- if we do authentication via rpc, then perhaps there is a chance that when multirouter scheme, the procedure will intercept a great router from the router in which the registered client

Tobias, what is your opinion on this matter



0 Likes

#2

Anybody it is not necessary to separate the authorization wamp clients and aplication clients???
let’s discuss solutions, e.g. do

wamp client authorization based on transport

aplication clients authorization based on realam

what other options might there be?

0 Likes