websocket - How to limit Autobahn python subscriptions on a per session basis -

-

I am using autobahnpithon on the server side and autobanges in the browser with twists and turns (vamps). Is there a straightforward way to allow / restrict membership on a per session basis? For example, a customer should not be able to subscribe to topics related to other users.

When I'm not using crossbar.io, I finally tried to use the Python code shown in the 'Examples' section An RPC call on this page was first authorized by a customer Is used to give. Of course, I am using my authorization logic. Once this Authority is successful, I want to give clients' exclusive privileges only to subscribe to related topics related to this client, like 'com.example.user_id' my problem This is that if auth passes, however, I have not found any way to limit membership requests in the AdSense session where the authorization occurs. Which client can I authorize to subscribe to 'com.example.user_b' with user_id = user_a?

You can authorize your own router by doing so, subclass router () and override (On a minumum) Authorized () method: 

  def authorize (self, session, yuri, action): back true

this method is very simple , If you return the truth, the session has the right to do what he is trying to do. You can create a rule that all subscriptions must start with 'com.example.USER_ID', so your Pyro code will split Yuri, take the third field, and compare it to the current session ID, if they are wrong otherwise . This is where things are a little weird, though. I have a code that does the same thing, here is my authorization () method: 

  @inline callback def authorized (self, session, yuri, verb): authid = session._authid if any The author is not auth: Authid = 1 log.msg ("AuthorizeRouter.authorize: {} {} {} {} {}". Format (author, session._sian_id, yuri, ii oater.action_t_STRING [action], action)) If the author ! = 1: RV = Yield itself. Check_primation (authid, uri, IRouter.ACTION_TO_STRING [verb]): rv = yield True log.msg ("AuthorizeRouter.authorize: rv {}". Format (RV)) if not uri.startswith (Self.svar [' Topic_base ']): self.sessiondb.activity (session._session_id, uri, IRouter.ACTION_TO_STRING [action], RV) Return Value (RV) Return

Note that I get _authid I take a dip in the session, which is bad karma (I think) because I should not see these private variables. I do not know where and where to get it.

In addition, the note goes hand in hand with this authentication. In my implementation, _authid is a certified user id, which is similar to a UNIX user id (positive unique integer). I am pretty sure that this can be anything like string, so if you want you should be okay with your 'user_b' as _auth_id.

-g


Comments

Post a Comment

Popular posts from this blog

apache - 504 Gateway Time-out The server didn't respond in time. How to fix it? -

-
Using a form submission on an embedded iframe , the customer downloads a compressed log file Requested. The request was sent to the server, which is the compressed log files, perform some database operations and returns a compressed file. After just 2 minutes, 504 gateway time-out server did not respond timely message on browser net panel How to fix this error? The log files were taking a long time to compress, and timeout was set to 2min The error was fixed by extending the file file: # # timeout: The number of seconds before getting the time out. # # # Timeout 120 timeout 600
Read more

c# - .net WebSocket: CloseOutputAsync vs CloseAsync -

-
We have a working ASP.NET Web API REST service, which is one of the methods of our controller, HTTPTTEX. .) Socket handler code looks something like this ... Public async task socket handler (AspNetWebSocketContext context) {_webSocket = context.WebSocket; ... while (! Cts.IsCancellationRequested) {WebSocketReceiveResult Results = _webSocket.ReceiveAsync (Input Segment, cts.Token) .Result; WebSocketsStateCollusocketState = _webSocket.State; If (result.MessageType == WebSocketMessageType.Close || currentSocketState == WebSocketState.CloseReceived) {// What should I use. CloseAysnc () or. CloseOutputAsync ()? _webSocket.CloseOutputAsync (WebSocketCloseStatus.NormalClosure, "Client Requested", cts.Token). Wait (); } If (currentSocketState == WebSocketState.Open) {...}}} .What is the difference between .CooseAsync () and CloseOutputAysnc ()? I tried both of them and they both seemed to work fine but some difference should be the same they both describe very similar to...
Read more

c++ - How to properly scale qgroupbox title with stylesheet for high resolution display? -

-
I am trying to apply a stylesheet for QGroupBox (QT4.8), which works on the normal screen ( 96 dpi) high resolution screen (Yoga 2 Pro, 3200x1800, 275 dpi, windows 8.1). The following style looks good on the 275 dpi screen, but the top margins on a regular 96 dpi screen are far too big. QGroupBox {border: 1px solid red; Range radius: 7px; Margin-top: 12x; } QGroupBox :: Title {subcontrol-origin: margin; Subcontrol-position: left above; Padding-left: 10px; Padding-right: 10px; } Changing the top-margin has an effect, but I did not get a proper setting which works on both screens. If I shorten the value, the content of the group box overlaps with the title on 275 dpi screen. I was also playing with units "East", "PX", "MX", "PT". Reading the document I would have guessed, "2 X" was the correct solution, which should be scaled with different screen resolutions. Without the stylesheet, the groupbox works well on both screens. ...
Read more