[clug] authenticated RPC

tmc at vandradlabs.com.au tmc at vandradlabs.com.au
Wed Sep 10 20:06:35 MDT 2014

 Hi all

> On Wed, 10 Sep 2014 02:38:51 PM jm wrote:
>> Are there any RPC protocols out there that have
>> authentication/aothorisation built in? It seem to have been over looked
>> in every one I've looked at. I'm using python to write some middle ware
>>> to sit between a django front end on one server and a privileged
>> service
>> on another, exposing a limited set of functionality. While I'll be
>> locking it down to only one or two IP addresses I'd still prefer to
>> have
>> the extra level of protection of authentication. Not just as a mean of
>> defence in depth, but also to stop other things on the front end server
>> from having access or to change what functionality is available
>> depending on the user.
> Maybe something like Apache Etch would be a good fit?
> http://etch.apache.org/index.html
> TLS/SSL is one transport option, with password based authn possible
> within
> that.
> Note: Looked at it, but not tried it.

 if you do TLS, then you could do client certificate validation against a
 known fingerprint, instead of a password. Depends on your application.

> Tomasz

More information about the linux mailing list