I am evaluating multiple C/C++ clients for RabbitMQ mesasging broker. We have gone through SimpleAmqpClient, AMQP-CPP and now evaluating Apache QPID. The deployment setup contains a RabbitMQ broker v3.6.12(with rabbitmq-amqp1.0 plugin enabled) and a QPID C++ client.
Does QPID C++ client support SSL based channel encryption and also authentication to the broker? I have gone through the documentation but I did not find a concrete example of SSL based channel encryption using QPID C++ client. However, I found examples for Java clients.
I recommend using the Qpid Proton C++ API. There's another C++ API at Qpid called "Qpid Messaging", but Proton is the better choice for new work.
The Qpid APIs in general support SSL encryption, often by using a connection URL with an "amqps:" scheme, or sometimes by setting a connection option. The Proton C++ API uses the former approach.
struct your_handler : public proton::messaging_handler {
void on container_start(proton::container& cont) override {
cont.connect("amqps://example.org");
}
};
Here are some Proton C++ examples that address more advanced SSL scenarios:
http://qpid.apache.org/releases/qpid-proton-0.22.0/proton/cpp/examples/ssl.cpp.html
http://qpid.apache.org/releases/qpid-proton-0.22.0/proton/cpp/examples/ssl_client_cert.cpp.html
Related
Is it possible with Qt to upgrade a HTTP connection that handles the normal HTTP requests to a Websocket with the same connection?
I'm thinking about something like this with Poco libraries, but all done in Qt similar to QtWebApp.
The simple answer is no and that is mostly because of specifics of the server side. And Qt just follows the protocol available and exposed by the server (HTTP/WebSocket) as mostly the client-side development framework and AFAIK won't be able to do the kind of transformation you want of going from HTTP to Websocket that are two different protocols. But of course, theoretically that can be done as long as both protocols able to use IP port 80. But that implies new unique sever and new unique client implementations.
We use both WebSocket and REST in our app. And WebSocket is for triggering the client by the server to do something. Client gets the "poke" from the server and starts normal JSON HTTP-based exchange with the server.
Somewhat relative link: https://softwareengineering.stackexchange.com/questions/276253/mixing-rest-and-websocket-in-the-same-api
I've a question for you.
I have to implement a queue governing the accesses to a database on Server.
The Server is in PHP and MySQL. I implemented an Android app to send and store data into DB by WebServices with HTTP Requests.
I thought to use the Mosquitto broker to implement the aforementioned "accessed queue".
First, can I use Mosquitto for this purpose? Furthermore, is it necessary to parse the HTTP Requests in the MQTT Requests and viceversa?
I'm new in MQTT. I know how it works but i don't know how implementing it. Examples in this regard are welcome! :-)
Sorry for my bad English. Thanks a lot!
You should think of MQTT as an alternative for your WebServices implementation.
Typically in MQTT your server will implement an MQTT client library (See a list here) that will subscribe (or publish) to the topics in your Mosquitto broker that your Android App will publish (or subscribe) to.
At the same time your Android App will implement an MQTT client library (Such as Eclipse Paho Android Service) to subscribe (or publish) to the topics in the same Mosquitto broker.
I am writing an app on Thrift and webservice deployed on Websphere. Thrift client will be calling thrift server which inturn make a webservice call to webservice deployed on websphere.
Where will I host Thrift server implementation since it will be standalone app? Can it be started before/on startup of Websphere app server?
Shall I run Thrift as a standalone and then how will Thrift server get the common VOs being shared between Thrift server (which is client to webservice) and server(webservice hosted on Websphere)?
What should be right approach in this case since Thrift will be opening a socket which is making a websphere call even though both servers are collocated?
Is it safe to use sockets as a medium of rmi/rpc instead of http? What will be security loopholes since port will be opened for communication?
Thanks.
Quick reply will be highly appreciated.
Thrift service might be implemented either as a standalone application or as an webapp running on the same app server. In latter case thrift service doesn't have to serve any http requests, it should just start thrift server on app startup/shutdown. The advantage is that you can utilize all appserver infrastructure: lifecycle, monitoring, JMX, etc.
To share VOs between two JVMs, it's usually enough to make them 'implements Serializable' and add classes to both classpaths. Sharing within single JVM is trivial. So, there should be no problems here.
Yes, socket communication is just fine, even if servers are collocated.
Yes, it is safe enough, if configured properly. Restricting access to corresponding ports with firewall is probably the easiest.
I am working private network.This alread developped product which implemented using TCP(client server technology).
Existing product is as follows
There is a UI which is developed using flex, where user can see video or snapshot
There is a server which is developed using c++,which redirects request from UI to gateway.
There is gateway which is connected with the Camera,which stream video to UI through server.
Now we wanted to add p2p technology to existing client server.So it will support TCP as Well As UDP.
Presently we are exploring flex and XMPP to implement the p2p.
as newer version flex of flex support p2p using RTMFP, but thats the propriety protocol of adobe.if we use RTMFP we need to change all the existing code that we dont want
I wanted to implemented to p2p using flex client(UI) which will use XMPP to communicate with Gateway and Server.
So the question is
Is it possible to use XMPP from flex code
Will XMPP support UDP p2p or not.
Yes. You can use the as3xmpp library to communicate to servers using that protocol.
To my knowledge, no. My understanding is that the network protocol used in p2p connections is internalized, and doesn't allow for public APIs to define their own network protocol (unlike Sockets for example).
I am pretty new to security aspect of application. I have a C++ window service (server) that listens to a particular port for http requests. The http requests can be made via ajax or C# client. Due to some scope change now we have to secure this communication between the clients and custom server written in C++.
Therefore i am looking for options to secure this communication. Can someone help me out with the possible approaches i can take to achieve this.
Thanks
Dpak
Given that you have an existing HTTP server (non-IIS) and you want to implement HTTPS (which is easy to screw up and hard to get right), you have a couple of options:
Rewrite your server as a COM object, and then put together an IIS webservice that calls your COM object to implement the webservice. With this done, you can then configure IIS to provide your webservice via HTTP and HTTPS.
Install a proxy server (Internet Security and Acceleration Server or Apache with mod_proxy) on the same host as your existing server and setup the proxy server to listen via HTTPS and then reverse proxy the requests to your service.
The second option requires little to no changes to your application; the first option is the better long-term architectural move.
Use HTTPS.
A good toolkit for securing your communication channel is OpenSSL.
That said, even with a toolkit, there are plenty of ways to make mistakes when implementing your security layer that can leave your data open to attack. You should consider using an existing https server and having it forward the requests to your server on the loopback channel.
It's reasonably easy to do this using either OpenSSL or Microsoft's SChannel SSPI interface.
How complex it is for you depends on how you've structured your server. If it's a traditional style BSD sockets 'select' type server then it should be fairly straight forward to take the examples from either OpenSSL or SChannel and get something working pretty quickly.
If you're using a more complex server design (async sockets, IOCP, etc) then it's a bit more work as the examples don't tend to show these things. I wrote an article for Windows Developer Magazine back in 2002 which is available here which shows how to use OpenSSL with async sockets and this code can be used to work with overlapped I/O and IOCP based servers if you need to.