cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ian Holsman <...@holsman.net>
Subject FWD: [protobuf] Captain Proto -- A Protobuf RPC system using capability-based security
Date Tue, 22 Dec 2009 05:07:15 GMT
There was a discussion about authorization for cassandra a while back.

I thought this may be of interest. yes it is based on protobuf, but it 
should work equally as well with Thrift if someone was eager enough I 
would think.

Regards
Ian

-------- Original Message --------
Subject: 	[protobuf] Captain Proto -- A Protobuf RPC system using 
capability-based security
Date: 	Sun, 13 Dec 2009 03:18:54 -0800
From: 	Kenton Varda 
<kenton@google.com>

To: 	Protocol Buffers 
<protobuf@googlegroups.com>




Hi all,

As I've mentioned a couple times in other threads, last weekend I wrote 
up a simple RPC system based on Protocol Buffers which treats services 
as capabilities, in the sense of capability-based security.


http://en.wikipedia.org/wiki/Capability-based_security


Essentially what this means is that you can construct a service 
implementation and then embed a reference to it into an RPC message sent 
to or from some other service.  So, for instance, if a client wants a 
server to be able to make calls back to the client, it can simply send 
the server a reference to a service implemented by the client.  Or, for 
another example, a service which acts as a resource broker could grant a 
client access to a particular resource by sending it a reference to a 
service object representing that resource, to which the client can then 
make calls.  Note that a particular service object cannot be accessed 
over a particular connection until that service object has actually been 
sent in an RPC over that connection.  This property is useful for 
security, as described in the above link.

In any case, the project is called Captain Proto and can be found here:


http://code.google.com/p/capnproto/


Currently it only has Java support, though I hope it will eventually 
support other languages as well.  The wire protocol is itself defined in 
terms of protocol buffers:


http://code.google.com/p/capnproto/source/browse/proto/capnproto.proto


There is basic documentation here:


http://capnproto.googlecode.com/hg/doc/java/index.html


You can also look at the test for an example:


http://code.google.com/p/capnproto/source/browse/java/test.proto
http://code.google.com/p/capnproto/source/browse/java/Test.java


I expect the API to change quite a bit, so be warned that if you write 
code based on it, that code will have to change at some point.

Future hopes/plans:
- Improve API by taking advantage of code generator plugins.
- Define a standard "ServiceDirectory" service which can serve as the 
default service on servers that export multiple services.  The directory 
would have a method like Open() which takes the name of some particular 
service and returns a reference to the corresponding service object.
- Provide a library of capability design pattern implementations, e.g. 
the revocable membrane.
- Define a capnproto-over-HTTP protocol which can be used by AJAX clients.
- Support C++ and Python.

For the time being, this is not an official Google project.  It's just 
something I wrote for fun -- or, more accurately, to support some other 
fun stuff that I want to work on.  That said, due to the obviously wide 
applicability, I might try to make it more official at some point.

--

You received this message because you are subscribed to the Google 
Groups "Protocol Buffers" group.
To post to this group, send email to 
protobuf@googlegroups.com
.
To unsubscribe from this group, send email to 

protobuf+unsubscribe@googlegroups.com
.
For more options, visit this group at 

http://groups.google.com/group/protobuf?hl=en
.

--
Ian Holsman
Ian@Holsman.net




Mime
View raw message