I am writing a simple distributed system in drb. I have all the peers,
and one server to do the bootstrapping. In that server, I have a few
methods like “suggest_peer”, and “start_service” and “stop_service”.
When a peer connects to the server, he is able to call all three
methods. I want him to be able to call only the first one.
Also,I have a file that initializes the server, and has a little cmd
line so I can start the service, debug, log and all that. I want that
cmd line to be able to call the second and third methods, as well as the
first one.
How can I do that? How can I prevent peers from stopping the service?
If I put the service methods as private, I can’t call them from the cmd
line.
Thanks
Pavlos Vin wrote in post #1006186:
I am writing a simple distributed system in drb. I have all the peers,
and one server to do the bootstrapping. In that server, I have a few
methods like “suggest_peer”, and “start_service” and “stop_service”.
When a peer connects to the server, he is able to call all three
methods. I want him to be able to call only the first one.
Also,I have a file that initializes the server, and has a little cmd
line
A file has a command line? What does that mean?
7stud – wrote in post #1006249:
Pavlos Vin wrote in post #1006186:
I am writing a simple distributed system in drb. I have all the peers,
and one server to do the bootstrapping. In that server, I have a few
methods like “suggest_peer”, and “start_service” and “stop_service”.
When a peer connects to the server, he is able to call all three
methods. I want him to be able to call only the first one.
Also,I have a file that initializes the server, and has a little cmd
line
A file has a command line? What does that mean?
sorry… i meant i have a program.
I have server.rb which is the class, and a run-server.rb which provides
a nice front end, from where i can start and stop the server, save some
info etc.
I want to be able to start and stop the service of the server from that
front end, but I want the peers that connect to the server to not be
able to stop the service.
Can I somehow put restrictions on those methods?
Sure.
class Service
def suggest_peer
puts ‘suggest_peer’
end
def start_service
puts ‘start_service’
end
def stop_service
puts ‘stop_service’
end
end
class MethodAccessProxy
def initialize(service)
@service = service
end
def suggest_peer
@service.suggest_peer
end
def start_service(password)
check_access
@service.start_service
end
def stop_service(password)
check_access
@service.stop_service
end
def check_access
#identify client
if <client doesn’t have access>
raise “Illegal Access: get lost.”
end
end
end
7stud – wrote in post #1006452:
Sure.
…
def check_access
#identify client
if <client doesn’t have access>
raise “Illegal Access: get lost.”
end
end
7stud: that’s not a helpful answer. He was asking for exactly how to
determine the client identity when receiving a DRb method call, which
you haven’t shown. If you don’t know, then better to say nothing.
Pavlos: one option is to start two different DRb services, implementing
different methods and listening on different ports, and then use a DRb
ACL to restrict access to one of them.
The ACL class is in /usr/lib/ruby/1.8/drb/acl.rb or wherever it is on
your system. To use it, instantiate this class and pass it as a :tcp_acl
parameter to DRbServer.new, or call DRbServer.default_acl(acl) first.
You can see this in drb/drb.rb.
Looking through the drb.rb code, I think it may also be possible to do
something like this in your DRb method:
Thread.current[‘DRb’][‘client’].peeraddr[3]
to determine who is talking to you. But this is untested, you’ll need to
play with it.
HTH,
Brian.