auth.ioloop¶
IOLoopAuthenticator¶
-
class
zmq.auth.ioloop.IOLoopAuthenticator(context=None, encoding='utf-8', log=None, io_loop=None)¶ ZAP authentication for use in the tornado IOLoop
-
allow(*addresses)¶ Allow (whitelist) IP address(es).
Connections from addresses not in the whitelist will be rejected.
- For NULL, all clients from this address will be accepted.
- For real auth setups, they will be allowed to continue with authentication.
whitelist is mutually exclusive with blacklist.
-
configure_curve(domain='*', location=None)¶ Configure CURVE authentication for a given domain.
CURVE authentication uses a directory that holds all public client certificates, i.e. their public keys.
To cover all domains, use “*”.
You can add and remove certificates in that directory at any time.
To allow all client keys without checking, specify CURVE_ALLOW_ANY for the location.
-
configure_gssapi(domain='*', location=None)¶ Configure GSSAPI authentication
Currently this is a no-op because there is nothing to configure with GSSAPI.
-
configure_plain(domain='*', passwords=None)¶ Configure PLAIN authentication for a given domain.
PLAIN authentication uses a plain-text password file. To cover all domains, use “*”. You can modify the password file at any time; it is reloaded automatically.
-
deny(*addresses)¶ Deny (blacklist) IP address(es).
Addresses not in the blacklist will be allowed to continue with authentication.
Blacklist is mutually exclusive with whitelist.
-
handle_zap_message(msg)¶ Perform ZAP authentication
-
start()¶ Start ZAP authentication
-
stop()¶ Stop ZAP authentication
-