I am trying to implement a load balancing message broker using NetMQ and the Paranoid Pirate Pattern. The client communicates with the message broker via TCP over the Internet, which is why I want to implement a transport encryption and an authentication mechanism for the clients. Transport encryption seems to be possible using curve but I have no Idea how to do an authentication mechanism properly. The thing I am unsure about is how to close the connection of a client that failed the authentication.
The authentication flow should be something like this:
- Cliends sends a "HELLO" message to the load balancer. This message contains a token
- Server received the "HELLO" message, reads the token and validates it.
- If the token is valid, the load balancer responds with its own "HELLO" message, indicating to the client that he is properly authenticated
- If the token is invalid, the load balancer closes the connection to this client.
I don't know how to do step 4. I know that there is something called ZeroMQ Authentication Protocol (ZAP) for that but I don't know whether that is already implemented in NetMQ and if so, how to use it.
tl;dr
How to close the connection to a particular DEALER Socket connected to a ROUTER Socket in NetMQ?