-
Notifications
You must be signed in to change notification settings - Fork 38
Network protocols setup
Zyan allows flexible configuration of communication protocols, including advanced options such as encryption and authentication. Zyan API provides a number of ProtocolSetup classes, and furthermore, you can write your own protocol setups to plug in some non-standard functionality such as non-standard network communication channel.
Each ProtocolSetup consists of two classes, one for the server and one for the client. Server-side protocol setup class implements IServerProtocolSetup interface and the client-side class implements IClientProtocolSetup.
Here is a list of protocols coming with Zyan:
| Network protocol | Namespace: | Server-side ProtocolSetup | Client-side ProtocolSetup | Encryption | Authentication |
|---|---|---|---|---|---|
| TCP | Zyan.Communications.Protocols.Tcp | TcpBinaryServerProtocolSetup | TcpBinaryClientProtocolSetup | Standard Windows | Integrated Windows authentication |
| TCP | Zyan.Communications.Protocols.Tcp | TcpCustomServerProtocolSetup | TcpCustomClientProtocolSetup | Custom | Custom |
| TCP | Zyan.Communications.Protocols.Tcp | TcpDuplexServerProtocolSetup | TcpDuplexClientProtocolSetup | Custom | Custom |
| HTTP | Zyan.Communications.Protocols.Http | HttpCustomServerProtocolSetup | HttpCustomClientProtocolSetup | Custom | Custom |
| Named Pipes | Zyan.Communications.Protocols.Ipc | IpcBinaryServerProtocolSetup | IpcBinaryClientProtocolSetup | Standard Windows | Integrated Windows authentication |
One of the very important aspects of network communication is authentication (checking whether user's identity is valid). Zyan supports a number of authentication modes. You can use classic login/password authentication as well as integrated Windows authentication. Authentication modes are implemented by authentication providers. Authentication provider implements IAuthenticationProvider interface (defined in Zyan.Communication.Security namespace), which contains only one method: Authenticate. Authentication process goes as follows:
- User credentials are taken as parameters
- Validation is performed
- Authentication result (success or failure) is returned
The following authentication providers come with Zyan:
| Authentication provider | Description | Supported ProtocolSetups |
|---|---|---|
| IntegratedWindowsAuthProvider | Windows security token-based authentication | TcpBinary + IpcBinary |
| BasicWindowsAuthProvider | Authentication with Windows user name and password | All |
| SrpAuthenticationProvider | SRP-6a authentication protocol implementation | All |
| NullAuthenticationProvider | No authentication | All |
You can create your own authentication mode by writing class implementing IAuthenticationProvider interface. For example, with only a few lines of code you can write authentication provider validating user credentials against SQL database.
To enable required authentication mode, pass authentication provider instance to the ProtocolSetup constructor. Here is an example (encrypted HTTP connection with Windows user name and password authentication):
var authProvider = new BasicWindowsAuthProvider();
var protocolSetup = new HttpCustomServerProtocolSetup(8080, authProvider, true);At the client-side you must provide authentication data (user credentials) for BasicWindowsAuthProvider. This information is passed to ZyanConnection constructor. Here is a client-side configuration for the example above:
var credentials = new Hashtable();
credentials.Add(AuthRequestMessage.CREDENTIAL_USERNAME, "User");
credentials.Add(AuthRequestMessage.CREDENTIAL_PASSWORD, "Password");
var protocolSetup = new HttpCustomClientProtocolSetup(true);
var connection = new ZyanConnection("http://server:8080/Module", protocolSetup, credentials, false, true);Two last parameters determine session management strategy. The following combinations are possible:
| autoLoginOnExpiredSession | keepSessionAlive | Description |
|---|---|---|
| false | true | Default setting: Session is prolonged automatically by timer as long as connection object exists |
| false | false | Session is not prolonged authomatically and can expire if no methods were called for the certain time |
| true | false | If session is expired, connection object tries to log in using cached credentials (requires one extra roundtrip) |
Enabling autoLoginOnExpiredSession setting could imply certain security risk because ZyanConnection should cache client credentials in memory. It is strongly recommended that you disable it if your application connects to server over internet. By default, automatic login feature is disabled. You should only enable it if keepSessionAlive option is not available in your application.
Tip: IntegratedWindowsAuthProvider don't need authentication information, because it takes Windows security token automatically. User credentials information supplied to IntegratedWindowsAuthProvider is ignored.