Zero Authentication Service

Zas is an authentication service build on 0mq. It is designed to accept credentials and verify them against a data store. The purpose of Zas is for simple and fast authentication in Service Oriented Architectures.

Installing the service

gem install bundler
bundle install

Running the Service

General usage. This example assumes an in-memory database and uses Sequel to connect to that database.

# connect to the database
require 'sequel'
db = Sequel.connect(db_url)

# set up the authenticator
authenticator = Zas::Authenticators::SequelPasswordAuthenticator.new(db)

# construct the service and add the authenticator
service = Zas::Service.new
service.authenticators['http_basic_auth'] = Zas::Authenticators::FilteredAuthenticator.new(
  sequel_authenticator, [Zas::Filters::HttpBasicAuth]
)

# run the service
service.run

Running from irb:

bundle exec irb -Ilib -rzas
=> # as above

Adding Support for Other Authenticators

To create a custom authenticator, your class must respond to the #authenticate method. Currently the signature for the #authenticate method is dependent on your authenticator's needs. By default the value associated with the credentials key from the request will be passed straight through to your #authenticate implementation.

For example, if the request is:

{
  "strategy": "my_auth",
  "credentials": "foo!"
}

And your authenticator is:

class MyAuthenticator
  attr_accessor :logger
  def authenticate(credentials)
    credentials == 'foo!'
  end
end

Note that the attr_accessor :logger is not required, however if you provide it then your authenticator will have access to the syslog logger.

Configuration

You may provide a service configuration to the service initializer:

config = Zas::ServiceConfiguration.new(:host => '127.0.0.1', :port => '6000', :name => 'my-service')
Zas::Service.new(config).run

The following options are available:

  • host - The host to listen to. Either * or an IP address. Defaults to *
  • port - The port to listen to. Defaults to 5555
  • name - A name to use in log messages. Defaults to zas-service

Logging

All logging will be sent to syslog.

Notes

This library is not thread-safe.

Integration Specs

To run the integration specs:

rake -Ilib integrations