mirror of
https://github.com/zeromq/libzmq.git
synced 2024-12-31 01:43:02 +08:00
58 lines
1.8 KiB
Plaintext
58 lines
1.8 KiB
Plaintext
zmq_gssapi(7)
|
|
============
|
|
|
|
|
|
NAME
|
|
----
|
|
zmq_gssapi - secure authentication and confidentiality
|
|
|
|
|
|
SYNOPSIS
|
|
--------
|
|
|
|
The GSSAPI mechanism defines a mechanism for secure authentication and
|
|
confidentiality for communications between a client and a server using the
|
|
Generic Security Service Application Program Interface (GSSAPI). The GSSAPI
|
|
mechanism can be used on both public and private networks. GSSAPI itself is
|
|
defined in IETF RFC-2743: <http://tools.ietf.org/html/rfc2743>. The ZeroMQ
|
|
GSSAPI mechanism is defined by this document: <http://rfc.zeromq.org/spec:38>.
|
|
|
|
|
|
CLIENT AND SERVER ROLES
|
|
-----------------------
|
|
A socket using GSSAPI can be either client or server, but not both.
|
|
|
|
To become either a GSSAPI client or server, the application sets the
|
|
ZMQ_GSSAPI_PRINCIPAL option to provide the socket with the name of the principal
|
|
for whom GSSAPI credentials should be acquired.
|
|
|
|
To become a GSSAPI server, the application additionally sets the
|
|
ZMQ_GSSAPI_SERVER option on the socket.
|
|
|
|
To become a GSSAPI client, the application sets additionally sets the
|
|
ZMQ_GSSAPI_SERVICE_PRINCIPAL option to the name of the principal of the server
|
|
to which it intends to connect.
|
|
|
|
|
|
OPTIONAL ENCRYPTION
|
|
-------------------
|
|
By default, the GSSAPI mechanism will encrypt all communications between client
|
|
and server. If encryption is not desired (e.g. on private networks), the
|
|
client and server applications can disable it by setting the
|
|
ZMQ_GSSAPI_PLAINTEXT option. Both the client and server must set this option
|
|
to the same value.
|
|
|
|
|
|
SEE ALSO
|
|
--------
|
|
linkzmq:zmq_setsockopt[3]
|
|
linkzmq:zmq_null[7]
|
|
linkzmq:zmq_curve[7]
|
|
linkzmq:zmq[7]
|
|
|
|
|
|
AUTHORS
|
|
-------
|
|
This page was written by the 0MQ community. To make a change please
|
|
read the 0MQ Contribution Policy at <http://www.zeromq.org/docs:contributing>.
|