JSAMP hub and localhost hostname

Luigi Paioro luigi at lambrate.inaf.it
Tue Dec 2 05:34:44 PST 2008


Dear Pierre,

> In the future, if we want to extend SAMP for remote connections we could 
> invent a kind of gateway plugged on the hub and managing all the 
> required remote registrations, remote authentifications ... I wonder if 
> a dedicated SAMP client could do this job?

since I personally use SAMP for remote connections, I had to deal with 
those topics you raised above. Instead of having a dedicated SAMP client 
I rather implemented some additional (optional) features to the SAMPy 
hub (valid only for the Standard Profile) like:

1) the possibility of running the hub (and the client) over a secure 
layer (HTTPS) allowing the setting (via command-line) of the key file 
and certificate file to use. It is also possible to set the 
"certification authority" certificates, which are used to validate 
certificates passed from the client end of the connection (if required).

2) the possibility of authenticating the client via Basic Authentication 
(which, in practice, is secure only if used over a secure socket), 
providing the hub with an authentication file (which is a Berkeley 
Database) containing the list of users with their passwords following a 
specific format and encryption rule.

3) since the mechanisms above do not exclude the SAMP basic security 
system, that is the exchange of the secret code written in the 
lock-file, it is possible to define via command-line a custom secret 
code, that, once conventionally fixed, can be used by the remote 
users/clients without the requirement of having access to the server 
.samp file.


What I have done is not necessarily the best way to do things, but as 
far as I need, it works. The main problem I see in this design is that 
it is quite focused around the Standard Profile and perhaps not general 
enough. Maybe in the future we might find a better solution, but at 
least we already have a working implementation that could be used as the 
starting point for a future discussion.

Luigi



More information about the apps-samp mailing list