在为 Node.JS 编写的非常低级别的 TCP 服务器上进行身份验证?
[英]Authentication on a very low level TCP Server written for Node.JS?
问题描述
How do I implement something similar to the HTTP Basic authentication, in a TCP server written for Node.JS?
如何在为 Node.JS 编写的 TCP 服务器中实现类似于 HTTP 基本身份验证的功能? The code for a basic TCP server is the following:基本 TCP 服务器的代码如下:
// Load the net module to create a tcp server.
var net = require('net');
// Setup a tcp server
var server = net.createServer(function (socket) {
// Every time someone connects, tell them hello and then close the connection.
socket.addListener("connect", function () {
console.log("Connection from " + socket.remoteAddress);
socket.end("Hello World\n");
});
});
// Fire up the server bound to port 7000 on localhost
server.listen(7000, "localhost");
// Put a friendly message on the terminal
console.log("TCP server listening on port 7000 at localhost.");
1 个解决方案
解决方案1
5 已采纳 2011-05-26 16:49:21
While there are several ways to provide authentication over a TCP connection, all require some form of "protocol" being an agreed-upon communications grammar/syntax.虽然有几种方法可以通过 TCP 连接提供身份验证,但都需要某种形式的“协议”作为商定的通信语法/语法。
For example, in the Simple Mail Transport Protocol, the following conversation occurs (where S: and C: designate lines provided by the SMTP server and email client, respectively):例如,在简单邮件传输协议中,会发生以下对话(其中 S: 和 C: 分别指定由 SMTP 服务器和 email 客户端提供的行):
S: 220 server.example.com
C: HELO client.example.com
S: 250 server.example.com
C: MAIL FROM:<sender@example.com>
S: 250 2.1.0 sender@example.com... Sender ok
C: RCPT TO:<recipient@example.com>
S: 250 recipient <recipient@example.com> OK
C: DATA
S: 354 enter mail, end with line containing only "."
C: full email message appears here, where any line
C: containing a single period is sent as two periods
C: to differentiate it from the "end of message" marker
C: .
S: 250 message sent
C: QUIT
S: 221 goodbye
In replies from the server, the initial numeric value indicates the success or failure of the requested operation, or that the reply contains an informational message.在来自服务器的回复中,初始数值表示请求操作的成功或失败,或者回复包含信息性消息。 Using a three digit numeric value allows for efficient parsing as all replies beginning with 2xx indicate success, 3xx are informational, 4xx indicate protocol errors, and 5xx are reserved for server errors.使用三位数的数值可以进行有效的解析,因为所有以 2xx 开头的回复都表示成功,3xx 是信息性的,4xx 表示协议错误,5xx 是为服务器错误保留的。 See IETF RFC 5321 - http://tools.ietf.org/html/rfc5321 for the full protocol.有关完整协议,请参阅 IETF RFC 5321 - http://tools.ietf.org/html/rfc5321 。
So in your specific case, you might consider something as simple as:因此,在您的具体情况下,您可能会考虑以下简单的事情:
[connect to TCP server]
S: ? # indicates the server is ready for authorization
C: username password # send authentication credentials
The server would then reply with:然后服务器会回复:
S: ! # indicates successful authentication and
# that server is ready for more commands
Or或者
S: ? # indicates authentication failure
If too many failed attempts to authenticate are seen, the server might sever the connection to reduce the potential for abuse, such as DDOS attacks.如果看到太多失败的身份验证尝试,服务器可能会切断连接以减少滥用的可能性,例如 DDOS 攻击。
Once authenticated, the client could send:一旦通过身份验证,客户端可以发送:
C: > # begin streaming
Or any other command you which to support.或您要支持的任何其他命令。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.