[Twisted-Python] Keeping a list of connected PB clients

[Phil Christensen]

On Nov 25, 2006, at 2:33 PM, Yi Qiang wrote:
> What I am having trouble with is getting access to the clients IP  
> address.  This is not something I can pass in in the  
> PBClientFactory's login method, since many computers are NAT'ed.

I'm not sure if I understand you here, are you saying that you *are*  
passing in the client's IP? There's fundamentally no way for the  
server to know the IP of a NAT'd client unless the client sends it.

> Yes, this is something I do have trouble with.  I will look into  
> the singleton pattern.  It would be nicer if there was a convenient  
> way to bubble up the  list of clients.

I agree. I would be particularly interested in findnig an direct  
interface into the reactor that allows me to at least view, if not  
manipulate connected clients. Something similar to netstat's output  
would be ideal.

Any other Twisted devs know something I don't in this matter?

> On Nov 24, 2006, at 6:46 PM, Phil Christensen wrote:
>> One thing this approach doesn't do is keep track of clients that  
>> connect, but fail authentication. To do that, you'd need to  
>> subclass Broker, but that's a tough one. I looked into this once  
>> before, and it certainly appears doable -- in the end, a Broker is  
>> still a Protocol, which means it has a transport property you can  
>> get client addresses out of.
>
> This is exactly what I need to do so I can associate a client with  
> both their username and ip address.  I have access to the broker if  
> I subclass PBServerFactory, but I am not sure how to access it from  
> the Realm, or if it is possible at all.

Well, the actual act of replacing the broker is easy, you just do this:

> from twisted.spread import pb
> pb.PBServerFactory.protocol = MyBrokerSubclass

This will make all future PB servers you create use your new protocol.

Of course, that's not the hard part ;-).

It should definitely be possible to wedge yourself in there between  
the various connection handlers, but it's non-trivial. There's also a  
high likelihood that you may need to modify/subclass other classes,  
which may or may not have an appropriate interface for doing so.

I think the end result wouldn't really be worth the investment of  
time. If your server *really* needs detailed information about  
connected clients at a very raw level, but also requires the power of  
Perspective Broker, you might try splitting your app into two pieces.

You could mimic the old-school FTP approach, and create a main  
control channel that speaks a custom, albeit simple protocol. All  
this channel would do is handle the connected clients, and provide  
some kind of token to them that they could pass back to the PB server.

If you need to be sure of security, you could generate random names  
for the remote objects you wish your clients to interact with, and  
have the clients provide that name to the PB server on each request.  
There are probably a number of other approaches that could provide  
even tighter security.

If this won't do the trick for you, you might need to provide a  
little more information about what you're actually trying to accomplish.

-phil