# NAME
mercury - A message broker for WebSockets
# VERSION
version 0.005
# STATUS
# SYNOPSIS
mercury broker [-l ]
# DESCRIPTION
This is a message broker that enables some common messaging patterns over
WebSockets.
WebSockets are a powerful tool, enabling many features previously impossible,
difficult, or ugly for web developers to implement. Where once only an HTTP
request could get data from a server, now a persistent socket can allow the
server to send updates without the client needing to specifically request it.
## Server-side Communication
WebSockets do not need to be a communication channel purely between browser and
server. The Mojolicious web framework has excellent support for WebSockets.
Using that support, we can communicate between different server processes.
This solves the problem with client-to-client communication in a parallelized
web server where all clients may not be connected to the same server process.
The server processes can use a central message broker to coordinate and pass
messages from one client to another.
## Message Bus
A message bus allows for all connected peers to send and receive messages in a
group.
Requesting a WebSocket from the URL `/bus/fry` joins the peer-to-peer message
bus topic `fry`. All peers joined to the same topic will receive all the
messages published to that topic by other peers.
This is useful for sharing state changes between multiple peers, for example,
in a forking web app server like [Hypnotoad](https://metacpan.org/pod/Hypnotoad) or [Starman](https://metacpan.org/pod/Starman).
## Pub/Sub Messaging
The pub/sub pattern allows for 1-to-many delivery of messages from one
publisher to any number of active subscribers.
Requesting a WebSocket from the URL `/sub/leela` creates a subscription to the
topic `leela`. Requesting a WebSocket from the URL `/pub/leela` allows
sending messages to the `leela` topic, which are then received by all the
subscribers.
Topics are heirarchical to allow for broad subscriptions without requring more
sockets. A subscription to the topic `wong` receives all messages published to
the topic `wong` or any child topic like `wong/amy` or `wong/leo`.
This pattern is useful for keeping clients informed of backend processes,
tapping into an event or logging stream.
## Push/Pull
Push/pull deals out messages in a round-robin manner. Pushers send messages
which are handled by a single puller.
Handlers request WebSockets from the URL `/pull/bender`. Senders request
WebSockets from the URL `/push/bender`. Senders send messages which will
be received by a single handler.
This pattern is useful for load balancing incoming updates, or creating
processing pipelines using multiple push/pull endpoints.
## Example App
In `development` mode (the default), the broker provides an example
application to test the messaging patterns.
You can change the mode by using the `-m` flag to the [`mercury broker`
command](https://metacpan.org/pod/Mercury::Command::mercury::broker) or the `MOJO_MODE` environment
variable.
# CONFIGURATION
You can have an optional configuration file `mercury.conf` in the current
working directory. The configuration file is a Perl hash, with the broker
configuration in the `broker` key, like so:
# mercury.conf
{
broker => {
listen => "http://*:4000",
allow_origin => [
'example.com',
],
},
}
The individual configuration keys are:
## listen
# mercury.conf
{
broker => {
listen => "http://*:4000",
},
}
You can set the default for the `-l|--listen` option in the configuration
file.
## allow\_origin
# mercury.conf
{
broker => {
allow_origin => [
'example.com',
],
},
}
Instead of CORS (used by Ajax), WebSockets send an `Origin` header with the
initial handshake. This header contains the protocol, host, and port used by
the page requesting the socket.
As a basic security measure, you can configure the allowed origin values with
the `allow_origin` configuration key. When this is set, only WebSocket
handshakes with an `Origin` header matching one of the values will be allowed.
If there is no `Origin` header, or the header does not match, the connection
will be denied with a `401 Unauthorized` response.
`allow_origin` key can be a single string, or an array of strings, containing
a string to match against the incoming `Origin` header. The `*` character is
a wildcard.
Each of the following examples will match the origin
`http://www.example.com:3000`.
example.com
*.example.com
*://www.example.com
http://www.example.com:*
This is not a comprehensive security measure. The server is trusting that the
client is not lying about its `Origin`. The client can claim any origin it
wants.
# SEE ALSO
- [socket.io](http://socket.io)
A JavaScript WebSocket messaging library (client and server). For a
socket.io-compatible server written in Perl, see [PocketIO](https://metacpan.org/pod/PocketIO).
- [zeromq](http://zeromq.org)
A socket library that provides communication patterns for scalability.
The inspiration to build Mercury (Mercury requires only Perl 5.10 or higher).
For a Perl API to ZeroMQ, see [ZMQ::FFI](https://metacpan.org/pod/ZMQ::FFI).
- [nanomsg](http://nanomsg.org)
A socket library that provides communication patterns for scalability. The
successor to ZeroMQ. The inspiration of the features provided by Mercury. For a
Perl API, see [NanoMsg::Raw](https://metacpan.org/pod/NanoMsg::Raw).
# AUTHOR
Doug Bell
# COPYRIGHT AND LICENSE
This software is copyright (c) 2015 by Doug Bell.
This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.