Skip to main content

JOD Agent Communication system

To connect a JOSP Object to a JOSP EcoSystem, the JOD Agent use a complex communication system.
This system is delegated to handle communication with JOSP Services (both Direct and Cloud), manage JCP Authentication, but also to encrypt all tx/rx data.

Because a JOSP EcoSystem is composed by different 'pieces', a JOD Agent use multiple communication channels with different protocols to talks with all those 'pieces':

  • to JCP APIs (via HTTP) to register and handle the JOSP object to the JCP
  • to JCP Gateways (via JOSP) to communicate with JOSP Services via Cloud Communication
  • from JOSP Services (via JOSP) to communicate with JOSP Services via Direct Communication

JCP APIs are a set of HTTP Methods exposed by the JCP platform and are used by JOD Agent to handle the JOSP Object on the JCP. That include: the generation of an unique object's id, the supply of the JCP GWs access info, the storage of JOSP Object's events and status histories, etc...
Moreover JCP APIs requires JOD Agent authentication via the JCP Auth service (an OAuth2 authorization server).

To communicate with JOSP Services, the JOD Agent support both JOSP Communications types: Direct and Cloud.

For Cloud Communication, the JOD Agent open a connection to the JCP Gateways. So all JOSP Services (with at lest STATUS permission on the JOSP Object represented by the JOD Agent) can see exposed JOSP Object and interact with it via Cloud communication.
The JOD Agent use internal JOD Gateway O2S Client, that support JOSP protocol, to connect with the JCP GW. You can disable Cloud Communication setting the jod.comm.cloud.enabled property from JOD AGent Configs to false (it's true by default). So the jod gateway client is not initialized at JOD Agent startup.

On the other side, for Direct Communication the JOD Agent startup a local server and publish it as mDNS/Bonjour service on local network. That allow all JOSP Services on the same local network to discover and connect to the JOSP Object exposed by the JOD Agent.
Local JOD Server support the JOSP protocol and is executed at JOD Agent startup.
You can disable Direct Communication setting the jod.comm.local.enabled property from JOD AGent Configs to false (it's true by default). So the local server is not executed at JOD Agent startup.

With the intention of providing the highest level of security, both the JOD Gateway O2S Client and the JOD Local Server use communication channels based on TCP and encrypted with SSL. For Cloud communication, the SSL encryption use a pre-shared certificate on the JCP GWs server side; and a self-generated certificate as JOSP Object's identity. Each JOSP Object, register his self-generated certificate to the JCP when requires the JCP GW's access info to JCP APIs. On other hand, the Direct communication require a pre-connection step where JOSP Object and Service share their own certificates. After that, they can open a direct encrypted communication.

Also the Public JCP, with the aim to improve your security, expose only HTTPs endpoints and encrypt all communication with his own SSL certificate.


JCP Authentication

ToDo: Write JOD References / Communication # JCP Authentication

JOD Gateway O2S Client

ToDo: Write JOD References / Communication # JCP Authentication

JOD Local Server

ToDo: Write JOD References / Communication # JCP Authentication