Hi Lakshman, On Wed, Jan 18, 2017 at 2:57 PM, Lakshman Udayakantha <[email protected]> wrote:
> I think you don't have to specially implement authentication mechanism for > web socket protocol. According to the spec[1], websocket doesn't provide > a way to authenticate clients. You can use any other mechanism with HTTPS > or HTTP etc. to authenticate the server. > > This protocol doesn't prescribe any particular way that servers can > authenticate clients during the WebSocket handshake. The WebSocket server > can use any client authentication mechanism available to a generic HTTP > server, > > such as cookies, HTTP authentication, or TLS authentication. > > > [1] https://tools.ietf.org/html/rfc6455 > Yes. They are not providing a mechanism and I'm trying to reuse the existing authentication mechanisms for Microservices in MSF4J. Most probably it will work since there is no any difference between a HTTP request and WebSocket Upgrade Request. Now I'm working on it. Thanks, Irunika *Irunika Weeraratne* *Software Engineer | WSO2, Inc. <http://wso2.com/>* *Email : [email protected] <[email protected]>* *LinkedIn : https://lk.linkedin.com/in/irunika <https://lk.linkedin.com/in/irunika>* *Mobile : +94712403314* *Lean . Enterprise . Middleware*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
