[
https://issues.apache.org/jira/browse/QPIDJMS-373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16423487#comment-16423487
]
Michael Bolz commented on QPIDJMS-373:
--------------------------------------
Hi [~gemmellr],
Thanks for the feedback. Perhaps I was a little bit to “straight forward” with
my idea/POC.
{quote}
…that kind of stuff belongs outside it, e.g as it is with the recently added
support for the XOAUTH2 SASL mechanism…
{quote}
I will take a look into this solution and…
{quote}
…changing the existing WS transport, but its worth noting you can also add your
own given how the transports are plugged in…
{quote}
…also the possibility to “plug in” the OAuth during WS as additional transport.
However I have not seen an option to add additional header without changing the
{{org.apache.qpid.jms.transports.netty.NettyWsTransport.NettyWebSocketTransportHandler}}.
Can you please point me to a sample on how to plug in another transport?
{quote}
Adding a way to set the authorization header seems reasonable, though if it
were a "transport." option it should perhaps also have a "ws" name prefix given
its specific usage.
{quote}
So using “transport.ws.” prefix for the added options is a good idea.
Initial I thought to add a new “ws.” or “auth.” option/prefix, but because e.g.
the SSL options are all within the “transport.” options I guessed the
“transport.” would be the correct place.
Again thanks for your initial feedback and I’am eager to get the next feedback
from you (or additional feedback from someone else).
Regards, Michael
> Support for OAuth flow and setting of "Authorization" Header for WS upgrade
> request
> -----------------------------------------------------------------------------------
>
> Key: QPIDJMS-373
> URL: https://issues.apache.org/jira/browse/QPIDJMS-373
> Project: Qpid JMS
> Issue Type: New Feature
> Components: qpid-jms-client
> Reporter: Michael Bolz
> Priority: Major
>
> Add support for OAuth flow ("client_credentials" and "password") and setting
> of "Authorization" Header during WebSocket connection handshake.
> Used "Authorization" Header or OAuth settings should/could be set via the
> "transport" parameters (TransportOptions).
>
> As PoC I created a [Fork|https://github.com/mibo/qpid-jms/tree/ws_add_header]
> and have done one commit for the [add of the Authorization
> Header|https://github.com/mibo/qpid-jms/commit/711052f0891556db0da6e7d68908b2f9dafadede]
> and one commit for the [OAuth
> flow|https://github.com/mibo/qpid-jms/commit/de70f0d3e4441358a239b3e776455201c133895d].
>
> Hope this feature is not only interesting for me.
> If yes, I will add the currently missing tests to my contribution and do a
> pull request.
>
> Regards, Michael
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
