On Wed, Aug 21, 2013 at 12:23 PM, Nils Kilden-Pedersen <[email protected]> wrote:
On Tue, Aug 20, 2013 at 7:19 PM, Joakim Erdfelt <[email protected]> wrote: > >> Access to the HttpServletRequest is discouraged, as not all mechanisms >> for creating a WebSocket will even have a HttpServletRequest. >> (Various muxed websocket connection techniques like WebSocket over SPDY >> and even the mux-extension would have a websocket be created without a >> HttpServletRequest object being created for it) >> > > Using Jetty 8, I also use the request object to make sure only > authenticated users connect, by checking the authorization cookie. > > How would I do that in Jetty 9? > Took a look at the API, and I can see that while the HttpServletRequestobject is not available, UpgradeRequest is, which contains access to most of the same stuff. So this shouldn't be a problem, for me at least. > Doesn't all websocket connections need to be initiated by an HTTP request? > If so, it would seem natural to have access to the request in some form or > another. > > Thanks, > Nils >
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
