tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niki Dokovski <nick...@gmail.com>
Subject Re: how to access HTTP response from jsr-356 ServerEndpointConfig.Configurator.modifyHandshake?
Date Mon, 09 Sep 2013 17:10:58 GMT
On Mon, Sep 9, 2013 at 5:26 PM, Bob DeRemer <bob.deremer@thingworx.com>wrote:

>  Thanks for the direction on using the respective Client/Server
> EndpointConfig.Configurator plumbing to do a pre-connection AUTH.
> Unfortunately, I’m stuck on the server side when trying to actually modify
> the HTTP response result code from within the Configurator.  It doesn’t
> appear that the HandshakeResponse [or anything else that I could see]
> provides access to modify the actual HTTP response – setting it to 403 if
> the AUTH fails.    In fact, from looking at the UpgradeUtil.doUpgrade, it
> seems that the decision to upgrade has already been made by the time the
> modifyHandshake override gets called.
>
Yes the decision is'already made at that point. In this version of the spec
and current implementation, the only place to actully provide different
status code (aka 403) is when checkOrigin returns false.
http://docs.oracle.com/javaee/7/api/javax/websocket/server/ServerEndpointConfig.Configurator.html#checkOrigin(java.lang.String)

I don't know wether this works in your case, but for sure the next spec
revision could try to provide more application control in "modifyHandshake"

cheers
Niki



****
>
> ** **
>
> If I’m missing anything, please let me know.****
>
> ** **
>
> Thanks,****
>
> ** **
>
> *Bob DeRemer*
>
> *Senior Director, Architecture and Development*
>
> ** **
>
> [image: Description: Description: Description: Description:
> cid:image001.png@01CBE3DE.51A12030]****
>
> http://www.thingworx.com****
>
> Skype: bob.deremer.thingworx****
>
> O: 610.594.6200 x812****
>
> M: 717.881.3986****
>
> ** **
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message