Hi Godwin, You can find the source code of API Manager websocket Inbound Handler here [1] which reading and validating Authorization header.
[1] : https://github.com/wso2/carbon-apimgt/blob/6.1.x/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/WebsocketInboundHandler.java#L177 On Fri, Apr 21, 2017 at 11:32 AM, Irunika Weeraratne <irun...@wso2.com> wrote: > Hi Godwin, > IMHO the best way to do it using HTTP header. Are you using netty > directly? If that so there is a way to add necessary headers for the > initial handshake and we can check them in the server side. > > Thanks, > Irunika > > *Irunika Weeraratne* > *Software Engineer | WSO2, Inc. <http://wso2.com/>* > *Email : irun...@wso2.com <irun...@wso2.com>* > *LinkedIn : https://lk.linkedin.com/in/irunika > <https://lk.linkedin.com/in/irunika>* > *Mobile : +94712403314 <+94%2071%20240%203314>* > *Lean . Enterprise . Middleware* > > > On Fri, Apr 21, 2017 at 11:27 AM, Arshardh Ifthikar <arsha...@wso2.com> > wrote: > >> You can find it here: https://docs.wso2.com/display/ >> AM210/Create+a+WebSocket+API >> >> Thanks >> >> On Fri, Apr 21, 2017 at 11:24 AM, Godwin Shrimal <god...@wso2.com> wrote: >> >>> Can you please share the relevant API Manager source ? >>> >>> >>> Thanks >>> Godwin >>> >>> On Fri, Apr 21, 2017 at 11:22 AM, Arshardh Ifthikar <arsha...@wso2.com> >>> wrote: >>> >>>> Hi, >>>> >>>> IMHO the best approach would be to send it via a header in the initial >>>> HTTP request used to establish the connection. This is the method we follow >>>> to send the access token for websocket APIs in the API Manager. >>>> >>>> Thanks >>>> Arshardh >>>> >>>> On Fri, Apr 21, 2017 at 11:11 AM, Godwin Shrimal <god...@wso2.com> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> What is the best way to transmit a security token in web socket while >>>>> establishing a connection ? Currently we are passing through path >>>>> parameter >>>>> such as wss://localhost:8080/server/<token> >>>>> >>>>> Is it secure to sent it via path parameter ? If not what is the >>>>> correct approach ? >>>>> >>>>> >>>>> Thanks >>>>> Godwin >>>>> >>>>> -- >>>>> *Godwin Amila Shrimal* >>>>> WSO2 Inc.; http://wso2.com >>>>> lean.enterprise.middleware >>>>> >>>>> mobile: *+94772264165* >>>>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>>>> twitter: https://twitter.com/godwinamila >>>>> <http://wso2.com/signature> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> *Arshardh Ifthikar* >>>> Trainee Software Engineer >>>> WSO2, Inc. >>>> Mobile: +94719806525 <+94%2071%20980%206525> >>>> >>> >>> >>> >>> -- >>> *Godwin Amila Shrimal* >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> >>> mobile: *+94772264165* >>> linkedin: *http://lnkd.in/KUum6D <http://lnkd.in/KUum6D>* >>> twitter: https://twitter.com/godwinamila >>> <http://wso2.com/signature> >>> >> >> >> >> -- >> *Arshardh Ifthikar* >> Trainee Software Engineer >> WSO2, Inc. >> Mobile: +94719806525 <+94%2071%20980%206525> >> > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks Abimaran Kugathasan Senior Software Engineer - API Technologies Email : abima...@wso2.com Mobile : +94 773922820 <http://stackoverflow.com/users/515034> <http://lk.linkedin.com/in/abimaran> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimarank> <https://twitter.com/abimaran>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev