Hey Christian, Thanks for the response, I have already have look and the sources you point and they let me make some progress as I am using spring and I am already using it for securing my http requests.
If I understand correctly I need to add the authentication information in the payload of my socket and I need to set that information to the Exchange.AUTHENTICATION header right? I already hack a way to create a mock authentication that let me access the websockets. I want to use Basic authentication but role my own security is always a bad idea. Do you know if spring provide some helper classes for Basic Authentication? Thank you very much, Jose On Fri, Aug 16, 2013 at 1:05 PM, Christian Posta <christian.po...@gmail.com> wrote: > Jose, > Depends on which security mechanism you use. For example, for > spring-security, take a look here: > > http://camel.apache.org/spring-security.html > > You can set up the infrastructure for Spring Security to intercept and > validate the authentication, but the Authentication object being on the > exchange is your responsibility. You can add a processor that reads the > websocket payload and extracts the un/pw from there. You can also set up > the websocket connection to go over SSL to avoid sending plaintext. > > http://camel.apache.org/websocket.html > > > > > On Fri, Aug 16, 2013 at 11:10 AM, Jose Espinosa <j...@revinate.com> wrote: > >> Hey all, >> >> I am using websockets to start on of my routes, now I am looking at >> adding security to my websockets end points. >> >> I took a look at camel security as described here >> http://camel.apache.org/camel-security.html and it works as >> advertised, but now I cann't find how to make my websocket client to >> authenticate. >> >> Any pointers on how to make my websocket client to authenticate with camel? >> >> Thank you very much, >> Jose >> > > > > -- > *Christian Posta* > http://www.christianposta.com/blog > twitter: @christianposta
