Hello, Tobias and everyone:
Can you please help me with the following questions? Thanks
How the client should construct the http request with the secrete? for example, should the secrete be put in header, or body?
Different client has different secrete. And how does crossbar programmatically verify requests from different clients? If a registered callback will be called by crossbar to do the authentication, what info will crossbar pass over to the registered callback?
Another question: Does crossbar supports access token (for authorization purpose) for http bridge
If the http request from client contains access tokens, where should the client put the token in the http post requests? And how does crossbar pass over the access token to either registered authorization callback or a subscriber?
On Tuesday, April 5, 2016 at 2:08:35 PM UTC-7, Jun wrote:
The http bridge is a good feature to use. (http://crossbar.io/docs/HTTP-Bridge/)
Currently, I register a callback to dynamically authenticate and authorize wamp connections by registering the two authenticator and authorizer callbacks.
How will the dynamic authentication/authorization work for http bridge? (the ticket method is preferred)
Do you have a sample config.json and sample code? What is required for a http post request to do to be authenticated/authorized?