Skip to content
Snippets Groups Projects

Add auth logic for stomp clients over ws

Merged Tom Käsler requested to merge STOMP-security into master

This MR checks STOMP CONNECT frames for the jwt. A user connecting to STOMP will have to send the jwt as the header token to the backend which authenticates it and caches the jwt for the underlying (stomp-)session-id. Furthermore, when there is a header ars-user-id, the backend checks if the user sending the request has authenticated himself and the given ars-user-id is the same as the one stored in the jwt.

Edited by Tom Käsler

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
  • Loading
Please register or sign in to reply