public class MessagingAuthFilter extends BaseFilter
This filter can block access to Realtime Messaging channels for both websocket and COMET communication. The filter blocks unauthorized websocket channels by disrupting the initial HTTP handshake that occurs before the websocket itself is opened. To use, place a filter declaration similar to the following in your web.xml:
<filter>
<filter-name>MessagingAuthFilter</filter-name>
<filter-class>com.isomorphic.messaging.MessagingAuthFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MessagingAuthFilter</filter-name>
<url-pattern>/isomorphic/websocket/*</url-pattern>
<url-pattern>/isomorphic/messaging/*</url-pattern>
</filter-mapping> where you should adjust the url patterns to match the server websocket and messaging URLs that you have configured.| Modifier and Type | Method and Description |
|---|---|
boolean | authenticate(java.lang.String channel, HttpServletRequest request) Should the request be allowed to subscribe to the named Realtime Messaging channel? |
public boolean authenticate(java.lang.String channel,
HttpServletRequest request) The default implementation always returns true, so that all subscribe requests succeed. To restrict access, define a filter subclass that extends MessagingAuthFilter and override this method to return true only for authorized requests.
channel - the channel that will be subscribed if you grant accessrequest - the HTTP request that wants to subscribe to the channel