<div dir="ltr">Hello,<div><br></div><div>On Kamailio you handle the WebSocket handshake as just another HTTP request (in an event_route).<div><br></div><div>You do any processing and checking of headers you want in that event_route before calling ws_handle_handshake(). That includes using URI parameters (often more useful than Cookies: for authentication), checking Cookie: contents, checking the Host: and Origin: headers, etc.</div>
<div><br></div><div>You can use the auth_ephemeral module at this point or, (if you have a WebSocket client capable of handling a request for HTTP digest authentication) HTTP digest authentication. You can also use sqlops (and other similar modules) at this point too.</div>
<div><br></div><div>ws_handle_handshake() validates the WebSocket specific headers and generates the 101 response if everything is OK from a protocol point-of-view.</div><div><br></div><div>Regards,</div><div><br></div><div>
Peter</div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On 4 February 2014 14:37, Daniel Pocock <span dir="ltr"><<a href="mailto:daniel@pocock.com.au" target="_blank">daniel@pocock.com.au</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><div class="im">
<div>On 04/02/14 10:26, Peter Dunkley wrote:<br>
</div>
</div><div class="im"><blockquote type="cite">
<div dir="ltr">Hello,
<div><br>
</div>
<div>I don't think this is relevant to the Kamailio
implementation.</div>
<div><br>
</div>
<div>The Kamailio implementation doesn't do anything with
headers like Cookie: at all. If an implementer of a Kamailio
solution wants to do anything with the Cookie: header (or any
other), they can do whatever they want using the Kamailio
configuration file "programming language".</div>
<div><br>
</div>
<div>You can make use of all of the standard Kamailio
header/parameter selects and transformations to help you do
whatever you want with these headers.</div>
</div>
</blockquote>
<br></div><div class="im">
Just to clarify: we are talking about HTTP Cookie headers sent
during the WebSocket handshake, not about a Cookie header in any SIP
message<br>
<br>
Does the Kamailio WebSocket transport provide access to the HTTP
WebSocket handshake headers and their contents or only the SIP
headers?<br>
<br>
Is there a way to invoke some route block in the configuration file
to examine the HTTP headers and decide whether a WebSocket
connection will be accepted?<br>
<br>
</div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr"><div><font face="courier new, monospace">Peter Dunkley</font></div><div><font face="courier new, monospace">Technical Director</font></div><div>
<font face="courier new, monospace">Crocodile RCS Ltd</font></div></div>
</div>