Skip to main content

[jsr356-users] [jsr356-experts] Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

  • From: Mark Thomas < >
  • To:
  • Subject: [jsr356-users] [jsr356-experts] Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout
  • Date: Fri, 07 Dec 2012 17:43:51 +0000
  • List-id: <jsr356-experts.websocket-spec.java.net>

On 07/12/2012 00:56, Danny Coward wrote:
> OK, so in the spirit of trying to close out this discussion and find
> what is reasonable to require in the specification, what it looks like
> to me we are left with is this:-
> 
> 1) The only association between websocket session and HttpSession is at
> opening handshake time. The API gives developers a convenient access to
> the HttpSession object at that point in time.
> 2) The user identity associated with the websocket Session is the user
> identity that was established at the opening handshake.

Do we want to expose this through the API?

> 3) If the server decides that authorization for this websocket resource
> by this user identity has ended (it expired, or some logout mechanism
> was invoked) then the websocket implementation must immediately close
> the connection.

Can we make this behaviour optional?

Mark



[jsr356-users] [jsr356-experts] Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Danny Coward 12/07/2012

[jsr356-users] Re: [jsr356-experts] Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Joakim Erdfelt 12/07/2012

[jsr356-users] Re: [jsr356-experts] Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Danny Coward 12/07/2012

[jsr356-users] [jsr356-experts] Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Mark Thomas 12/07/2012

[jsr356-users] [jsr356-experts] Re: Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Danny Coward 12/07/2012

[jsr356-users] [jsr356-experts] Re: Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Mark Thomas 12/08/2012

[jsr356-users] [jsr356-experts] Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Danny Coward 12/11/2012

[jsr356-users] [jsr356-experts] Re: Summary: relationship of WebSocket Session/HttpSession/Identity/web logout

Mark Thomas 12/12/2012
 
 
Close
loading
Please Confirm
Close