配置WebSocket连接的身份验证标头 [英] Configuring authentication headers for WebSocket connection

问题描述

IIUC，当我创建WebSocket时，会将HTTP请求发送到包含升级请求的指定URL.通常是将身份验证信息与该升级请求一起传递，还是应该单独执行?

IIUC, when I create a WebSocket an HTTP request is sent to the specified URL, containing an upgrade request. Is it typicaly to pass authentication information along with this upgrade request, or should it be performed separately?

var websocket = new WebSocket("ws://domain:port/foo"); // Can I include authentication headers with the initial upgrade HTTP request?

推荐答案

您应该通过Web进行身份验证，返回cookie，然后再次携带cookie再次连接到websocket服务器. WS服务器可以验证cookie

You should do the authentication through web, return a cookie and then connect to the websocket server again, carrying the cookie. The WS server can validate the cookie

如果没有基于cookie的身份验证，或者根本不可能(例如另一个域中的WS服务器)，则必须创建自己的请求-响应消息进行登录.

If there is no cookie based authentication or it is just not possible (like the WS server in another domain), you will have to create your own request-response messages for login.

这篇关于配置WebSocket连接的身份验证标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！