[Catalyst] Catalyst with Twiggy with Pocket.IO (Comet)

Bill Moseley moseley at hank.org
Thu Nov 29 04:35:27 GMT 2012

On Wed, Nov 28, 2012 at 4:21 AM, Jaro Zajonc <jaro.zajonc at gmail.com> wrote:

> But if I direct traffic from Apache directly to Twiggy server
> I'd bypass Catalyst Authentication/Authorization part for Comet session,
> right?
> I'd like to allow only authenticated users to subscribe to comet channel.
> I am sure I am missing some really simple piece of the puzzle :-\

Are you over SSL by chance?   I've done this by constructing a token on the
authenticated server and then have the secondary server that can't fully
authenticate validate the token which might be a simple digets of secret +

That is, the server w/o the auth validates that the token is legitimate and
the SSL tells me it came from the client I gave it to.

-- =

Bill Moseley
moseley at hank.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20121128/f98c3=

More information about the Catalyst mailing list