[Catalyst] Catalyst with Twiggy with Pocket.IO (Comet)
Jaro Zajonc
jaro.zajonc at gmail.com
Thu Nov 29 13:19:22 GMT 2012
I use SSL for authentification only. Rest is plain http.
Maybe I might consider using SSL for comet feed....
Thanks for suggestion.
On 29 November 2012 05:35, Bill Moseley <moseley at hank.org> wrote:
>
>
> On Wed, Nov 28, 2012 at 4:21 AM, Jaro Zajonc <jaro.zajonc at gmail.com>wrote:
>
>> But if I direct traffic from Apache directly to Twiggy server
>> I'd bypass Catalyst Authentication/Authorization part for Comet session,
>> right?
>> I'd like to allow only authenticated users to subscribe to comet channel.
>> I am sure I am missing some really simple piece of the puzzle :-\
>>
>
> Are you over SSL by chance? I've done this by constructing a token on
> the authenticated server and then have the secondary server that can't
> fully authenticate validate the token which might be a simple digets of
> secret + timestamp.
>
> That is, the server w/o the auth validates that the token is legitimate
> and the SSL tells me it came from the client I gave it to.
>
>
>
> --
> Bill Moseley
> moseley at hank.org
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20121129/85b25=
840/attachment.htm
More information about the Catalyst
mailing list