[Catalyst] Catalyst with Twiggy with Pocket.IO (Comet)
jaro.zajonc at gmail.com
Thu Nov 29 13:19:22 GMT 2012
I use SSL for authentification only. Rest is plain http.
Maybe I might consider using SSL for comet feed....
Thanks for suggestion.
On 29 November 2012 05:35, Bill Moseley <moseley at hank.org> wrote:
> On Wed, Nov 28, 2012 at 4:21 AM, Jaro Zajonc <jaro.zajonc at gmail.com>wrote:
>> But if I direct traffic from Apache directly to Twiggy server
>> I'd bypass Catalyst Authentication/Authorization part for Comet session,
>> I'd like to allow only authenticated users to subscribe to comet channel.
>> I am sure I am missing some really simple piece of the puzzle :-\
> Are you over SSL by chance? I've done this by constructing a token on
> the authenticated server and then have the secondary server that can't
> fully authenticate validate the token which might be a simple digets of
> secret + timestamp.
> That is, the server w/o the auth validates that the token is legitimate
> and the SSL tells me it came from the client I gave it to.
> Bill Moseley
> moseley at hank.org
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> Dev site: http://dev.catalyst.perl.org/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Catalyst