Websockets are primarily web connections which are upgraded from HTTP (at transport layer). So you CAN authenticate them like regular HTTP connections before upgrade OR do authentication after upgrade using websocket sub-protocol specific implementation, e.g. SIP REGISTER or MSRP AUTH, etc. (Notice SIP and MSRP are sub-protocols here, you can write your own session level sub-protocol as well).

See the sample implementation provided in websocket module at,

https://kamailio.org/docs/modules/5.2.x/modules/websocket.html#idm1019420836

Hope this helps.

Thank you.

On Jun 12, 2019 at 1:56 PM, <Fatih ORHAN> wrote:

Hello,

Websocket is a transport layer, you don't authenticate the client when establishing a websocket connection (just like you don't do authentication when establishing a UDP or TCP connection). You establish a websocket connection first, then do authentication when client sends a REGISTER or INVITE message.

If you didn't setup UDP SIP messaging, I recommend doing that first to get a feeling for how to configure kamailio. You can add websocket later.

Hope this helps.

Grant Bagdasarian <grantbagdasarian@gmail.com>, 23 Nis 2019 Sal, 23:04 tarihinde şunu yazdı:
Hello,

I was wondering if there are any best practices for authenticating websocket connection establishment inside the xhttp event route?

Thanks and regards,

Grant
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

--
--
Saygılarımla / Regards,
Fatih Orhan
Yazılım Mühendisi
Software Engineer
Verimor Telekomünikasyon A.Ş.
www.verimor.com.tr
0850 532 0000
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users