[sr-dev] WebSocket cookie authentication and passing data

Peter Dunkley peter.dunkley at crocodilertc.net
Tue Feb 4 15:50:22 CET 2014


On Kamailio you handle the WebSocket handshake as just another HTTP request
(in an event_route).

You do any processing and checking of headers you want in that event_route
before calling ws_handle_handshake().  That includes using URI parameters
(often more useful than Cookies: for authentication), checking Cookie:
contents, checking the Host: and Origin: headers, etc.

You can use the auth_ephemeral module at this point or, (if you have a
WebSocket client capable of handling a request for HTTP digest
authentication) HTTP digest authentication.  You can also use sqlops (and
other similar modules) at this point too.

ws_handle_handshake() validates the WebSocket specific headers and
generates the 101 response if everything is OK from a protocol



On 4 February 2014 14:37, Daniel Pocock <daniel at pocock.com.au> wrote:

>  On 04/02/14 10:26, Peter Dunkley wrote:
> Hello,
>  I don't think this is relevant to the Kamailio implementation.
>  The Kamailio implementation doesn't do anything with headers like
> Cookie: at all.  If an implementer of a Kamailio solution wants to do
> anything with the Cookie: header (or any other), they can do whatever they
> want using the Kamailio configuration file "programming language".
>  You can make use of all of the standard Kamailio header/parameter
> selects and transformations to help you do whatever you want with these
> headers.
> Just to clarify: we are talking about HTTP Cookie headers sent during the
> WebSocket handshake, not about a Cookie header in any SIP message
> Does the Kamailio WebSocket transport provide access to the HTTP WebSocket
> handshake headers and their contents or only the SIP headers?
> Is there a way to invoke some route block in the configuration file to
> examine the HTTP headers and decide whether a WebSocket connection will be
> accepted?

Peter Dunkley
Technical Director
Crocodile RCS Ltd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20140204/3342c297/attachment.html>

More information about the sr-dev mailing list