XmlBlaster Logo



XmlBlaster Logo

Type NEW
Priority HIGH
Topic The callback server, instantiated from clients, needs to authenticate xmlBlaster

When xmlBlaster sends a message asynchronous back to the client callback server, we must attach some credentials to the message.

The client callback server must protect itself against intruder messages.

This is achieved by a session ID, a unique and secret string. The session ID is passed when you register your callback server with xmlBlaster. On callback this session ID is bounced back with the update() method. You can now check the delivered session ID.

This xml is passed as the QoS of a connect() or subcribe()
      <callback type='IOR' sessionId='0fxrc83plP'>

You receive this sessionId with your message update (example for Java):

   public String update(String cbSessionId, UpdateKey updateKey,
                        byte[] content, UpdateQos updateQos)
      // cbSessionId should be '0fxrc83plP'

NOTE: Configuration parameters are specified on command line (-someValue 17) or in the xmlBlaster.properties file (someValue=17). See requirement "util.property" for details.
Columns named Impl tells you if the feature is implemented.
Columns named Hot tells you if the configuration is changeable in hot operation.

See API org.xmlBlaster.util.qos.address.CallbackAddress
See REQ engine.callback
See REQ engine.qos.login.callback
See TEST org.xmlBlaster.test.qos.TestCallbackConfig
See TEST org.xmlBlaster.test.authentication.TestSessionCb

This page is generated from the requirement XML file xmlBlaster/doc/requirements/client.callback.authenticate.xml

Back to overview