xmlBlaster - Requirement client.callback.authenticate

REQUIREMENT

client.callback.authenticate

Type NEW

Priority HIGH

Status CLOSED

Topic The callback server, instantiated from clients, needs to authenticate xmlBlaster

Des
cription
When xmlBlaster sends a message asynchronous back to the client callback server, we must attach some credentials to the message.

The client callback server must protect itself against intruder messages.

This is achieved by a session ID, a unique and secret string. The session ID is passed when you register your callback server with xmlBlaster. On callback this session ID is bounced back with the update() method. You can now check the delivered session ID.

Example
Java
This xml is passed as the QoS of a connect() or subcribe() <qos> ... <callback type='IOR' sessionId='0fxrc83plP'> IOR:0000404944... </callback> </qos> You receive this sessionId with your message update (example for Java): public String update(String cbSessionId, UpdateKey updateKey, byte[] content, UpdateQos updateQos) { // cbSessionId should be '0fxrc83plP' }

Configure
NOTE: Configuration parameters are specified on command line (-someValue 17) or in the xmlBlaster.properties file (someValue=17). See requirement "util.property" for details.
Columns named Impl tells you if the feature is implemented.
Columns named Hot tells you if the configuration is changeable in hot operation.

See API org.xmlBlaster.util.qos.address.CallbackAddress

See REQ engine.callback

See REQ engine.qos.login.callback

See TEST org.xmlBlaster.test.qos.TestCallbackConfig

See TEST org.xmlBlaster.test.authentication.TestSessionCb

This page is generated from the requirement XML file xmlBlaster/doc/requirements/client.callback.authenticate.xml

Back to overview

Topic	The callback server, instantiated from clients, needs to authenticate xmlBlaster
Des cription	When xmlBlaster sends a message asynchronous back to the client callback server, we must attach some credentials to the message. The client callback server must protect itself against intruder messages. This is achieved by a session ID, a unique and secret string. The session ID is passed when you register your callback server with xmlBlaster. On callback this session ID is bounced back with the update() method. You can now check the delivered session ID.
Example Java	This xml is passed as the QoS of a connect() or subcribe() <qos> ... <callback type='IOR' sessionId='0fxrc83plP'> IOR:0000404944... </callback> </qos> You receive this sessionId with your message update (example for Java): public String update(String cbSessionId, UpdateKey updateKey, byte[] content, UpdateQos updateQos) { // cbSessionId should be '0fxrc83plP' }
Configure	NOTE: Configuration parameters are specified on command line (-someValue 17) or in the xmlBlaster.properties file (someValue=17). See requirement "util.property" for details. Columns named Impl tells you if the feature is implemented. Columns named Hot tells you if the configuration is changeable in hot operation.
See API	org.xmlBlaster.util.qos.address.CallbackAddress
See REQ	engine.callback
See REQ	engine.qos.login.callback
See TEST	org.xmlBlaster.test.qos.TestCallbackConfig
See TEST	org.xmlBlaster.test.authentication.TestSessionCb