I didn't find too much searching on this but maybe I missed something. Currently I have a service built on the AnnontationCometdServlet. Here is a snippet:
@Service("myService")
public final class myService
{
@Inject
private BayeuxServer bayeux;
@Session
private ServerSession session;
private BayeuxAuthenticator authenticator = new BayeuxAuthenticator();
public myService() {
....
....
}
@PostConstruct
public void setSecurity() {
System.out.println("Setting security policy");
bayeux.setSecurityPolicy(authenticator);
}
In this authenticator, I need two code branches. One will handle authentication of non oort handshakes using the HttpServletRequest object and connecting to a legacy application for validation.
Unfortunately, this validation will fail for oort handshakes (obviously). I have implemented BayeuxAuthenticator as follows, but am not sure how to check for an Oort handshake in the canHandshake method.
public class BayeuxAuthenticator extends DefaultSecurityPolicy implements ServerSession.RemoveListener
{
@Override
public boolean canHandshake(BayeuxServer server, ServerSession session, ServerMessage message)
{
try {
if (oort.isOort(session)) {
return true;
}
} catch (NullPointerException np) {
}
}
I'm sure I'm missing something easy here... Thanks for the help.