[undertow-dev] modifyHandshake dilemma

Stuart Douglas sdouglas at redhat.com
Sun Nov 23 18:02:31 EST 2014

Looking at the websocket API's there does not really appear to be a way to set a specific response code. 

One option could be to just use a Servlet filter. Undertow's Websocket upgrade is handled by a filter that should be installed after all user defined filters, so your filter will run first. You could just look for the appropriate headers in your filter, and make a decision there. 

It would probably be good to address this in the next revision of the spec, can you create a spec issue with your use case at https://java.net/jira/browse/WEBSOCKET_SPEC ?


----- Original Message -----
> From: "Ryan Hermanson" <ryan.hermanson at gmail.com>
> To: undertow-dev at lists.jboss.org
> Sent: Saturday, 22 November, 2014 9:46:58 AM
> Subject: [undertow-dev] modifyHandshake dilemma
> Programmatically, I want the ability to reject/deny inbound websocket
> connections within my application based on some criteria. The most obvious
> approach to me is to implement Configurator and override the modifyHandshake
> method. HandshakeResponse only exposes the SEC_WEBSOCKET_ACCEPT property
> key. When I set this value as an empty list, the behavior is not as I was
> hoping (not sure what I was expecting).
> Inline with undertow convention/preference, how can I force a response to the
> connecting client endpoint that resembles a 405 or 403?
> Thank you,
> -Ryan
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev

More information about the undertow-dev mailing list