On Thu, Apr 17, 2014 at 9:35 PM, Florian Schrofner <
florian.schrofner(a)outlook.com> wrote:
I thought about that too.. but I didn't really see the
difference, since
everybody who knows the link to the broker can also invoke a push without
authentication, can't he?
Right, there is no difference, except that you don't have to patch UPS,
that you can later secure this REST endpoint and that you deleguate a
generic behaviour (sending push messages) to a single place.
Also setting up another server just for forwarding request seems a bit
overpowered to me (and a lot more work)..
I understand but put in balance the work to create a simple broker and
maintain a patched UPS
As long as I don't unintentionally open a huge security hole by patching
the
server it shouldn't make that much difference, should it?
Well if someone knows your MasterID he can potentially send millions of
notifications to all the devices :)
Maybe we'll build the first prototypes using the patched aerogear server
and
switch to the broker later on.
Nodejs would be the best option for the broker, I guess?
Yeah NodeJS could be a good option, look at this single NodeJS server page
that does almost all what you want :
https://github.com/sebastienblanc/hackergarten-messenger/blob/master/serv...
Thx again for your interest !
--
View this message in context:
http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Allow-Push-Without...
Sent from the aerogear-dev mailing list archive at
Nabble.com.
_______________________________________________
aerogear-dev mailing list
aerogear-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev