Programmatically, I want the ability to reject/deny inbound websocket connections within my application based on some criteria.  The most obvious approach to me is to implement Configurator and override the modifyHandshake method.  HandshakeResponse only exposes the SEC_WEBSOCKET_ACCEPT property key.  When I set this value as an empty list, the behavior is not as I was hoping (not sure what I was expecting).