For example lets say we are sending a cookie containing a JWT token. For Http we have written an Authentication mechanism which creates a security context and then a guice injector which gets the authenticated data from the security context Principal. 

Now if we need to support websockets, firstly the authentication mechanism is non existent. 

Another example is the Headers. In HttpServerExchange the headers are in a HeaderMap but for websockets it is a Map<String, List<String>>. The injection code that worked off HeaderMap now no longer work in Websocket context.

I feel like this can be improved if there are shared interfaces for these core objects across Http and Websockets so that it becomes easy for downstream code to re-use business object injection logic across the two

Thoughts?

Robin