[aerogear-dev] Allow Push Without Master-Secret?
Florian Schrofner
florian.schrofner at outlook.com
Thu Apr 17 15:35:42 EDT 2014
I thought about that too.. but I didn't really see the difference, since
everybody who knows the link to the broker can also invoke a push without
authentication, can't he?
Also setting up another server just for forwarding request seems a bit
overpowered to me (and a lot more work)..
As long as I don't unintentionally open a huge security hole by patching the
server it shouldn't make that much difference, should it?
Maybe we'll build the first prototypes using the patched aerogear server and
switch to the broker later on.
Nodejs would be the best option for the broker, I guess?
--
View this message in context: http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Allow-Push-Without-Master-Secret-tp7474p7493.html
Sent from the aerogear-dev mailing list archive at Nabble.com.
More information about the aerogear-dev
mailing list