Crossbar.io Application Router Logo
22.5.1.dev1

Home:

  • Crossbar.io
  • Crossbario.com
  • WAMP
  • Crossbario Docs

Contents:

  • Getting started with Crossbar.io
    • What is WAMP?
    • Introduction
    • WAMP Clients
    • Prerequisite
    • What’s in this guide
    • Basic Concept:
    • Node Controller:
      • Configuration:
    • Router:
      • Realm
        • Roles
      • Transport:
    • Installing Docker
    • Example Code
    • Starting a Crossbar.io Router
      • Viewing Crossbar Status in a Browser
    • Crossbar configuration
    • Hello World
      • Publishing Client
      • Subscriber Client from Browser
      • Mixing it together
    • NodeJS Example
    • RPC Example
      • RPC Date Callee
        • Browser
        • NodeJS
        • Source code
      • RPC Date Caller
    • Modifying Things
    • Further Materials
  • Basic Concepts
    • WAMP
      • Publish & Subscribe
      • Routed Remote Procedure Calls
      • WAMP Roles
        • Realms
    • Crossbar.io Node
    • Configuration
      • Router Configuration
        • Realms
        • Transports
    • Installation
  • Installing Crossbar.io
    • Docker Images
    • Other Platforms
    • Setup in the Cloud
    • Demo Instance
    • Try without Installation
  • Administration Manual
    • Node Configuration
    • Authentication and Authorization
    • Web Services
    • More
  • Programming Guide
    • Usage
    • General
    • Publish and Subscribe
    • Remote Procedure Calls
    • Specific Usages
    • Specific Languages
  • Integration Guide
  • Tutorials and Recipes
  • Compatibility Policy
    • Backward Compatibility of Releases
    • Compatibility with WAMP Client Libraries
  • Crossbar.io Code License
    • Code
    • WAMP clients as separate works
  • Crossbar.io Documentation License
    • Note to Contributors to this documentation
  • Contributing to the project - FAQ
    • What is a CAA?
    • Why a CAA?
    • Can I contribute code where I do not own copyright?
  • FAQ
    • The WAMP ecosystem
      • What is the relationship between WAMP, Autobahn and Crossbar.io?
      • What is WAMP?
      • What is Autobahn?
      • What is Crossbar.io?
    • Licenses
      • What does open-source license mean for me when I use it for a project?
      • What is the license for the application templates?
    • Modifying and Contributing
      • Can I hack Crossbar.io to fit my own needs?
      • I want to contribute to Crossbar.io - what do I need to do?
    • Integration
      • Can I integrate a non-WAMP application into my WAMP application?
  • Changelog

IMPRESSUM:

  • Crossbar.io/impressum
Crossbar.io Application Router
  • »
  • Cookie Authentication
  • View page source

Cookie Authentication¶

Introduction¶

Cookie authentication works like this.

With cookie tracking enabled, a browser client or generally any WAMP client connecting via WAMP-over-WebSocket is handed out a randomly assigned cookie by Crossbar.io.

When the client then authenticates using a WAMP authentication method such as WAMP-CRA, upon successful authentication, Crossbar.io will attached the authentication information to the cookie stored in the cookie store (either transiently or persistently).

When the client then comes back later, and sends the cookie handed out previously, Crossbar.io will look up the cookie, and if the cookie has attached authentication information, it will immediately authenticate the client using the previously stored information.

Configuration¶

Here is part of a node configuration that enables cookie-tracking on a WebSocket transport, as well as enabling cookie-based authentication plus WAMP-CRA.

You can find a complete example here.

 "transports": [
    {
       "type": "web",
       "endpoint": {
          "type": "tcp",
          "port": 8080
       },
       "paths": {
          "/": {
             "type": "static",
             "directory": "../web"
          },
          "ws": {
             "type": "websocket",
             "cookie": {
                "store": {
                   "type": "file",
                   "filename": "cookies.dat"
                }
             },
             "auth": {
                "wampcra": {
                   "type": "static",
                   "users": {
                      "joe": {
                         "role": "frontend",
                         "secret": "123456"
                      }
                   }
                },
                "cookie": {
                }
             }
          }
       }
    }
]

Note that to use cookie-based authentication you have to activate cookie-tracking and at least one non-cookie based authentication method.

© Copyright 2013-2022, Crossbar.io Technologies GmbH.

Built with Sphinx using a theme provided by Read the Docs.