How does authorization work within Lightstreamer?
Is it possible to restrict a client's access to certain item names within a subscrition? For example, we would like to prevent client A from seeing information pertaining to client B.
Many thanks.
Printable View
How does authorization work within Lightstreamer?
Is it possible to restrict a client's access to certain item names within a subscrition? For example, we would like to prevent client A from seeing information pertaining to client B.
Many thanks.
All authorization stuff is performed by the Metadata Adapter.
In particular, client requests for items are managed, first of all, by getItems, which interprets the request and can leverage the knowledge of the user name. Only the item names returned by getItems are attached to the session.
Alternatively, if getItems only performs interpretation of the request at a syntax level, authorization can be delegated to notifyNewTables (see the caveats in the docs), which can veto an incoming request and send an error notification to the client.
Could you post an example code?Quote:
Originally Posted by DarioCrivelli
There are no examples of authorization checks in the available demos.
The following example code shows the use of notifyNewTables to check subscription requests and refuse them if needed.
The methods shown should be added to the Metadata Adapter class.