Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14
  1. #11
    Power Member
    Join Date
    Jul 2006
    Location
    Cesano Maderno, Italy
    Posts
    784
    hi,

    did you check page 15 of the document suggested by Dario?
    We're suggesting to authenticate your user with an SSL connection against your web server, than you'll send to lightstreamer a token (usually the session cookie) generated by the web server, not the password.
    Once such token reaches your metadata adapter you'll validate it against your web server.

  2. #12
    Senior Member
    Join Date
    Oct 2009
    Location
    cbba
    Posts
    33
    yes, i read this page, according to the diagram, i see it's necessary to send the username and password at least once, then the LS server send to the cliente a session_id.

    about the SSL connection, is there any way to send the information with https?? regardless that the master push page has been dowloaded through https or not.

    thanks for your help

  3. #13
    Power Member
    Join Date
    Jul 2006
    Location
    Cesano Maderno, Italy
    Posts
    784
    Hi,

    yes, i read this page, according to the diagram, i see it's necessary to send the username and password at least once, then the LS server send to the cliente a session_id.
    if you check the image on page 15 (attached) you'll see that the first request from the client goes to the web server not to Lightstreamer server. Such request can be a https request that contains the user and password.
    You will authenticate the user on your web server. The web server will send its session id to the client in some way (usually within a cookie).
    This first part has no relation with Lightstreamer, is just a classic web authentication.

    Once the client is authenticated on the web server it will open the stream connection to Lightstreamer server but, instead of sending user and password to such Lightstreamer server, it will send user and the session id generated by your web server.
    The metadata adapter will receive such info and will in turn communicate with your web server to ensure that the user/session id pair is a valid one and in such case will enable the streaming session.

    So, no password is sent to the Lightstreamer server, only the user and a session id generated by your web server.

    about the SSL connection, is there any way to send the information with https?? regardless that the master push page has been dowloaded through https or not.
    no, you can open an https streaming session only from a https page
    Attached Thumbnails Attached Thumbnails Click image for larger version. 

Name:	Immagine.PNG 
Views:	222 
Size:	46.3 KB 
ID:	58  

  4. #14
    Senior Member
    Join Date
    Oct 2009
    Location
    cbba
    Posts
    33
    thank you very much for your answers, are highly informative.
    i try to implement this, is a bit difficult because i don't have practical examples

    see you and thanks again

 

 

Similar Threads

  1. disconnection problems
    By magnum_rg in forum Client APIs
    Replies: 5
    Last Post: August 12th, 2011, 10:43 AM
  2. Get data specific to each User by passing parameters
    By leonardodar in forum Adapter APIs
    Replies: 3
    Last Post: March 16th, 2011, 10:45 AM
  3. Replies: 1
    Last Post: July 12th, 2010, 11:05 AM
  4. Replies: 5
    Last Post: September 8th, 2009, 04:07 PM
  5. Launching problems
    By mazgalici in forum General
    Replies: 1
    Last Post: June 27th, 2008, 10:30 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT +1. The time now is 03:12 PM.