Results 1 to 4 of 4
  1. #1
    Senior Member
    Join Date
    Sep 2013
    Location
    Coimbatore
    Posts
    65

    Provide security for accessing my remote adapter by others

    Need to know the logic behind the security to connect my remote adapter by LS client. Because if some others copy and use in their domain means it is working well what I have dome in my site.
    For this I have tried to check the domain name in meta data adapter, If the domain name exist I will send the response. Now I need to use LS in my mobile app also, so what is the logic I need to use in metadata adapter to restrict using my LS response from others who are trying my code in their site

  2. #2
    Administrator
    Join Date
    Feb 2012
    Location
    Milano
    Posts
    477
    Hi rvkvino

    Assuming that you do not want to adopt a traditional authentication mechanism with user and password, you could leverage some application tricks, such as determining a specific identification label for your application,
    and pass this information in each lightstreamer session through the setUser or setHttpExtraHeaders. At the server-side you will check this information in your Metadata Adapter, and in the specific in the methods: notifyUser or notifyNewSession.

    Alternatively, you can look in all the information that reaches your Metadata Adapeter (for example in the ClientContext of notifyNewSession) if any of them precisely identify your application and can be used in place of Host header.

    Please let us know if you need any further clarifications.

    Regards,
    Giuseppe

  3. #3
    Senior Member
    Join Date
    Sep 2013
    Location
    Coimbatore
    Posts
    65
    Hi,
    If I set in setUser or setHttpExtraHeaders means others also can check that code via browser developer tools.

  4. #4
    Administrator
    Join Date
    Feb 2012
    Location
    Milano
    Posts
    477
    Hi rvkvino,

    Did you mean that the source code of Web and Mobile application will be exactly the same? Any chances for obfuscated code?

    In any case, another possibility is to retrieve at run time the package name (appContext.getPackageName() - that is the unique id of your application) and use this.

    Regards,
    Giuseppe

 

 

Similar Threads

  1. Broadcast client connection status to others
    By tvhnet2013 in forum General
    Replies: 2
    Last Post: October 9th, 2013, 12:00 PM
  2. Provide explicit proxy settings for OSX client
    By vpurohit in forum Client APIs
    Replies: 3
    Last Post: October 8th, 2013, 12:42 PM
  3. Accessing multiple adapters
    By Waddy in forum General
    Replies: 2
    Last Post: March 16th, 2007, 06:06 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT +1. The time now is 05:56 AM.