IETF Logo Mail Archive

[hybi] WebSocket handshake (HTTP and SSO)

Brodie Thiesfield <brodie@jellycan.com> Sun, 29 August 2010 09:20 UTC

Return-Path: <brofield@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DEB0F3A67B5 for <hybi@core3.amsl.com>; Sun, 29 Aug 2010 02:20:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SOgeHCaAp0bv for <hybi@core3.amsl.com>; Sun, 29 Aug 2010 02:20:48 -0700 (PDT)
Received: from mail-px0-f172.google.com (mail-px0-f172.google.com [209.85.212.172]) by core3.amsl.com (Postfix) with ESMTP id 0B0FB3A677E for <hybi@ietf.org>; Sun, 29 Aug 2010 02:20:48 -0700 (PDT)
Received: by pxi6 with SMTP id 6so2042676pxi.31 for <hybi@ietf.org>; Sun, 29 Aug 2010 02:21:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=yeXfQ8WgthLoflhVcdXFZA6CBu8DxFShKAkm+WskyxY=; b=PIPbKNr+5qv+v7X5gARzRKY32oHfeBHmxB4lBOFONeY4DtD8Vzd90mktCC7P+NlBY3 zFaQvutv9xAfCmwafjsbQWuxeoUJ+pFguHn/p+I7pzIgsLZAX0DaUF8psflXV8HKgSS2 Z2FOa4tskuEMPSIxWXFQZGL1Rn7v2FTsIK/WI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=ayckQ6SDAl4PINY7HQbLgzaTPRP6m6q2QTQ4fqc/KioOAyj7/kUoNdTtLUPzGgmeam qmtadSCLm9GuDlGE4X5pBuABg/GF0X1MTDdnk49bqax8vHvdvY5PwcHnI5S/TXcewAPR CfyynW0jxSUPPQgDnsu8XErc3zNhQ3EXzfgCg=
Received: by 10.114.39.16 with SMTP id m16mr235981wam.221.1283073679466; Sun, 29 Aug 2010 02:21:19 -0700 (PDT)
Received: from [192.168.0.3] (usr013.bb151-01.udk.im.wakwak.ne.jp [61.205.253.79]) by mx.google.com with ESMTPS id c24sm11255616wam.19.2010.08.29.02.21.17 (version=SSLv3 cipher=RC4-MD5); Sun, 29 Aug 2010 02:21:18 -0700 (PDT)
Sender: Brodie Thiesfield <brofield@gmail.com>
Message-ID: <4C7A269F.8020306@gmail.com>
Date: Sun, 29 Aug 2010 18:21:35 +0900
From: Brodie Thiesfield <brodie@jellycan.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: hybi@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sun, 29 Aug 2010 15:54:37 -0700
Subject: [hybi] WebSocket handshake (HTTP and SSO)
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Aug 2010 09:45:32 -0000

Hi,

I would like to request a clarification of the current thinking of the 
working group.

I am a developer keen to use WebSocket for its ability to have multiple 
simultaneous outstanding requests from our clients over a single socket. 
My company's product currently uses SOAP over HTTP, however we are 
currently experimenting with existing browser implementations of 
WebSocket (+ flash where not supported). We are now sending the same 
SOAP requests over WebSocket and having some good results in our trials.

However, we need to support this product in corporate networks, and for 
this reason one of our biggest requirements is to be able to support 
single sign on from the desktop.

Prior to the server allowing the WebSocket upgrade request with a 101 
header, will it be valid to require authentication via standard HTTP 401 
authorization required dialog? (i.e. via Microsoft negotiate, basic, 
digest, etc). Only after the client is successfully authorized would we 
want to accept the Upgrade and change to WebSocket.

The -76/-00 protocol would not permit this (due to the extra bytes in 
the Upgrade request) however the document 
https://datatracker.ietf.org/doc/draft-ietf-hybi-websocket-requirements/ 
(REQ 8) states that connections must be HTTP up to the acceptance of the 
Upgrade, and (REQ 9) that existing HTTP components should be able to be 
reused.

Is this document the latest thoughts of the WG? Should I continue with 
the assumption that it is likely that this style of WebSocket handshake 
would be supported?

Regards,
Brodie

v2.23.0 | Report a Bug | By Email