开发者

Securing channels with nginx and http push module

I was able to setup nginx as a message server for building a real-time javascript application with Dojo. For the setup I used the nginx http_push_module which can be configured to handle publish/subscribe requests on different “channels”. Channels is “A resource representing an isolated pathway for message transmission. Each channel has a single unique message queue”. Channels are identified by a id parameter in the url u开发者_Go百科sed within the XHR requests.

I'm in the need of implementing some sort of private channel, which the application can use to push messages to the users, but I've no idea of how to implement channel authentication.

Does anybody ever used http_push_module to create private channels or have suggestions about implementing them?

Thanks in advance for your support.


Maybe you can use my fork of the http_push_module module I've been working on, that one implements fine grain security access to channels in it. I just updated the README for you to know how to use it, but it basically uses md5 hashes, it provides expiration times to channels and per-client-IP/per-channel security (it additionally adds jsonp support if you need it):

https://github.com/Kronuz/nginx_http_push_module

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜