Closed jonasraoni closed 2 years ago
Hi @jonasraoni - Iβm glad it is useful π
I havenβt tested the plugin with WebSocket, so there might be issues with that.
How is that intended to work? First the NTLM handshake over HTTP and then upgrade to WebSocket? I need to add some test cases so I need to understand it.
After setting up a test environment with websockets, I can confirm that the plugin does not support authenticated websockets. Websockets without authentication works fine. Is this an odd use case? I found some links indicating that even Chrome does not support authentication on websockets. I will look into it regardless, if it isn't very complex I'll implement it.
Hmm, I'm not sure how often this is used in the wild. As I'm dealing with confidential information I've decided to enable the authentication everywhere I could. Well, I'll be using my alternative fix. Keep up the good work =]
I've been looking more into this. Could you provide some more details? I need to simulate the setup to try out an implementation. Which browser? Which web server? And I presume you mean windows authentication (NTLM or Negotiate using HTTP headers) when you say "authenticated websocket", since there are other means for websocket authentication.
@jonasraoni Mind sharing your solution? π
@bjowes I'm just testing things in Chrome, Edge and IE11 (π), the server is .net core 3.1 (HttpSys). Yeah, all the authentication is done through NTLM.
@creage I'm using the WebSocket client for SignalR and it has some fallback implementations (long-polling/server-sent events) which use simple HTTP requests, so it's somehow acceptable for me. Another way would be to disable the authentication requirement in the server while testing π©
Since this seems like a rare use case, there are no plans to add it to the plugin for now.
Hi @bjowes!
Thanks for the plugin, I'd have a harder time testing my SPAs without it :)
The plugin is working fine with standard HTTP requests, but looks like the WebSocket authentication is failing π€ Well, I'll inspect later, by now I've just modified the connection to "long polling" mode to not stay stuck.