Interface AuthenticationPlugin

Functional Interface:
This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

@FunctionalInterface public interface AuthenticationPlugin
Plugin that must evaluate whether a WebSocket connection shall be allowed, and then authenticate the resulting MatsSocketSession.
  1. Upon WebSocket connection, the methods checkOrigin(..), checkHandshake(..) and onOpen(..) are invoked in succession.
  2. During the initial set of messages received from the MatsSocket Client, the initialAuthentication(..) is invoked, which evaluates whether the supplied Authorization "Header" value is good, and if so returns a Principal and a UserId.
  3. During the life of the MatsSocketSession, the two methods reevaluateAuthentication(..) and reevaluateAuthenticationForOutgoingMessage(..) may be invoked several times.
  4. When the Client tries to subscribe to a Topic, the method authorizeUserForTopic(..) is invoked to decide whether to allow or deny the subscription.
Read through all methods' JavaDoc in succession to get an understanding of how it works!

Thread Safety: Concurrency issues wrt. to multiple threads accessing a AuthenticationPlugin.SessionAuthenticator: Seen from the MatsSocketServer, only one thread will ever access any of the methods at any one time, and memory consistency is handled (i.e. the AuthenticationPlugin.SessionAuthenticator instance is effectively synchronized on): You do not need to synchronize on anything within an instance of AuthenticationPlugin.SessionAuthenticator, and any fields set on the instance by some method will be correctly available for subsequent invocations of the same or any other methods.