JSR-356: How to abort a websocket connection during the handshake?

Question

I need to be able to abort a websocket connection during the handshake in case the HTTP request does not meet certain criteria. From what I understand, the proper place to d

Answer 1

I know - old thread but I don't see any improvements about this. So maybe someone can discuss my solution for this problem.

I tried leos version, running Wildfly 8.0 , Undertow 1.0

final  ArrayList finalEmpty = new ArrayList();
response.getHeaders().put(HandshakeResponse.SEC_WEBSOCKET_ACCEPT,finalEmpty);

This will cause some funny behavior:

Even though your browser should close the connection, they will all go through the onOpen() procedure.

• Chrome: Will trigger onOpen(), then triggers onError(). In my case, I do some logging about disconnected clients so I anways call onClose() when there is an error.
• IE: Will act like Chrome
• Firefox: Firefox will just run the onOpen() procedure. And won't trigger onError(). So your Server doesn't even know the client is disconnected.

Don't mess up your headers and don't let the client do the dity work.

Instead, you should add authentification data to Configuration.

/** some verification foo code...**/

config.getUserProperties().put("isValid",true);

in onOpen() you then check for the value of isValid. If it isnt, you call onClose(session,null);. and the session will be closed.

It's not the best solution but thats because websocket authentification sucks and every browser is acting different sometimes. Please see: Websocket: Closing browser triggers onError() in chrome but onClose() event in Firefox