HTTP Authorization Header in EventSource (Server Sent Events)

Question

I need to set an Authorization header to an HTML5 EventSource. As Server Sent Events seems to be disused since Websockets appeared, I cannot find any useful documentation. The a

Answer 1

I solved this by additional rest before sse call, this rest is ordinary rest will require the same security protocol that we need for SSE call and get and OTP in response. And send this OTP to see call query param and validate this OTP in Web filter and replace it with authentication header.