TsgcWebSocketProxyServer › Properties › Authentication
Enables and configures user/password authentication for incoming WebSocket clients connecting to the proxy.
property Authentication: TsgcWSAuthenticationServer_Options read FAuthentication write SetAuthentication;Enabled=False
When Authentication.Enabled is True the proxy authenticates every incoming downstream connection against the AuthUsers list (format user=password per line) before opening the matching link to the upstream server defined in Proxy. Three built-in schemes are supported: Session (client first does an HTTP GET, receives a session id and then opens the WebSocket passing the id as a parameter), URL (username and password are sent in the query string of the WebSocket HandShake) and Basic (HTTP Basic Access Authentication). The OnAuthentication event lets you plug in your own credential check; OnUnknownAuthentication handles non-standard schemes such as Bearer/JWT. Authentication is performed on the downstream side only; the proxy does not forward credentials to the upstream server automatically.
oProxy := TsgcWebSocketProxyServer.Create(nil);
oProxy.Authentication.Enabled := true;
oProxy.Authentication.Basic.Enabled := true;
oProxy.Authentication.AuthUsers.Add('user=secret');
oProxy.Proxy.Host := 'upstream.example.com';
oProxy.Proxy.Port := 8080;
oProxy.Active := true;