TsgcWebSocketHTTPServer › Properties › Authentication
Enables and configures user/password authentication for incoming WebSocket and HTTP connections.
public TsgcWSAuthenticationServer_Options Authentication { get; set; }Enabled=False
When Authentication.Enabled is True the server authenticates every incoming connection against the AuthUsers list (format user=password per line). Three built-in schemes are supported: Session (client first does an HTTP GET, receives a session id and then opens the WebSocket passing the id as a parameter), URL (username and password are sent in the query string of the WebSocket HandShake) and Basic (HTTP Basic Access Authentication — only used by VCL clients/servers and HTTP requests). The OnAuthentication event lets you plug in your own credential check; OnUnknownAuthentication handles non-standard schemes such as Bearer/JWT. Use CustomHeaders to add extra HTTP headers returned on authentication errors.
oServer = new TsgcWebSocketHTTPServer();
oServer.Authentication.Enabled = true;
oServer.Authentication.Basic.Enabled = true;
oServer.Authentication.AuthUsers.Add("user=secret");
oServer.Active = true;