WAMP differentiates between
- Authentication
- Authorization
- Validation
Authentication establishes the identity of a WAMP client at a WAMP router.
When using Autobahn|Python to roll your own WAMP router, here are multiple examples showing how to implement different authentication mechanisms.
When using Crossbar.io (an integrated, production ready WAMP router), authentication mechanisms come built in (here).
Authorization determines if a given WAMP client is allowed to perform a WAMP action (like publish or call) on a given URI.
When using Autobahn|Python to roll your own WAMP router, here is an example showing how to implement custom authorization.
Crossbar.io has a builtin static authorization scheme as well as allows to register custom WAMP procedures for authorization (here).
Finally, there is Validation, which checks the application level payload of events or calls.
Here is an example for Autobahn|Python. Crossbar.io will soon allow to register custom WAMP procedures for validation.