Securing WebSocket Server Endpoints
You may not want everyone to have access to a WebSocket endpoint you publish, and for those that do have access, you may want to tailor its interactions to suit the person who has access to it. If you are using a WebSocket on a social networking site that broadcasts your location on a map, you may not want the map containing your location to be seen by just anyone. If a WebSocket endpoint sends out breaking news updates, you may well wish that it tailored the news to those topics in which you have shown interest in the past.
The security model in the Java WebSocket API largely focuses on the main deployment ...