Lluís Xavier Casals Garcia: I suppose so, this would cover the client. do we need to do anything for the server? I'm assuming that would be the responsibility of an HTTP server like nginx/Apache?

Matt Fellows: For the server nothing is needed, as you are pointing out, what we have the responsibility on an HTTP server. So those X509 certificates are needed to access the Broker that is behind of-it.

Mention that we are using this also on the JS part, and we are working for the JVM one.

Thanks a lot for your help!

Matt Fellows: For the server nothing is needed, as you are pointing out, what we have the responsibility on an HTTP server. So those X509 certificates are needed to access the Broker that is behind of-it.

Mention that we are using this also on the JS part, and we are working for the JVM one.

Thanks a lot for your help!

Lluís Xavier Casals Garcia Fantastic - thanks so much for the PRs, much appreciated!

Lluís Xavier Casals Garcia: Awesome thank you! CC: Tagging Beth as our resident rubyist.

I'm happy to work with you and your team in getting necessary docs and an example in place.

Would you be able to add tests to cover the changes?

Is there a demo MASSL implementation?

for example, over in PactFlow we have a simple saml auth demo, I wonder if we could do something similar for the Broker to show this in use :)

also minor nitpick, it is Pact, not PACT. :)

Yousaf Nabi: A pleasure to provide some tests and add examples/demos. Will talk with the team to do so, and also to not forget about the documentation. I hope we will have some news for the next weeks.

Mention that the auth requires a middleware to host the Broker, and handle the authentication. However, we will investigate how to provide an example of using such authentication requirements on hosting the broker.

Greetings!