Hey Mohindra
Here is a sample policy configured on the "inbound Policy" component of the websocket:
==========
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsp:All wsp:Usage="Required">
<L7p:CustomizeErrorResponse>
<L7p:Content stringValue="Security Exception: Error Code 5130001"/>
<L7p:ExtraHeaders nameValuePairArray="included"/>
</L7p:CustomizeErrorResponse>
<L7p:ComparisonAssertion>
<L7p:CaseSensitive booleanValue="false"/>
<L7p:Expression1 stringValue="${request.url.host}"/>
<L7p:Operator operatorNull="null"/>
<L7p:Predicates predicates="included">
<L7p:item dataType="included">
<L7p:Type variableDataType="string"/>
</L7p:item>
<L7p:item binary="included">
<L7p:CaseSensitive booleanValue="false"/>
<L7p:RightValue stringValue="casupporttest.com"/>
</L7p:item>
</L7p:Predicates>
</L7p:ComparisonAssertion>
</wsp:All>
</wsp:Policy>
=====================
It simply checks to see if the host is casupporttest.com before continuing processing. If this fails, the connection simply gets dropped and there is no response body noticed on the app with a reason for the failure.
Thanks