12 Temmuz 2018 Perşembe

SpringStomp AbstractSecurityWebSocketMessageBrokerConfigurer Sınıfı - Kullanıcıların Doğrulanmış Olması Gerekir

Giriş
Şu satırı dahil ederiz.
import org.springframework.context.annotation.Configuration;
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
import org.springframework.web.socket.config.annotation
  .AbstractWebSocketMessageBrokerConfigurer;
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
AbstractWebSocketMessageBrokerConfigurer sınıfı ile kardeştir.

Tanımlama
Şöyle yaparız. Yani @EnableWebSocketMessageHandle anotasyonu gerekir.
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer{
  ...
}
Bu sınıf yerine direkt WebSocketMessageBrokerConfigurer arayüzünü kullanmak istersek şöyle yaparız.
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

  @Override
  public void configureMessageBroker(MessageBrokerRegistry config) {
    ...
  }

  @Override
  public void registerStompEndpoints(StompEndpointRegistry registry) {
    ...
  }
}
configureInbound metodu
Açıklaması şöyle
The SecurityContextHolder is populated with the user within the simpUser header attribute for any inbound request.
Örnek
Şöyle yaparız
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
  messages
    .simpSubscribeDestMatchers("/check/events/*")
    .authenticated()
    .anyMessage()
    .authenticated();
}
configureClientInboundChannel metodou
İmzası şöyle.
@Override
public void configureClientInboundChannel(ChannelRegistration registration);
configureMessageBroker metodu
Açıklaması şöyle.
When user authenticates with Spring Security, WebSocket module creates unique channel for that user based on his Principal. Example "/user/queue/position-updates" is translated to "/queue/position-updates-user123"
So on the client side all I had to do, was subscribe to /user/queue/requests
And on the server side, send messages to /user/{username}/queue/requests with convertAndSendToUser(request.getFromUser(), "/queue/requests", request) and Spring handles the rest.
MessageBrokerRegistry yazısına taşıdım.

registerStompEndpoints metodu
WebSocketClient tarafından bağlanılacak adrestir. setHandshakeHandler(),setAllowedOrigins() çağrılarını yapmak gerekir.

Örnek
Şöyle yaparız
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
  registry
    .addEndpoint("/test")
    .setHandshakeHandler(new DefaultHandshakeHandler(new TomcatRequestUpgradeStrategy()))
    .setAllowedOrigins("*")
    .withSockJS();
}
Örnek
Şöyle yaparız
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
  registry.addEndpoint("/websocket").
  .setHandshakeHandler(new MyHandshakeHandler()).
  .setAllowedOrigins("*")
  withSockJS();
}

public class MyHandshakeHandler extends DefaultHandshakeHandler {

  @Override
  protected Principal determineUser(ServerHttpRequest request, WebSocketHandler wsHandler,
    Map<String, Object> attributes) {
      // TODO Auto-generated method stub
      return super.determineUser(request, wsHandler, attributes);
  }
}
Örnek
Şöyle yaparız.
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
  registry.addEndpoint("/connect").withSockJS();
}
sameOriginEnabled metodu
Şöyle yaparız
@Override
protected boolean sameOriginDisabled() {
  return true;
}

Hiç yorum yok:

Yorum Gönder