订阅特权stomp主题时引发错误:未能将消息发送到executorsubscribablechannel[clientinboundchannel]

y3bcpkx1  于 2021-07-13  发布在  Java
关注(0)|答案(0)|浏览(575)

我正在尝试使用spring security验证我的一些stomp主题:

@Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
        messages
                .simpDestMatchers("/webrtc/signal").hasRole("CLIENT")
                .simpSubscribeDestMatchers("/signal/private").hasRole("CLIENT")
                .simpSubscribeDestMatchers("/signal/public").permitAll();
    }

这就像预期的那样工作,设备只有在具有正确的角色时才能连接。然而,当客户机试图订阅一个主题时,他们没有访问spring的权限,就会抛出错误 Failed to send message to ExecutorSubscribableChannel[clientInboundChannel]; nested exception is org.springframework.security.access.AccessDeniedException: Access is denied 然后关闭客户端上的stomp连接。有没有什么方法可以在不中断和关闭连接的情况下优雅地拒绝订阅?
如果有帮助,这是我的身份验证配置:

@Override
    public void configureClientInboundChannel(ChannelRegistration registration) {
        registration.interceptors(new ChannelInterceptor() {
            @Override
            public Message<?> preSend(Message<?> message, MessageChannel channel) {
                StompHeaderAccessor accessor =
                        MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);

                assert accessor != null;
                if (StompCommand.CONNECT.equals(accessor.getCommand()) && Objects.nonNull(accessor.getHeader("token"))) {
                    Authentication user =
                            jwtTokenProvider.getAuthentication((String) accessor.getHeader("token"));
                    accessor.setUser(user);
                }
                return message;
            }
        });
    }

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题