我正在尝试使用spring security验证我的一些stomp主题:
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
messages
.simpDestMatchers("/webrtc/signal").hasRole("CLIENT")
.simpSubscribeDestMatchers("/signal/private").hasRole("CLIENT")
.simpSubscribeDestMatchers("/signal/public").permitAll();
}这就像预期的那样工作,设备只有在具有正确的角色时才能连接。然而,当客户机试图订阅一个主题时,他们没有访问spring的权限,就会抛出错误 Failed to send message to ExecutorSubscribableChannel[clientInboundChannel]; nested exception is org.springframework.security.access.AccessDeniedException: Access is denied 然后关闭客户端上的stomp连接。有没有什么方法可以在不中断和关闭连接的情况下优雅地拒绝订阅?
如果有帮助,这是我的身份验证配置:
@Override
public void configureClientInboundChannel(ChannelRegistration registration) {
registration.interceptors(new ChannelInterceptor() {
@Override
public Message<?> preSend(Message<?> message, MessageChannel channel) {
StompHeaderAccessor accessor =
MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);
assert accessor != null;
if (StompCommand.CONNECT.equals(accessor.getCommand()) && Objects.nonNull(accessor.getHeader("token"))) {
Authentication user =
jwtTokenProvider.getAuthentication((String) accessor.getHeader("token"));
accessor.setUser(user);
}
return message;
}
});
}
暂无答案!
目前还没有任何答案,快来回答吧!