Spring WebSocket返回一个未记录的403 [英] Spring WebSocket returning an unlogged 403
问题描述
我的Spring WebSocket返回了403,虽然我不知道为什么,Spring Security目前还没有上课。
There is a 403 being returned from my Spring WebSocket though I'm not sure why, Spring Security is not currently on the class path.
注意:我开始了写这个问题,然后打开完整的Spring Boot调试,这是它发出的最后3行日志。
note: I started writing this issue and then turned on full Spring Boot debug, here's the last 3 lines of log it emits.
2015-08-23 14:38:30.263 DEBUG 32271 --- [nio-8080-exec-1] o.s.b.a.e.mvc.EndpointHandlerMapping : Looking up handler method for path /socket/info
2015-08-23 14:38:30.270 DEBUG 32271 --- [nio-8080-exec-1] o.s.b.a.e.mvc.EndpointHandlerMapping : Did not find handler method for [/socket/info]
2015-08-23 14:39:08.791 INFO 32271 --- [eBrokerSockJS-1] o.s.w.s.c.WebSocketMessageBrokerStats : WebSocketSession[0 current WS(0)-HttpStream(0)-HttpPoll(0), 0 total, 0 closed abnormally (0 connect failure, 0 send limit, 0 transport error)], stompSubProtocol[processed CONNECT(0)-CONNECTED(0)-DISCONNECT(0)], stompBrokerRelay[null], inboundChannel[pool size = 0, active threads = 0, queued tasks = 0, completed tasks = 0], outboundChannelpool size = 0, active threads = 0, queued tasks = 0, completed tasks = 0], sockJsScheduler[pool size = 1, active threads = 1, queued tasks = 0, completed tasks = 0]
这里是响应标题
HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: http://localhost:3000
Access-Control-Allow-: POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Headers: content-type, x-auth-token, x-requested-with
Access-Control-Expose-Headers: Location
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 3600
X-Application-Context: application
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Length: 0
Date: Sun, 23 Aug 2015 18:01:10 GMT
这里是请求
GET /socket/info?t=1440352870279 HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Origin: http://localhost:3000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36
Accept: */*
DNT: 1
Referer: http://localhost:3000/
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: NXSESSIONID=174bf31b-e199-44e3-bae8-f5f44ad6ee90
这是我的WebSocket配置
Here's my WebSocket configuration
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
@Override
public void configureMessageBroker( final MessageBrokerRegistry config ) {
config.enableSimpleBroker( "/topic" );
config.setApplicationDestinationPrefixes( "/app" );
}
@Override
public void registerStompEndpoints( final StompEndpointRegistry registry ) {
registry.addEndpoint( "/socket" ).withSockJS();
}
}
访问 http:// localhost:8080 显示欢迎来到SockJS!所以我相信这是有效的。 StompJS正在发出哎呀!在403之后失去与http:// localhost:8080 / socket
的连接。
visiting http://localhost:8080 displays "Welcome to SockJS!" so I believe that's working. StompJS is emitting Whoops! Lost connection to http://localhost:8080/socket
after the 403.
这里是我的javascript。
here's my javascript.
var SockJS = require( 'sockjs-client' );
var sock = new SockJS( 'http://localhost:8080/socket' );
var Stomp = require( 'stompjs' );
var stompClient = Stomp.over( sock );
stompClient.connect( {}, function( frame ) {
console.log( 'Connected: ' + frame );
stompClient.subscribe( '/topic/stations/create', function() {
console.log( 'subscribed' );
} );
} );
stomp发出此打开网络套接字......
,但永远不会连接
stomp emits this Opening Web Socket...
, but never reaches connected
我缺少什么?我做错了什么?
What am I missing? what am I doing wrong?
推荐答案
显然还有第二个允许来源,我需要允许,特别是对于websockets。我的 application.properties
中有 allowOrigin
,然后在我的配置上使用setter注入,因为构造函数注入不起作用在这种bean类型上。然后,在调用 withSockJs
之前,我必须添加的是 setAllowedOrigins(...)
。
Apparently there is a second allow origin, that I needed to allow, specifically for websockets. I have an allowOrigin
in my application.properties
and then used setter injection on my configuration because constructor injection doesn't work on this bean type. Then all I had to add was setAllowedOrigins( ... )
prior to calling withSockJs
.
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
private URI allowOrigin;
@Inject // constructor injection not working in this class, use setter injection instead
public void setAllowOrigin( @Value( "${allowOrigin}" ) final URI allowOrigin ) {
this.allowOrigin = Objects.requireNonNull( allowOrigin );
}
@Override
public void configureMessageBroker( final MessageBrokerRegistry config ) {
config.enableSimpleBroker( "/topic" );
config.setApplicationDestinationPrefixes( "/app" );
}
@Override
public void registerStompEndpoints( final StompEndpointRegistry registry ) {
registry.addEndpoint( "/socket" )
.setAllowedOrigins( allowOrigin.toString() )
.withSockJS();
}
}
这篇关于Spring WebSocket返回一个未记录的403的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!