Spring Boot应用程序中的Websocket - 获取403禁止 [英] Websocket in Spring Boot app - Getting 403 Forbidden
问题描述
但是,当我为websocket代码创建一个Spring引导jar(gradlew构建)并运行java -jar websocket-code.jar时,出现403错误, websocket。
我没有对websocket进行身份验证。
我有一个CORS过滤器,并认为在请求/响应中有所有标题。
以下是我的build.gradle
apply plugin:'java'
apply plugin:'spring-boot'
apply plugin:'war'
sourceCompatibility = 1.7
version ='1.0'
存储库{
mavenCentral()
}
buildscript {
存储库{
mavenCentral()
}
依赖项{
classpath(org.springframework.boot:spring-boot-gradle-plugin:1.2.5.RELEASE )
}
}
配置{
compile.exclude模块:spring-boot-starter-tomcat
}
dependencies {
compileorg.springframework:spring-web:$ spring_version
compileorg.springframework:spring-webmvc:$ spring_version
compileorg.springframework:spring- websocket:$ spring_version
compileorg.springframework:spring-messaging:$ spring_version
c
编译org.springframework.boot:spring-boot-starter-web
compilecom.fasterxml.jackson.core: jackson-databind:2.6.2
compilecom.fasterxml.jackson.core:jackson-core:2.6.2
compilecom.fasterxml.jackson.core:jackson-annotations:2.6。 2
compileorg.springframework.amqp:spring-rabbit:1.3.5.RELEASE
compile(org.springframework:spring-tx)
compile(org.springframework .boot:spring-boot-starter-web:1.2.6.RELEASE)
compile(org.springframework.boot:spring-boot-starter-jetty:1.2.6.RELEASE)
testCompile组:'junit',name:'junit',版本:'4.11'
testcompileorg.springframework:spring-test:$ spring_version
}
任务包装器(type:Wrapper){
gradleVersion ='2.5'
}
更新:
增加了一个CORS过滤器和
response.setHeader(Access-Control-Allow- Origin, http:// localhost:8089 );
在firebug on客户端
请求头文件
Origin
http:// localhost:8089
响应标题
Access-Control-Allow-Origin
http:// localhost:8089
服务器日志
2015-10-02 16:57:31.372 DEBUG 1848 --- [qtp374030679-14] oswssthDefaultSockJsService:请求被拒绝,Origin头值为http:// localhost:8089不允许
我要求的来源位于允许来源列表中。仍然在日志中收到Request Rejected消息。
我的2环境之间的区别在于jar版本。 b
$ b
spring-boot-starter-websocket-1.2.5.RELEASE.jar
spring-websocket-4.1.7.RELEASE.jar
由于spring-boot-starter-websocket在打包时依赖于它,所以它正在拾取spring-websocket-4.1 .RELEASE尽管spring_version是spring_version = 4.0.6.RELEASE。
修改了build.gradle中的依赖关系,解决了问题。
compileorg.springframework.boot:spring-boot-starter-websocket:1.1.0.RELEASE
我认为在spring-websocket jar的最新版本中,StompWebSocketEndpointRegistration类有必须使用的setAllowedOrigins方法。没有试过这个方法。
但CORS过滤器带有
response.setHeader(Access-Control-Allow-原稿in,http:// localhost:8089);
正在使用旧版本。
Websocket in Spring Boot app - Getting 403 Forbidden
I can connect to the websocket from client using sockjs/stompjs when I run this in eclipse (no spring boot).
But when I create a Spring boot jar(gradlew build) for the websocket code and run the java -jar websocket-code.jar I get a 403 error connecting to the websocket.
I have no authentication for the websockets. I have a CORS filters and think have all headers right in request/response.
Below is my build.gradle
apply plugin: 'java'
apply plugin: 'spring-boot'
apply plugin: 'war'
sourceCompatibility = 1.7
version = '1.0'
repositories {
mavenCentral()
}
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.2.5.RELEASE")
}
}
configurations {
compile.exclude module: "spring-boot-starter-tomcat"
}
dependencies {
compile "org.springframework:spring-web:$spring_version"
compile "org.springframework:spring-webmvc:$spring_version"
compile "org.springframework:spring-websocket:$spring_version"
compile "org.springframework:spring-messaging:$spring_version"
compile "org.springframework.boot:spring-boot-starter-websocket"
compile "org.springframework.boot:spring-boot-starter-web"
compile "com.fasterxml.jackson.core:jackson-databind:2.6.2"
compile "com.fasterxml.jackson.core:jackson-core:2.6.2"
compile "com.fasterxml.jackson.core:jackson-annotations:2.6.2"
compile "org.springframework.amqp:spring-rabbit:1.3.5.RELEASE"
compile("org.springframework:spring-tx")
compile("org.springframework.boot:spring-boot-starter-web:1.2.6.RELEASE")
compile("org.springframework.boot:spring-boot-starter-jetty:1.2.6.RELEASE")
testCompile group: 'junit', name: 'junit', version: '4.11'
testCompile "org.springframework:spring-test:$spring_version"
}
task wrapper(type: Wrapper) {
gradleVersion = '2.5'
}
Update:
Added a CORS filter with response.setHeader("Access-Control-Allow-Origin", "http://localhost:8089");
In firebug on Client side
Request Headers
Origin
http://localhost:8089
Response Headers
Access-Control-Allow-Origin
http://localhost:8089
Server Logs
2015-10-02 16:57:31.372 DEBUG 1848 --- [qtp374030679-14] o.s.w.s.s.t.h.DefaultSockJsService : Request rejected, Origin header value http://localhost:8089 not allowed
Origin I am requesting from is in the Allow-origin list. Still getting Request Rejected message in the logs.
Difference between my 2 environment was the version of jars.
spring-boot-starter-websocket-1.2.5.RELEASE.jar
spring-websocket-4.1.7.RELEASE.jar
Because of the spring-boot-starter-websocket dependency while packaging it was picking up spring-websocket-4.1.7.RELEASE inspite of the spring_version being spring_version=4.0.6.RELEASE.
Modified the dependency in build.gradle that fixed the problem.
compile "org.springframework.boot:spring-boot-starter-websocket:1.1.0.RELEASE"
I think in latest version of spring-websocket jar the class StompWebSocketEndpointRegistration has setAllowedOrigins method that has to be used.Have not tried this.
But CORS filter with
response.setHeader("Access-Control-Allow-Origin", "http://localhost:8089");
is working with older version.
这篇关于Spring Boot应用程序中的Websocket - 获取403禁止的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!