Spring Boot应用程序中的Websocket - 获取403禁止 [英] Websocket in Spring Boot app - Getting 403 Forbidden

问题描述

在Spring启动应用程序中使用Websocket获取403禁止使用sockjs / stompjs我可以从客户端连接到websocket当我在eclipse中运行时（无需启动spring） 。

但是，当我为websocket代码创建一个Spring引导jar（gradlew构建）并运行java -jar websocket-code.jar时，出现403错误， websocket。

我没有对websocket进行身份验证。
我有一个CORS过滤器，并认为在请求/响应中有所有标题。

以下是我的build.gradle

  apply plugin：'java'
 apply plugin：'spring-boot'
 apply plugin：'war'
 
 sourceCompatibility = 1.7 
 version ='1.0'
 
存储库{
 mavenCentral（）
} 
 
 buildscript {
存储库{
 mavenCentral（）
} 
 
依赖项{
 classpath（org.springframework.boot：spring-boot-gradle-plugin：1.2.5.RELEASE ）
} 
} 
 
配置{
 compile.exclude模块：spring-boot-starter-tomcat
} 
 
 dependencies {
 compileorg.springframework：spring-web：$ spring_version
 compileorg.springframework：spring-webmvc：$ spring_version
 compileorg.springframework：spring- websocket：$ spring_version
 compileorg.springframework：spring-messaging：$ spring_version
c 
编译org.springframework.boot：spring-boot-starter-web
 compilecom.fasterxml.jackson.core： jackson-databind：2.6.2
 compilecom.fasterxml.jackson.core：jackson-core：2.6.2
 compilecom.fasterxml.jackson.core：jackson-annotations：2.6。 2
 compileorg.springframework.amqp：spring-rabbit：1.3.5.RELEASE
 compile（org.springframework：spring-tx）
 compile（org.springframework .boot：spring-boot-starter-web：1.2.6.RELEASE）
 compile（org.springframework.boot：spring-boot-starter-jetty：1.2.6.RELEASE）
 testCompile组：'junit'，name：'junit'，版本：'4.11'
 testcompileorg.springframework：spring-test：$ spring_version
} 
 
任务包装器（type：Wrapper）{
 gradleVersion ='2.5'
} 
  

更新：

增加了一个CORS过滤器和
response.setHeader（Access-Control-Allow- Origin， http：// localhost：8089 ）;

在firebug on客户端

 请求头文件
 Origin 
 http：// localhost：8089 
 
响应标题
 Access-Control-Allow-Origin 
 http：// localhost：8089 
 
服务器日志
 2015-10-02 16：57：31.372 DEBUG 1848 --- [qtp374030679-14] oswssthDefaultSockJsService：请求被拒绝，Origin头值为http：// localhost：8089不允许
  

我要求的来源位于允许来源列表中。仍然在日志中收到Request Rejected消息。

解决方案

我的2环境之间的区别在于jar版本。 b
$ b

  spring-boot-starter-websocket-1.2.5.RELEASE.jar 
 spring-websocket-4.1.7.RELEASE.jar 
  

由于spring-boot-starter-websocket在打包时依赖于它，所以它正在拾取spring-websocket-4.1 .RELEASE尽管spring_version是spring_version = 4.0.6.RELEASE。

修改了build.gradle中的依赖关系，解决了问题。

  compileorg.springframework.boot：spring-boot-starter-websocket：1.1.0.RELEASE
  

我认为在spring-websocket jar的最新版本中，StompWebSocketEndpointRegistration类有必须使用的setAllowedOrigins方法。没有试过这个方法。

但CORS过滤器带有

  response.setHeader（Access-Control-Allow-原稿in，http：// localhost：8089）; 
  

正在使用旧版本。

Websocket in Spring Boot app - Getting 403 Forbidden

I can connect to the websocket from client using sockjs/stompjs when I run this in eclipse (no spring boot).

But when I create a Spring boot jar(gradlew build) for the websocket code and run the java -jar websocket-code.jar I get a 403 error connecting to the websocket.

I have no authentication for the websockets. I have a CORS filters and think have all headers right in request/response.

Below is my build.gradle

apply plugin: 'java'
apply plugin: 'spring-boot'
apply plugin: 'war'

sourceCompatibility = 1.7
version = '1.0'

repositories {
    mavenCentral()
}

buildscript {
    repositories {
        mavenCentral()
    }

    dependencies {
        classpath("org.springframework.boot:spring-boot-gradle-plugin:1.2.5.RELEASE")
    }
}

configurations {
    compile.exclude module: "spring-boot-starter-tomcat"
}

dependencies {
    compile "org.springframework:spring-web:$spring_version"
    compile "org.springframework:spring-webmvc:$spring_version"
    compile "org.springframework:spring-websocket:$spring_version"
    compile "org.springframework:spring-messaging:$spring_version"
    compile "org.springframework.boot:spring-boot-starter-websocket"
    compile "org.springframework.boot:spring-boot-starter-web"
    compile "com.fasterxml.jackson.core:jackson-databind:2.6.2"
    compile "com.fasterxml.jackson.core:jackson-core:2.6.2"
    compile "com.fasterxml.jackson.core:jackson-annotations:2.6.2"
    compile "org.springframework.amqp:spring-rabbit:1.3.5.RELEASE"
    compile("org.springframework:spring-tx")
    compile("org.springframework.boot:spring-boot-starter-web:1.2.6.RELEASE")
    compile("org.springframework.boot:spring-boot-starter-jetty:1.2.6.RELEASE")
    testCompile group: 'junit', name: 'junit', version: '4.11'
    testCompile "org.springframework:spring-test:$spring_version"
}

task wrapper(type: Wrapper) {
    gradleVersion = '2.5'
}

Update:

Added a CORS filter with response.setHeader("Access-Control-Allow-Origin", "http://localhost:8089");

In firebug on Client side

Request Headers 
Origin  
http://localhost:8089

Response Headers
Access-Control-Allow-Origin
http://localhost:8089

Server Logs
2015-10-02 16:57:31.372 DEBUG 1848 --- [qtp374030679-14] o.s.w.s.s.t.h.DefaultSockJsService       : Request rejected, Origin header value http://localhost:8089 not allowed

Origin I am requesting from is in the Allow-origin list. Still getting Request Rejected message in the logs.

解决方案

Difference between my 2 environment was the version of jars.

spring-boot-starter-websocket-1.2.5.RELEASE.jar
spring-websocket-4.1.7.RELEASE.jar

Because of the spring-boot-starter-websocket dependency while packaging it was picking up spring-websocket-4.1.7.RELEASE inspite of the spring_version being spring_version=4.0.6.RELEASE.

Modified the dependency in build.gradle that fixed the problem.

compile "org.springframework.boot:spring-boot-starter-websocket:1.1.0.RELEASE"

I think in latest version of spring-websocket jar the class StompWebSocketEndpointRegistration has setAllowedOrigins method that has to be used.Have not tried this.

But CORS filter with

response.setHeader("Access-Control-Allow-Origin", "http://localhost:8089");

is working with older version.

这篇关于Spring Boot应用程序中的Websocket - 获取403禁止的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！