Class AbstractSecurityWebSocketMessageBrokerConfigurer
java.lang.Object
org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer
- All Implemented Interfaces:
org.springframework.beans.factory.SmartInitializingSingleton
,org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer
@Order(-2147483548)
@Import(ObjectPostProcessorConfiguration.class)
@Deprecated
public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer
extends Object
implements org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer, org.springframework.beans.factory.SmartInitializingSingleton
Deprecated.
Allows configuring WebSocket Authorization.
For example:
@Configuration public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer { @Override protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) { messages.simpDestMatchers("/user/queue/errors").permitAll() .simpDestMatchers("/admin/**").hasRole("ADMIN").anyMessage() .authenticated(); } }
- Since:
- 4.0
- See Also:
-
WebSocketMessageBrokerSecurityConfiguration
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addArgumentResolvers
(List<org.springframework.messaging.handler.invocation.HandlerMethodArgumentResolver> argumentResolvers) Deprecated.void
Deprecated.final void
configureClientInboundChannel
(org.springframework.messaging.simp.config.ChannelRegistration registration) Deprecated.protected void
Deprecated.Deprecated.protected void
customizeClientInboundChannel
(org.springframework.messaging.simp.config.ChannelRegistration registration) Deprecated.Allows subclasses to customize the configuration of theChannelRegistration
.inboundChannelSecurity
(MessageSecurityMetadataSource messageSecurityMetadataSource) Deprecated.Deprecated.void
registerStompEndpoints
(org.springframework.web.socket.config.annotation.StompEndpointRegistry registry) Deprecated.protected boolean
Deprecated.Determines if a CSRF token is required for connecting.Deprecated.void
setApplicationContext
(org.springframework.context.ApplicationContext context) Deprecated.void
setMessageExpessionHandler
(List<SecurityExpressionHandler<org.springframework.messaging.Message<Object>>> expressionHandlers) Deprecated.void
setMessageExpressionHandler
(List<SecurityExpressionHandler<org.springframework.messaging.Message<Object>>> expressionHandlers) Deprecated.void
setObjectPostProcessor
(ObjectPostProcessor<Object> objectPostProcessor) Deprecated.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer
addReturnValueHandlers, configureClientOutboundChannel, configureMessageBroker, configureMessageConverters, configureWebSocketTransport
-
Constructor Details
-
AbstractSecurityWebSocketMessageBrokerConfigurer
public AbstractSecurityWebSocketMessageBrokerConfigurer()Deprecated.
-
-
Method Details
-
registerStompEndpoints
public void registerStompEndpoints(org.springframework.web.socket.config.annotation.StompEndpointRegistry registry) Deprecated.- Specified by:
registerStompEndpoints
in interfaceorg.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer
-
addArgumentResolvers
public void addArgumentResolvers(List<org.springframework.messaging.handler.invocation.HandlerMethodArgumentResolver> argumentResolvers) Deprecated.- Specified by:
addArgumentResolvers
in interfaceorg.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer
-
configureClientInboundChannel
public final void configureClientInboundChannel(org.springframework.messaging.simp.config.ChannelRegistration registration) Deprecated.- Specified by:
configureClientInboundChannel
in interfaceorg.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer
-
sameOriginDisabled
protected boolean sameOriginDisabled()Deprecated.Determines if a CSRF token is required for connecting. This protects against remote sites from connecting to the application and being able to read/write data over the connection. The default is false (the token is required).
Subclasses can override this method to disable CSRF protection
- Returns:
- false if a CSRF token is required for connecting, else true
-
customizeClientInboundChannel
protected void customizeClientInboundChannel(org.springframework.messaging.simp.config.ChannelRegistration registration) Deprecated.Allows subclasses to customize the configuration of theChannelRegistration
.- Parameters:
registration
- theChannelRegistration
to customize
-
csrfChannelInterceptor
Deprecated. -
inboundChannelSecurity
@Bean public ChannelSecurityInterceptor inboundChannelSecurity(MessageSecurityMetadataSource messageSecurityMetadataSource) Deprecated. -
securityContextChannelInterceptor
Deprecated. -
inboundMessageSecurityMetadataSource
Deprecated. -
configureInbound
Deprecated.- Parameters:
messages
-
-
setApplicationContext
@Autowired public void setApplicationContext(org.springframework.context.ApplicationContext context) Deprecated. -
setMessageExpessionHandler
@Deprecated public void setMessageExpessionHandler(List<SecurityExpressionHandler<org.springframework.messaging.Message<Object>>> expressionHandlers) Deprecated. -
setMessageExpressionHandler
@Autowired(required=false) public void setMessageExpressionHandler(List<SecurityExpressionHandler<org.springframework.messaging.Message<Object>>> expressionHandlers) Deprecated. -
setObjectPostProcessor
@Autowired(required=false) public void setObjectPostProcessor(ObjectPostProcessor<Object> objectPostProcessor) Deprecated. -
afterSingletonsInstantiated
public void afterSingletonsInstantiated()Deprecated.- Specified by:
afterSingletonsInstantiated
in interfaceorg.springframework.beans.factory.SmartInitializingSingleton
-
EnableWebSocketSecurity
instead