这里的实现(http://grails.org/plugin/spring-websocket)正在运行,但是Spring Security Plugin无法识别经过身份验证的用户。我可以想象为什么这不起作用,但是有人设法使该 Controller 中的springSecurityService识别经过身份验证的用户吗?
我的 Controller 当前看起来像这样:
@Secured('hasRole("ROLE_USER")')
class WebsocketChatController {
SpringSecurityService springSecurityService
def index() {}
@MessageMapping("/hello")
@SendTo("/topic/hello")
protected String hello(String world) {
return "hello from controller! ( character: " + springSecurityService.currentUser + ")"
}
}但是springSecurityService.currentUser为null ...
最佳答案
试试这个:
@Secured('hasRole("ROLE_USER")')
class WebsocketChatController {
def index() {}
@MessageMapping("/hello")
@SendTo("/topic/hello")
protected String hello(String world, Principal principal) {
return "hello from controller! ( character: " + principal.name + ")"
}
}
}
如文档中所述,第21.4.4节注释消息处理(http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html)
java.security.Principal method arguments reflecting the user logged in at the time of the WebSocket HTTP handshake.
正如您从SpringSecurity知道的那样,主体将包含currentUser
关于grails - Grails Spring Websocket插件和Spring安全性,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26639449/