basic authentication - How to authenticate WebSocket within an existing HTTP environment with Spring Security -


i have pretty simple requirement (i use spring-security 4.0.1) can't find examples on web except been told on page: http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html#websocket-server-handler

it relatively simple integrate websockethandler other http serving environments of websockethttprequesthandler.

what have: implementation of websockethandler job , http serving environments using basic authentication. webapplicationinitializer looks this:

public class mywebappinitializer implements webapplicationinitializer {      @override     public void onstartup(servletcontext servletcontext) throws servletexception {         ...         // websocket support - handshake         dynamic ws = servletcontext.addservlet("websockethttprequesthandler", new httprequesthandlerservlet());         ws.addmapping("/streaming/*");          // spring security filter         filterregistration.dynamic springsecurity = servletcontext.addfilter("springsecurityfilterchain", new delegatingfilterproxy());         springsecurity.addmappingforurlpatterns(enumset.of(dispatchertype.request), true, "/*");     } }

this how plugged websocket endpoint existing web application. websocket configuration class looks (very simplified) this:

@configuration public class websocketservicesconfig{     @bean     public websockethttprequesthandler websockethttprequesthandler() {         return new websockethttprequesthandler(new streamingwebsockethandler());     } }

streamingwebsockethandler implements websockethandler.

i have restful web service (in same server) uses configured basic authentication.

what working: restful web service working web browsers. can authenticated queries (credentials can sent in http headers). websocket queries working , ask authentication first time try (under firefox, popup appears asking credentials, once enter them, client , server able communicate via websocket messages). in websockethandler, spring object: websocketsession contains informations authenticated user correct (#getprincipal() method returns authentication containing right granted authorities, details , on...). note once websocket authenticated, can relaunch query without re-enter them.

what want: on user point of view, bad because credentials required twice:

  1. first restful queries
  2. second websocket queries

how can bypass second authentication assuming first 1 succeeded? there way detect client has been authenticated , not ask credentials?

what don't want: don't want use neither stomp on websocket nor sockjs (i don't need support old web browsers).


Comments

Post a Comment

Popular posts from this blog

powershell Start-Process exit code -1073741502 when used with Credential from a windows service environment -

i'm running strange behavior powershell start-process call. here call: $process = start-process ` "c:\somepath\mybinary.exe" ` -passthru ` -credential $defaultcredential ` -wait ` -workingdirectory "c:\somepath" ` -loaduserprofile if ($process.exitcode -ne 0) { #do } this call return exit code - 1073741502 . after quick search, exit code seems related generic error when program not load required dll (aka. status_dll_init_failed ). when run without -credential $credential program runs correctly. in order isolate problem, manually launched some.exe in prompt target credential , runs smoothly. so problem seems come way start-process cmdlet launch process. i found potential solutions problem tried apply no luck : link , link . would have idea of what's going on here ? edit 1: run proc mon monitoring program activities when launched directly or via powershell script. problem seems occur when loading kernelbase
Read more

twig - Using Twigbridge in a Laravel 5.1 Package -

i'm trying create laravel 5.1 package uses twigbridge instead of .php views. can normal .php views display fine, when try make use of .twig templates i'm met error. possible use twigbridge templates when creating views laravel package or pretty stuck blade , php ? edit 1: loading twig template without extending works. it's when start using {% extends 'file' %} error comes out. i error error loading /virtual/laravel/packages/username/mypackage/src/views/sample.twig: template "templates.master" not defined () in "/virtual/laravel/packages/username/mypackage/src/views/sample.twig" @ line 1. my folders username |_ mypackage |_ src |_ controllers - samplecontroller.php |_ views |_ templates - master.twig - sample.twig twig template sample.twig {% extends 'templates.master' %} {% block content %} {{ parent()
Read more

c# - LINQ join Entities from HashSet's, Join vs Dictionary vs HashSet performance -

i have hashset's each stores t, have written test application compares different relation algorithms can think of, i'm not pleased results getting. does there exist more efficient ways of achieving object relations, once testing? using system; using system.collections.generic; using system.linq; using system.text; using system.threading.tasks; using system.diagnostics; namespace linqtests { class program { static void main(string[] args) { hashset<user> usertable = new hashset<user>(); hashset<userproperty> userpropertytable = new hashset<userproperty>(); #region lets create dummy data. console.writeline("please wait while creating dummy data, can take while..."); console.writeline(""); int rows = 1000000; for(int x = 0; x < rows; x++) { random rnd = new random(); // ad
Read more