Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-2737: Remove WebSocket Outbound Authorization

This commit is contained in:
Rob Winch 2014-10-10 15:56:25 -05:00
parent 4e7398eec0
commit 24dec7ec3e
1 changed files with 1 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
config/src/main/java/org/springframework/security/config/annotation/web/socket/AbstractSecurityWebSocketMessageBrokerConfigurer.java
View File

@ -60,7 +60,6 @@ import java.util.List;
@Order(Ordered.HIGHEST_PRECEDENCE + 100) @Order(Ordered.HIGHEST_PRECEDENCE + 100)
public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends AbstractWebSocketMessageBrokerConfigurer { public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends AbstractWebSocketMessageBrokerConfigurer {
private final WebSocketMessageSecurityMetadataSourceRegistry inboundRegistry = new WebSocketMessageSecurityMetadataSourceRegistry(); private final WebSocketMessageSecurityMetadataSourceRegistry inboundRegistry = new WebSocketMessageSecurityMetadataSourceRegistry();
private final WebSocketMessageSecurityMetadataSourceRegistry outboundRegistry = new WebSocketMessageSecurityMetadataSourceRegistry();
public final void registerStompEndpoints(StompEndpointRegistry registry) {} public final void registerStompEndpoints(StompEndpointRegistry registry) {}
@ -79,14 +78,6 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
} }
} }
@Override
public final void configureClientOutboundChannel(ChannelRegistration registration) {
ChannelSecurityInterceptor outboundChannelSecurity = outboundChannelSecurity();
if(outboundRegistry.containsMapping()) {
registration.setInterceptors(securityContextChannelInterceptor(),outboundChannelSecurity);
}
}
@Bean @Bean
public ChannelSecurityInterceptor inboundChannelSecurity() { public ChannelSecurityInterceptor inboundChannelSecurity() {
ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor(inboundMessageSecurityMetadataSource()); ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor(inboundMessageSecurityMetadataSource());
@ -97,16 +88,6 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
return channelSecurityInterceptor; return channelSecurityInterceptor;
} }
@Bean
public ChannelSecurityInterceptor outboundChannelSecurity() {
ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor(outboundMessageSecurityMetadataSource());
List<AccessDecisionVoter> voters = new ArrayList<AccessDecisionVoter>();
voters.add(new MessageExpressionVoter());
AffirmativeBased manager = new AffirmativeBased(voters);
channelSecurityInterceptor.setAccessDecisionManager(manager);
return channelSecurityInterceptor;
}
@Bean @Bean
public SecurityContextChannelInterceptor securityContextChannelInterceptor() { public SecurityContextChannelInterceptor securityContextChannelInterceptor() {
return new SecurityContextChannelInterceptor(); return new SecurityContextChannelInterceptor();
@ -118,24 +99,12 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
return inboundRegistry.createMetadataSource(); return inboundRegistry.createMetadataSource();
} }
@Bean
public MessageSecurityMetadataSource outboundMessageSecurityMetadataSource() {
configureOutbound(outboundRegistry);
return outboundRegistry.createMetadataSource();
}
/** /**
* *
* @param messages * @param messages
*/ */
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {} protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {}
/**
*
* @param messages
*/
protected void configureOutbound(MessageSecurityMetadataSourceRegistry messages) {}
private class WebSocketMessageSecurityMetadataSourceRegistry extends MessageSecurityMetadataSourceRegistry { private class WebSocketMessageSecurityMetadataSourceRegistry extends MessageSecurityMetadataSourceRegistry {
@Override @Override
public MessageSecurityMetadataSource createMetadataSource() { public MessageSecurityMetadataSource createMetadataSource() {
@ -147,4 +116,4 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
return super.containsMapping(); return super.containsMapping();
} }
} }
} }