public class DefaultHandshakeHandler extends Object implements HandshakeHandler
HandshakeHandler
implementation.
Performs initial validation of the WebSocket handshake request -- possibly rejecting it
through the appropriate HTTP status code -- while also allowing sub-classes to override
various parts of the negotiation process (e.g. origin validation, sub-protocol negotiation,
extensions negotiation, etc).
If the negotiation succeeds, the actual upgrade is delegated to a server-specific
RequestUpgradeStrategy
, which will update
the response as necessary and initialize the WebSocket. Currently supported servers are
Jetty 9.0-9.2, Tomcat 7.0.47+ and 8.x, Undertow 1.0-1.2, GlassFish 4.1+, WebLogic 12.1.3+.
JettyRequestUpgradeStrategy
,
TomcatRequestUpgradeStrategy
,
UndertowRequestUpgradeStrategy
,
GlassFishRequestUpgradeStrategy
,
WebLogicRequestUpgradeStrategy
Constructor and Description |
---|
DefaultHandshakeHandler()
Default constructor that autodetects and instantiates a
RequestUpgradeStrategy suitable for the runtime container. |
DefaultHandshakeHandler(RequestUpgradeStrategy requestUpgradeStrategy)
A constructor that accepts a runtime-specific
RequestUpgradeStrategy . |
Modifier and Type | Method and Description |
---|---|
protected List<String> |
determineHandlerSupportedProtocols(WebSocketHandler handler)
Determine the sub-protocols supported by the given WebSocketHandler by
checking whether it is an instance of
SubProtocolCapable . |
protected Principal |
determineUser(ServerHttpRequest request,
WebSocketHandler wsHandler,
Map<String,Object> attributes)
A method that can be used to associate a user with the WebSocket session
in the process of being established.
|
boolean |
doHandshake(ServerHttpRequest request,
ServerHttpResponse response,
WebSocketHandler wsHandler,
Map<String,Object> attributes)
Initiate the handshake.
|
protected List<WebSocketExtension> |
filterRequestedExtensions(ServerHttpRequest request,
List<WebSocketExtension> requestedExtensions,
List<WebSocketExtension> supportedExtensions)
Filter the list of requested WebSocket extensions.
|
String[] |
getSupportedProtocols()
Return the list of supported sub-protocols.
|
protected String[] |
getSupportedVersions() |
protected void |
handleInvalidConnectHeader(ServerHttpRequest request,
ServerHttpResponse response) |
protected void |
handleInvalidUpgradeHeader(ServerHttpRequest request,
ServerHttpResponse response) |
protected void |
handleWebSocketVersionNotSupported(ServerHttpRequest request,
ServerHttpResponse response) |
protected boolean |
isValidOrigin(ServerHttpRequest request)
Return whether the request
Origin header value is valid or not. |
protected boolean |
isWebSocketVersionSupported(WebSocketHttpHeaders httpHeaders) |
protected String |
selectProtocol(List<String> requestedProtocols,
WebSocketHandler webSocketHandler)
Perform the sub-protocol negotiation based on requested and supported sub-protocols.
|
void |
setSupportedProtocols(String... protocols)
Use this property to configure the list of supported sub-protocols.
|
protected final Log logger
public DefaultHandshakeHandler()
RequestUpgradeStrategy
suitable for the runtime container.IllegalStateException
- if no RequestUpgradeStrategy
can be found.public DefaultHandshakeHandler(RequestUpgradeStrategy requestUpgradeStrategy)
RequestUpgradeStrategy
.requestUpgradeStrategy
- the upgrade strategy to usepublic void setSupportedProtocols(String... protocols)
Note that if the WebSocketHandler passed in at runtime is an instance of
SubProtocolCapable
then there is not need to explicitly configure
this property. That is certainly the case with the built-in STOMP over
WebSocket support. Therefore this property should be configured explicitly
only if the WebSocketHandler does not implement SubProtocolCapable
.
public String[] getSupportedProtocols()
public final boolean doHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String,Object> attributes) throws HandshakeFailureException
HandshakeHandler
doHandshake
in interface HandshakeHandler
request
- the current requestresponse
- the current responsewsHandler
- the handler to process WebSocket messages; see
PerConnectionWebSocketHandler
for providing a handler with
per-connection lifecycle.attributes
- attributes from the HTTP handshake to associate with the WebSocket
session; the provided attributes are copied, the original map is not used.HandshakeFailureException
- thrown when handshake processing failed to
complete due to an internal, unrecoverable error, i.e. a server error as
opposed to a failure to successfully negotiate the handshake.protected void handleInvalidUpgradeHeader(ServerHttpRequest request, ServerHttpResponse response) throws IOException
IOException
protected void handleInvalidConnectHeader(ServerHttpRequest request, ServerHttpResponse response) throws IOException
IOException
protected boolean isWebSocketVersionSupported(WebSocketHttpHeaders httpHeaders)
protected String[] getSupportedVersions()
protected void handleWebSocketVersionNotSupported(ServerHttpRequest request, ServerHttpResponse response)
protected boolean isValidOrigin(ServerHttpRequest request)
Origin
header value is valid or not.
By default, all origins as considered as valid. Consider using an
OriginHandshakeInterceptor
for filtering origins if needed.protected String selectProtocol(List<String> requestedProtocols, WebSocketHandler webSocketHandler)
SubProtocolCapable
and then also checks if any
sub-protocols have been explicitly configured with
setSupportedProtocols(String...)
.requestedProtocols
- the requested sub-protocolswebSocketHandler
- the WebSocketHandler that will be usednull
determineHandlerSupportedProtocols(org.springframework.web.socket.WebSocketHandler)
protected final List<String> determineHandlerSupportedProtocols(WebSocketHandler handler)
SubProtocolCapable
.handler
- the handler to checkprotected List<WebSocketExtension> filterRequestedExtensions(ServerHttpRequest request, List<WebSocketExtension> requestedExtensions, List<WebSocketExtension> supportedExtensions)
As of 4.1 the default implementation of this method filters the list to leave only extensions that are both requested and supported.
request
- the current requestrequestedExtensions
- the list of extensions requested by the clientsupportedExtensions
- the list of extensions supported by the serverprotected Principal determineUser(ServerHttpRequest request, WebSocketHandler wsHandler, Map<String,Object> attributes)
ServerHttpRequest.getPrincipal()
Subclasses can provide custom logic for associating a user with a session, for example for assigning a name to anonymous users (i.e. not fully authenticated).
request
- the handshake requestwsHandler
- the WebSocket handler that will handle messagesattributes
- handshake attributes to pass to the WebSocket sessionnull
if not available