public final class WebSocketMessageBrokerSecurityBeanDefinitionParser
extends java.lang.Object
implements org.springframework.beans.factory.xml.BeanDefinitionParser
<websocket-message-broker>
<intercept-message pattern='/permitAll' access='permitAll' />
<intercept-message pattern='/denyAll' access='denyAll' />
</websocket-message-broker>
The above configuration will ensure that any SimpAnnotationMethodMessageHandler has the AuthenticationPrincipalArgumentResolver registered as a custom argument resolver. It also ensures that the SecurityContextChannelInterceptor is automatically registered for the clientInboundChannel. Last, it ensures that a ChannelSecurityInterceptor is registered with the clientInboundChannel.
If finer control is necessary, the id attribute can be used as shown below:
<websocket-message-broker id="channelSecurityInterceptor">
<intercept-message pattern='/permitAll' access='permitAll' />
<intercept-message pattern='/denyAll' access='denyAll' />
</websocket-message-broker>
Now the configuration will only create a bean named ChannelSecurityInterceptor and assign it to the id of channelSecurityInterceptor. Users can explicitly wire Spring Security using the standard Spring Messaging XML namespace support.
Constructor and Description |
---|
WebSocketMessageBrokerSecurityBeanDefinitionParser() |
Modifier and Type | Method and Description |
---|---|
org.springframework.beans.factory.config.BeanDefinition |
parse(org.w3c.dom.Element element,
org.springframework.beans.factory.xml.ParserContext parserContext) |
public WebSocketMessageBrokerSecurityBeanDefinitionParser()
public org.springframework.beans.factory.config.BeanDefinition parse(org.w3c.dom.Element element, org.springframework.beans.factory.xml.ParserContext parserContext)
parse
in interface org.springframework.beans.factory.xml.BeanDefinitionParser
element
- parserContext
- BeanDefinition