Class RSocketSecurity


  • public class RSocketSecurity
    extends java.lang.Object
    Allows configuring RSocket based security. A minimal example can be found below:
     @EnableRSocketSecurity
     public class SecurityConfig {
         // @formatter:off
         @Bean
         PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
             rsocket
                 .authorizePayload(authorize ->
                     authorize
                         .anyRequest().authenticated()
                 );
             return rsocket.build();
         }
         // @formatter:on
    
         // @formatter:off
         @Bean
         public MapReactiveUserDetailsService userDetailsService() {
              UserDetails user = User.withDefaultPasswordEncoder()
                   .username("user")
                   .password("password")
                   .roles("USER")
                   .build();
              return new MapReactiveUserDetailsService(user);
         }
         // @formatter:on
     }
     
    A more advanced configuration can be seen below:
     @EnableRSocketSecurity
     public class SecurityConfig {
         // @formatter:off
         @Bean
         PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
             rsocket
                 .authorizePayload(authorize ->
                     authorize
                         // must have ROLE_SETUP to make connection
                         .setup().hasRole("SETUP")
                          // must have ROLE_ADMIN for routes starting with "admin."
                         .route("admin.*").hasRole("ADMIN")
                         // any other request must be authenticated for
                         .anyRequest().authenticated()
                 );
             return rsocket.build();
         }
         // @formatter:on
     }
     
    Since:
    5.2