Class RSocketSecurity
java.lang.Object
org.springframework.security.config.annotation.rsocket.RSocketSecurity
Allows configuring RSocket based security.
A minimal example can be found below:
@EnableRSocketSecurity public class SecurityConfig { @Bean PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) { rsocket .authorizePayload((authorize) -> authorize .anyRequest().authenticated() ); return rsocket.build(); } @Bean public MapReactiveUserDetailsService userDetailsService() { UserDetails user = User.withDefaultPasswordEncoder() .username("user") .password("password") .roles("USER") .build(); return new MapReactiveUserDetailsService(user); } }A more advanced configuration can be seen below:
@EnableRSocketSecurity public class SecurityConfig { @Bean PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) { rsocket .authorizePayload((authorize) -> authorize // must have ROLE_SETUP to make connection .setup().hasRole("SETUP") // must have ROLE_ADMIN for routes starting with "admin." .route("admin.*").hasRole("ADMIN") // any other request must be authenticated for .anyRequest().authenticated() ); return rsocket.build(); } }
- Since:
- 5.2
-
Nested Class Summary
Modifier and TypeClassDescriptionclass
final class
final class
final class
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionaddPayloadInterceptor
(PayloadInterceptor interceptor) Adds aPayloadInterceptor
to be used.authenticationManager
(ReactiveAuthenticationManager authenticationManager) Deprecated.build()
protected void
setApplicationContext
(org.springframework.context.ApplicationContext applicationContext) Adds support for validating a username and password using Simple Authentication
-
Constructor Details
-
RSocketSecurity
public RSocketSecurity()
-
-
Method Details
-
addPayloadInterceptor
Adds aPayloadInterceptor
to be used. This is typically only used when using the DSL does not meet a users needs. In order to ensure thePayloadInterceptor
is done in the proper order thePayloadInterceptor
should either implementOrdered
or be annotated withOrder
.- Parameters:
interceptor
-- Returns:
- the builder for additional customizations
- See Also:
-
authenticationManager
-
simpleAuthentication
public RSocketSecurity simpleAuthentication(Customizer<RSocketSecurity.SimpleAuthenticationSpec> simple) Adds support for validating a username and password using Simple Authentication- Parameters:
simple
- a customizer- Returns:
- RSocketSecurity for additional configuration
- Since:
- 5.3
-
basicAuthentication
@Deprecated public RSocketSecurity basicAuthentication(Customizer<RSocketSecurity.BasicAuthenticationSpec> basic) Deprecated.Adds authentication with BasicAuthenticationPayloadExchangeConverter.- Parameters:
basic
-- Returns:
- this instance
-
jwt
-
authorizePayload
public RSocketSecurity authorizePayload(Customizer<RSocketSecurity.AuthorizePayloadsSpec> authorize) -
build
-
setApplicationContext
protected void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException - Throws:
org.springframework.beans.BeansException
-
simpleAuthentication(Customizer)