Class RSocketSecurity
java.lang.Object
org.springframework.security.config.annotation.rsocket.RSocketSecurity
Allows configuring RSocket based security.
A minimal example can be found below:
@Configuration
@EnableRSocketSecurity
public class SecurityConfig {
@Bean
PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
rsocket
.authorizePayload((authorize) ->
authorize
.anyRequest().authenticated()
);
return rsocket.build();
}
@Bean
public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User.withDefaultPasswordEncoder()
.username("user")
.password("password")
.roles("USER")
.build();
return new MapReactiveUserDetailsService(user);
}
}
A more advanced configuration can be seen below:
@Configuration
@EnableRSocketSecurity
public class SecurityConfig {
@Bean
PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
rsocket
.authorizePayload((authorize) ->
authorize
// must have ROLE_SETUP to make connection
.setup().hasRole("SETUP")
// must have ROLE_ADMIN for routes starting with "admin."
.route("admin.*").hasRole("ADMIN")
// any other request must be authenticated for
.anyRequest().authenticated()
);
return rsocket.build();
}
}
- Since:
- 5.2
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionclassfinal classfinal classfinal class -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionaddPayloadInterceptor(PayloadInterceptor interceptor) Adds aPayloadInterceptorto be used.authenticationManager(ReactiveAuthenticationManager authenticationManager) Deprecated.build()protected voidsetApplicationContext(org.springframework.context.ApplicationContext applicationContext) Adds support for validating a username and password using Simple Authentication
-
Constructor Details
-
RSocketSecurity
public RSocketSecurity()
-
-
Method Details
-
addPayloadInterceptor
Adds aPayloadInterceptorto be used. This is typically only used when using the DSL does not meet a users needs. In order to ensure thePayloadInterceptoris done in the proper order thePayloadInterceptorshould either implementOrderedor be annotated withOrder.- Parameters:
interceptor-- Returns:
- the builder for additional customizations
- See Also:
-
authenticationManager
-
simpleAuthentication
public RSocketSecurity simpleAuthentication(Customizer<RSocketSecurity.SimpleAuthenticationSpec> simple) Adds support for validating a username and password using Simple Authentication- Parameters:
simple- a customizer- Returns:
- RSocketSecurity for additional configuration
- Since:
- 5.3
-
basicAuthentication
@Deprecated public RSocketSecurity basicAuthentication(Customizer<RSocketSecurity.BasicAuthenticationSpec> basic) Deprecated.Adds authentication with BasicAuthenticationPayloadExchangeConverter.- Parameters:
basic-- Returns:
- this instance
-
jwt
-
authorizePayload
public RSocketSecurity authorizePayload(Customizer<RSocketSecurity.AuthorizePayloadsSpec> authorize) -
build
-
setApplicationContext
protected void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException - Throws:
org.springframework.beans.BeansException
-
simpleAuthentication(Customizer)