This version is still in development and is not considered stable yet. For the latest stable version, please use Spring Framework 6.1.14!

Authorization

Spring Security provides WebSocket sub-protocol authorization that uses a ChannelInterceptor to authorize messages based on the user header in them. Also, Spring Session provides WebSocket integration that ensures the user’s HTTP session does not expire while the WebSocket session is still active.