|
|
@@ -39,7 +39,7 @@ This will ensure that:
|
|
|
<2> The SecurityContextHolder is populated with the user within the simpUser header attribute for any inbound request.
|
|
|
<3> Our messages require the proper authorization. Specifically, any inbound message that starts with "/user/" will require ROLE_USER. Additional details on authorization can be found in <<websocket-authorization>>
|
|
|
|
|
|
-Spring Security also provides <<nsa-websocket,XML Namespace>> support for securing WebSockets.
|
|
|
+Spring Security also provides <<nsa-websocket-security,XML Namespace>> support for securing WebSockets.
|
|
|
A comparable XML based configuration looks like the following:
|
|
|
|
|
|
[source,xml]
|
|
|
@@ -100,7 +100,7 @@ This will ensure that:
|
|
|
<5> Any other message of type MESSAGE or SUBSCRIBE is rejected. Due to 6 we do not need this step, but it illustrates how one can match on specific message types.
|
|
|
<6> Any other Message is rejected. This is a good idea to ensure that you do not miss any messages.
|
|
|
|
|
|
-Spring Security also provides <<nsa-websocket,XML Namespace>> support for securing WebSockets.
|
|
|
+Spring Security also provides <<nsa-websocket-security,XML Namespace>> support for securing WebSockets.
|
|
|
A comparable XML based configuration looks like the following:
|
|
|
|
|
|
[source,xml]
|
Ryan W. Moore