Fatal编程技术网
  • java/
  • Java 带角度5的弹簧靴Websocket安全性

Java 带角度5的弹簧靴Websocket安全性

java angular typescript spring-boot

Java 带角度5的弹簧靴Websocket安全性,java,angular,typescript,spring-boot,spring-websocket,Java,Angular,Typescript,Spring Boot,Spring Websocket,我试图在我的SpringBoot+Angular 5应用程序中实现WebSocket。 我遵循了教程。代码在没有spring安全性的情况下运行良好。但不适用于Spring Security。我发了同样的问题。这个评论没有多大帮助。我仍然在客户端上收到这些错误 Firefox can’t establish a connection to the server at wss://localhost/socket/446/qvjiwvgt/websocket. Firefox can’t esta

我试图在我的SpringBoot+Angular 5应用程序中实现WebSocket。 我遵循了教程。代码在没有spring安全性的情况下运行良好。但不适用于Spring Security。我发了同样的问题。这个评论没有多大帮助。我仍然在客户端上收到这些错误

Firefox can’t establish a connection to the server at wss://localhost/socket/446/qvjiwvgt/websocket.

Firefox can’t establish a connection to the server at https://localhost/socket/446/kwabmpm0/eventsource.

Error: Incompatibile SockJS! Main site uses: "1.1.5", the iframe: "1.0.0".


 Whoops! Lost connection to https://localhost/socket.
服务器上的控制台日志是

2018-08-03 10:25:25.030  WARN 17952 --- [-nio-443-exec-2] o.s.web.servlet.PageNotFound             : Request method 'POST' not supported
2018-08-03 10:25:25.030  WARN 17952 --- [-nio-443-exec-2] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved exception caused by Handler execution: org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported
2018-08-03 10:25:25.046  WARN 17952 --- [-nio-443-exec-8] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved exception caused by Handler execution: org.springframework.web.HttpMediaTypeNotAcceptableException: Could not find acceptable representation
2018-08-03 10:25:25.905  WARN 17952 --- [-nio-443-exec-1] o.s.web.servlet.PageNotFound             : Request method 'POST' not supported
2018-08-03 10:25:25.905  WARN 17952 --- [-nio-443-exec-1] .w.s.m.s.DefaultHandlerExceptionResolver : Resolved exception caused by Handler execution: org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported
这是前端

WebsocketService.ts

import { Injectable } from '@angular/core';
import { AsyncDataService } from './async-data.service';
import { AuthenticationService } from './authentication.service';
import * as SockJs from 'sockjs-client';
import * as Stomp from 'stompjs';

@Injectable()
export class WebsocketService {

  constructor(private asyncDataService: AsyncDataService, private authenticationService: AuthenticationService) { }

  public connect() {
    const socket = new SockJs('/socket');

    const stompClient = Stomp.over(socket);

    return stompClient;
  }
}

import { HttpClient } from '@angular/common/http';
import { WebSocketService } from './../web-socket.service';
import { Component, OnInit } from '@angular/core';

@Component({
  selector: 'app-web-socket',
  templateUrl: './web-socket.component.html',
  styleUrls: ['./web-socket.component.css']
})
export class WebSocketComponent implements OnInit {
  public notifications = 0;
  constructor(private websocketService: WebSocketService, private http: HttpClient) {
    const stompClient = this.websocketService.connect();
    stompClient.connect({}, frame => {

      // Subscribe to notification topic
      stompClient.subscribe('/topic/notification', notifications => {
        this.notifications = JSON.parse(notifications.body).count;
      });

    });
  }
  getNotification(){
    this.http.get("/notify");
  }
  ngOnInit(){

  }
}
WebSokcetComponent.ts

import { Injectable } from '@angular/core';
import { AsyncDataService } from './async-data.service';
import { AuthenticationService } from './authentication.service';
import * as SockJs from 'sockjs-client';
import * as Stomp from 'stompjs';

@Injectable()
export class WebsocketService {

  constructor(private asyncDataService: AsyncDataService, private authenticationService: AuthenticationService) { }

  public connect() {
    const socket = new SockJs('/socket');

    const stompClient = Stomp.over(socket);

    return stompClient;
  }
}

import { HttpClient } from '@angular/common/http';
import { WebSocketService } from './../web-socket.service';
import { Component, OnInit } from '@angular/core';

@Component({
  selector: 'app-web-socket',
  templateUrl: './web-socket.component.html',
  styleUrls: ['./web-socket.component.css']
})
export class WebSocketComponent implements OnInit {
  public notifications = 0;
  constructor(private websocketService: WebSocketService, private http: HttpClient) {
    const stompClient = this.websocketService.connect();
    stompClient.connect({}, frame => {

      // Subscribe to notification topic
      stompClient.subscribe('/topic/notification', notifications => {
        this.notifications = JSON.parse(notifications.body).count;
      });

    });
  }
  getNotification(){
    this.http.get("/notify");
  }
  ngOnInit(){

  }
}
以及后端

WebSocketConfiguration.java

import org.springframework.context.annotation.Configuration;
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfiguration extends AbstractWebSocketMessageBrokerConfigurer {

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {

    registry.addEndpoint("/socket").setAllowedOrigins("*").withSockJS();

    }

    @Override
    public void configureMessageBroker(MessageBrokerRegistry registry) {

    registry.setApplicationDestinationPrefixes("/app");

    registry.enableSimpleBroker("/topic");
    }
}

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry;
import org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer;

@Configuration
public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer {

    @Override
    protected boolean sameOriginDisabled() {
    return true;
    }

    @Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages.anyMessage().permitAll();
    }

}
WebsocketSecurityConfig.java

import org.springframework.context.annotation.Configuration;
import org.springframework.messaging.simp.config.MessageBrokerRegistry;
import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
import org.springframework.web.socket.config.annotation.StompEndpointRegistry;

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfiguration extends AbstractWebSocketMessageBrokerConfigurer {

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {

    registry.addEndpoint("/socket").setAllowedOrigins("*").withSockJS();

    }

    @Override
    public void configureMessageBroker(MessageBrokerRegistry registry) {

    registry.setApplicationDestinationPrefixes("/app");

    registry.enableSimpleBroker("/topic");
    }
}

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry;
import org.springframework.security.config.annotation.web.socket.AbstractSecurityWebSocketMessageBrokerConfigurer;

@Configuration
public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer {

    @Override
    protected boolean sameOriginDisabled() {
    return true;
    }

    @Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages.anyMessage().permitAll();
    }

}
NotificationsController.java

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.messaging.handler.annotation.SendTo;
import org.springframework.messaging.simp.SimpMessagingTemplate;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class NotificationController {

    @Autowired
    private SimpMessagingTemplate template;

    // Initialize Notifications
    private Notifications notifications = new Notifications(0);

    @GetMapping("/notify")
   // @SendTo("/topic/notification")
    public void getNotification() {
    System.out.println("Request received..");
    // Increment Notification by one
    notifications.increment();

    // Push notifications to front-end
    template.convertAndSend("/topic/notification", notifications);
    System.out.println("Response Sent..");
    // return notifications;
    }
}
WebSecurityConfig.java

// Only websocket related code posted here
@Override
    protected void configure(HttpSecurity http) throws Exception {

    http.httpBasic().disable();
    http.csrf().disable();
    http.headers().frameOptions().sameOrigin();
    http.authorizeRequests().antMatchers("/socket/**").permitAll();
}
请帮助我修复此问题…

与的连接丢失https://localhost/socket
。您确定您的服务器在端口80上运行吗?您是否通过同一个Web服务器为前端和后端提供服务?是的。前端由同一个web服务器提供服务。它是从静态文件夹提供的。它在80和443上都运行,因为它配置了ssl,并且我能够访问其他端点。我还没有使用Spring的WebSocket对HTTPS的支持,不确定这是否会对任何事情产生影响。如果我是你,我会尝试删除HTTPS,只是为了测试它是否可以这样工作。如果是这样的话,我猜您需要将web套接字配置为通过HTTPSIt公开。它甚至不能通过http工作。那么,您可以创建一个吗?问题正在变得越来越模糊,就像这样:)