带有Spring后端的WebSocket在一段时间后失去连接,onclose不被调用
在我们的spring应用程序中,大多数控制器都受到oauth安全性的保护。WebSocket落后于basic。在访问websocket之前,登录用户要求输入websocket连接的用户名和哈希密码。两者都将被生成,但现在出于测试目的,它总是返回相同的信用 信息的URL如下所示:带有Spring后端的WebSocket在一段时间后失去连接,onclose不被调用,spring,spring-security,websocket,basic-authentication,spring-websocket,Spring,Spring Security,Websocket,Basic Authentication,Spring Websocket,在我们的spring应用程序中,大多数控制器都受到oauth安全性的保护。WebSocket落后于basic。在访问websocket之前,登录用户要求输入websocket连接的用户名和哈希密码。两者都将被生成,但现在出于测试目的,它总是返回相同的信用 信息的URL如下所示: https://user:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/info WebSocket已正确打开。我们可以发送一些消
https://user:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/info
WebSocket已正确打开。我们可以发送一些消息,它们通过代理发送给用户。以下是来自chrome工具的请求信息:
Remote Address:127.0.0.1:8000
Request URL:https://benny:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/033/7szz8k_f/xhr_send
Request Method:POST
Status Code:204 No Content
Response Headers:
HTTP/1.1 204 No Content
server: Apache-Coyote/1.1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
access-control-allow-origin: https://localhost:8000
access-control-allow-credentials: true
vary: Origin
content-type: text/plain;charset=UTF-8
date: Mon, 15 Jun 2015 08:22:43 GMT
Connection: keep-alive
Request Headers:
POST /project-name/chat/033/7szz8k_f/xhr_send HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Content-Length: 143
Origin: https://localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Referer: https://localhost:8000/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,pl;q=0.6
Cookie: JSESSIONID=FF967D3DD1247C1D572C15CF8A3D5E8E; i18next=en; language=pl; tmhDynamicLocale.locale=%22pl-pl%22
["SEND\npriority:9\ndestination:/random/chat/1/FUNNY\ncontent-length:49\n\n{\"message\":\"sfsdf\",\"display\":\"The great wizard.\"}\u0000"]
但在发送另一个请求大约一分钟后,我们得到404响应。以前是否发出过任何发送请求并不重要。我们可以在这段时间内写50多条信息,然后得到404条
404请求数据示例如下:
Remote Address:127.0.0.1:8000
Request URL:https://hill:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/033/7szz8k_f/xhr_send
Request Method:POST
Status Code:404 Not Found
Response Headers:
HTTP/1.1 404 Not Found
server: Apache-Coyote/1.1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
content-length: 0
date: Mon, 15 Jun 2015 08:24:17 GMT
Connection: keep-alive
Request Headers:
POST /project-name/chat/033/7szz8k_f/xhr_send HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Content-Length: 143
Origin: https://localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Referer: https://localhost:8000/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,pl;q=0.6
Cookie: JSESSIONID=FF967D3DD1247C1D572C15CF8A3D5E8E; i18next=en; language=pl; tmhDynamicLocale.locale=%22pl-pl%22
Request Payload:
["SEND\npriority:9\ndestination:/random/chat/1/FUNNY\ncontent-length:49\n\n{\"message\":\"yhgfh\",\"username\":\"The great wizard.\"}\u0000"]
在设置stomp时,我们设置函数以在关闭时作出反应:
socket.client = new SockJS(targetUrl);
socket.stomp = Stomp.over(socket.client);
socket.stomp.connect({}, startListener);
socket.stomp.onclose = reconnect;
重新连接函数如下所示(在AngularJS中):
但函数从未被调用
聊天控制器非常简单:
@Controller
public class StageChatController {
@Inject
private SimpMessagingTemplate template;
@Inject
private ChatMessageRepository chatMessageRepository;
@MessageMapping("/chat/{channel}/{type}")
public void sendMessage(@DestinationVariable Long channel, @DestinationVariable ChatType type, ChatMessageDto message) {
ChatMessage chatMessage = new ChatMessage();
chatMessage.setDatestamp(LocalDateTime.now());
chatMessage.setMessage(message.getMessage());
chatMessage.setChannelId(channel);
chatMessage.setChatType(type);
chatMessage.setDisplayName(message.getDisplay());
chatMessage = this.chatMessageRepository.save(chatMessage);
this.template.convertAndSend("/channel/" + project + "/" + type, chatMessage);
}
聊天室的安全性覆盖了聊天室URL的oauth安全性:
@Configuration
@EnableWebSecurity
@Order(2)
static class BasicAccessConfig extends WebSecurityConfigurerAdapter {
@Inject
private OAuth2ClientContextFilter oauth2ClientContextFilter;
@Value("${project.name.chat.token}")
private String chat_token;
@Override
protected void configure(HttpSecurity http) throws Exception {
//@formatter:off
http
.requestMatcher(new AntPathRequestMatcher("/chat/**/*"))
.authorizeRequests().anyRequest().authenticated()
.and()
.httpBasic()
.and()
.anonymous().disable()
.csrf().disable()
.addFilterBefore(this.oauth2ClientContextFilter, SecurityContextPersistenceFilter.class);
;
//@formatter:on
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/assets/**");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("hill").password(this.chat_token).authorities("read_chat");
}
}
安全措施的处理方式有问题。当我在后端完全禁用安全性时,websocket永远不会得到404。我们已经在另一台服务器上设置了它,即使有安全性,它也可以正常工作。无论我们做什么,如果启用了安全性,在第一台服务器和我们的开发平台上,它仍然会在1分钟后停止。我们在任何地方都使用相同版本的Java,Tomcat8。这两个测试服务器都在debian上(完全相同的版本),而我们的开发机器从windows到linux的不同版本都有所不同。你知道这一点吗?我在我们的应用程序中看到了相同的症状有人找到了解决方案吗?我们还没有找到解决方案
@Configuration
@EnableWebSecurity
@Order(2)
static class BasicAccessConfig extends WebSecurityConfigurerAdapter {
@Inject
private OAuth2ClientContextFilter oauth2ClientContextFilter;
@Value("${project.name.chat.token}")
private String chat_token;
@Override
protected void configure(HttpSecurity http) throws Exception {
//@formatter:off
http
.requestMatcher(new AntPathRequestMatcher("/chat/**/*"))
.authorizeRequests().anyRequest().authenticated()
.and()
.httpBasic()
.and()
.anonymous().disable()
.csrf().disable()
.addFilterBefore(this.oauth2ClientContextFilter, SecurityContextPersistenceFilter.class);
;
//@formatter:on
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/assets/**");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("hill").password(this.chat_token).authorities("read_chat");
}
}