Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
带有Spring后端的WebSocket在一段时间后失去连接,onclose不被调用_Spring_Spring Security_Websocket_Basic Authentication_Spring Websocket - Fatal编程技术网
Fatal编程技术网
  • spring/
  • 带有Spring后端的WebSocket在一段时间后失去连接,onclose不被调用

带有Spring后端的WebSocket在一段时间后失去连接,onclose不被调用

spring spring-security websocket

带有Spring后端的WebSocket在一段时间后失去连接,onclose不被调用,spring,spring-security,websocket,basic-authentication,spring-websocket,Spring,Spring Security,Websocket,Basic Authentication,Spring Websocket,在我们的spring应用程序中,大多数控制器都受到oauth安全性的保护。WebSocket落后于basic。在访问websocket之前,登录用户要求输入websocket连接的用户名和哈希密码。两者都将被生成,但现在出于测试目的,它总是返回相同的信用 信息的URL如下所示: https://user:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/info WebSocket已正确打开。我们可以发送一些消

在我们的spring应用程序中,大多数控制器都受到oauth安全性的保护。WebSocket落后于basic。在访问websocket之前,登录用户要求输入websocket连接的用户名和哈希密码。两者都将被生成,但现在出于测试目的,它总是返回相同的信用

信息的URL如下所示:

 https://user:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/info
WebSocket已正确打开。我们可以发送一些消息,它们通过代理发送给用户。以下是来自chrome工具的请求信息:

Remote Address:127.0.0.1:8000
Request URL:https://benny:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/033/7szz8k_f/xhr_send
Request Method:POST
Status Code:204 No Content

Response Headers:
HTTP/1.1 204 No Content
server: Apache-Coyote/1.1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
access-control-allow-origin: https://localhost:8000
access-control-allow-credentials: true
vary: Origin
content-type: text/plain;charset=UTF-8
date: Mon, 15 Jun 2015 08:22:43 GMT
Connection: keep-alive

Request Headers:
POST /project-name/chat/033/7szz8k_f/xhr_send HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Content-Length: 143
Origin: https://localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Referer: https://localhost:8000/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,pl;q=0.6
Cookie: JSESSIONID=FF967D3DD1247C1D572C15CF8A3D5E8E; i18next=en; language=pl; tmhDynamicLocale.locale=%22pl-pl%22

["SEND\npriority:9\ndestination:/random/chat/1/FUNNY\ncontent-length:49\n\n{\"message\":\"sfsdf\",\"display\":\"The great wizard.\"}\u0000"]
但在发送另一个请求大约一分钟后,我们得到404响应。以前是否发出过任何发送请求并不重要。我们可以在这段时间内写50多条信息,然后得到404条

404请求数据示例如下:

Remote Address:127.0.0.1:8000
Request URL:https://hill:debaee4affbeaba909a184066981d55a@localhost:8000/project-name/chat/033/7szz8k_f/xhr_send
Request Method:POST
Status Code:404 Not Found

Response Headers:
HTTP/1.1 404 Not Found
server: Apache-Coyote/1.1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
content-length: 0
date: Mon, 15 Jun 2015 08:24:17 GMT
Connection: keep-alive

Request Headers:
POST /project-name/chat/033/7szz8k_f/xhr_send HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Content-Length: 143
Origin: https://localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Referer: https://localhost:8000/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,pl;q=0.6
Cookie: JSESSIONID=FF967D3DD1247C1D572C15CF8A3D5E8E; i18next=en; language=pl; tmhDynamicLocale.locale=%22pl-pl%22

Request Payload:
["SEND\npriority:9\ndestination:/random/chat/1/FUNNY\ncontent-length:49\n\n{\"message\":\"yhgfh\",\"username\":\"The great wizard.\"}\u0000"]
在设置stomp时,我们设置函数以在关闭时作出反应:

socket.client = new SockJS(targetUrl);
socket.stomp = Stomp.over(socket.client);
socket.stomp.connect({}, startListener);
socket.stomp.onclose = reconnect;
重新连接函数如下所示(在AngularJS中):

但函数从未被调用

聊天控制器非常简单:

@Controller
public class StageChatController {

    @Inject
    private SimpMessagingTemplate template;

    @Inject
    private ChatMessageRepository chatMessageRepository;

@MessageMapping("/chat/{channel}/{type}")
    public void sendMessage(@DestinationVariable Long channel, @DestinationVariable ChatType type, ChatMessageDto message) {
        ChatMessage chatMessage = new ChatMessage();

        chatMessage.setDatestamp(LocalDateTime.now());
        chatMessage.setMessage(message.getMessage());
        chatMessage.setChannelId(channel);
        chatMessage.setChatType(type);
        chatMessage.setDisplayName(message.getDisplay());

        chatMessage = this.chatMessageRepository.save(chatMessage);

        this.template.convertAndSend("/channel/" + project + "/" + type, chatMessage);
    }
聊天室的安全性覆盖了聊天室URL的oauth安全性:

@Configuration
    @EnableWebSecurity
    @Order(2)
    static class BasicAccessConfig extends WebSecurityConfigurerAdapter {

        @Inject
        private OAuth2ClientContextFilter oauth2ClientContextFilter;

        @Value("${project.name.chat.token}")
        private String chat_token;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            //@formatter:off
            http
            .requestMatcher(new AntPathRequestMatcher("/chat/**/*"))
            .authorizeRequests().anyRequest().authenticated()
            .and()
            .httpBasic()
            .and()
            .anonymous().disable()
            .csrf().disable()
            .addFilterBefore(this.oauth2ClientContextFilter, SecurityContextPersistenceFilter.class);
            ;
            //@formatter:on
        }

        @Override
        public void configure(WebSecurity web) throws Exception {
            web.ignoring().antMatchers("/assets/**");
        }

        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
            auth.inMemoryAuthentication().withUser("hill").password(this.chat_token).authorities("read_chat");
        }
    }
安全措施的处理方式有问题。当我在后端完全禁用安全性时,websocket永远不会得到404。我们已经在另一台服务器上设置了它,即使有安全性,它也可以正常工作。无论我们做什么,如果启用了安全性,在第一台服务器和我们的开发平台上,它仍然会在1分钟后停止。我们在任何地方都使用相同版本的Java,Tomcat8。这两个测试服务器都在debian上(完全相同的版本),而我们的开发机器从windows到linux的不同版本都有所不同。你知道这一点吗?我在我们的应用程序中看到了相同的症状有人找到了解决方案吗?我们还没有找到解决方案 
@Configuration
    @EnableWebSecurity
    @Order(2)
    static class BasicAccessConfig extends WebSecurityConfigurerAdapter {

        @Inject
        private OAuth2ClientContextFilter oauth2ClientContextFilter;

        @Value("${project.name.chat.token}")
        private String chat_token;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            //@formatter:off
            http
            .requestMatcher(new AntPathRequestMatcher("/chat/**/*"))
            .authorizeRequests().anyRequest().authenticated()
            .and()
            .httpBasic()
            .and()
            .anonymous().disable()
            .csrf().disable()
            .addFilterBefore(this.oauth2ClientContextFilter, SecurityContextPersistenceFilter.class);
            ;
            //@formatter:on
        }

        @Override
        public void configure(WebSecurity web) throws Exception {
            web.ignoring().antMatchers("/assets/**");
        }

        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
            auth.inMemoryAuthentication().withUser("hill").password(this.chat_token).authorities("read_chat");
        }
    }