I developed a mobile chat application with springboot,spring security,spring websockets ,stomp and sockjs. Server running at port 8082 and client running at 8100 port.
I am using angular and sockjs client to send requests.when I try to connect to STOMP end point its giving the error at developer console(front end) and back end console.Below is the track trace,
From Developer console:
Opening Web Socket...
stomp.min.js (line 8)
GET http://localhost:8082/ws/info?t=1451547968350
200 OK
565ms
sockjs-1.0.1.js (line 1610)
Web Socket Opened...
stomp.min.js (line 8)
CONNECT
login:test
passcode:test
accept-version:1.1,1.0
heart-beat:10000,10000
**<<< ERROR message:Failed to send message to ExecutorSubscribableChannel[clientInboundChannel]; nested exception is org.springframework.security.access.AccessDeniedException\c Access is denied
content-length:0*
Back end Error **:**
2015-12-31 13:16:09.080 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; / css /&#39; 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; / js /&#39; 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; / images /&#39; 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; // favicon.ico&#39; 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; /错误&#39; 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:Request&#39; GET / ws / info&#39;没有匹配&#39; POST / person / ** 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; / lookup /&#39; 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:Request&#39; GET / ws / info&#39;没有匹配&#39; POST / upload / image / 2015-12-31 13:16:09.081 DEBUG 8116 --- [0.0-8082-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / info&#39 ;;反对&#39; / ws /&#39; 2015-12-31 13:16:09.082 DEBUG 8116 --- [0.0-8082-exec-1] o.s.security.web.FilterChainProxy:/ ws / info?t = 1451547968350有一个空的过滤列表 2015-12-31 13:16:09.093 DEBUG 8116 --- [0.0-8082-exec-1] o.s.b.f.s.DefaultListableBeanFactory:返回单例bean的缓存实例&#39; managementServerProperties&#39; 2015-12-31 13:16:09.110 DEBUG 8116 --- [0.0-8082-exec-1] o.s.web.servlet.DispatcherServlet:DispatcherServlet,名称为&#39; dispatcherServlet&#39;处理[/ ws / info]的GET请求 2015-12-31 13:16:09.120 DEBUG 8116 --- [0.0-8082-exec-1] o.s.b.a.e.mvc.EndpointHandlerMapping:查找path / ws / info的处理程序方法 2015-12-31 13:16:09.160 DEBUG 8116 --- [0.0-8082-exec-1] o.s.b.a.e.mvc.EndpointHandlerMapping:没找到[/ ws / info]的处理程序方法 2015-12-31 13:16:09.161 DEBUG 8116 --- [0.0-8082-exec-1] s.w.s.m.m.a.RequestMappingHandlerMapping:查找path / ws / info的处理程序方法 2015-12-31 13:16:09.164 DEBUG 8116 --- [0.0-8082-exec-1] s.w.s.m.m.a.RequestMappingHandlerMapping:找不到[/ ws / info]的处理程序方法 2015-12-31 13:16:09.165 DEBUG 8116 --- [0.0-8082-exec-1] o.s.w.s.s.s.WebSocketHandlerMapping:请求[/ ws / info]的匹配模式是[/ ws /] 2015-12-31 13:16:09.168 DEBUG 8116 --- [0.0-8082-exec-1] o.s.w.s.s.s.WebSocketHandlerMapping:URI请求的模板变量[/ ws / info]是{} 2015-12-31 13:16:09.171 DEBUG 8116 --- [0.0-8082-exec-1] oswsssWebSocketHandlerMapping:使用handler [org.springframework.web.socket.sockjs.support]将[/ ws / info]映射到HandlerExecutionChain .SockJsHttpRequestHandler @ 3e16086]和1个拦截器 2015-12-31 13:16:09.177 DEBUG 8116 --- [0.0-8082-exec-1] o.s.web.servlet.DispatcherServlet:[/ ws / info]的Last-Modified值为:-1 2015-12-31 13:16:09.280 DEBUG 8116 --- [0.0-8082-exec-1] o.s.w.s.s.t.h.DefaultSockJsService:处理传输请求:获取http://localhost:8082/ws/info?t=1451547968350 2015-12-31 13:16:09.292 DEBUG 8116 --- [0.0-8082-exec-1] osweb.servlet.DispatcherServlet:Null ModelAndView返回DispatcherServlet,名称为&#39; dispatcherServlet&#39;:假设HandlerAdapter已完成请求处理 2015-12-31 13:16:09.292 DEBUG 8116 --- [0.0-8082-exec-1] o.s.web.servlet.DispatcherServlet:已成功完成请求 2015-12-31 13:16:09.298 DEBUG 8116 --- [0.0-8082-exec-1] o.s.b.f.s.DefaultListableBeanFactory:返回单例bean的缓存实例&#39; delegatingApplicationListener&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; / css /&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; / js /&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; / images /&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; // favicon.ico&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; /错误&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:Request&#39; GET / ws / 849 / 3qaa31j0 / websocket&#39;没有匹配&#39; POST / person / ** 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; / lookup /&#39; 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:Request&#39; GET / ws / 849 / 3qaa31j0 / websocket&#39;没有匹配&#39; POST / upload / image / 2015-12-31 13:16:09.657 DEBUG 8116 --- [0.0-8082-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:&#39; / ws / 849 / 3qaa31j0 / websocket&#39 ;;反对&#39; / ws /&#39; 2015-12-31 13:16:09.658 DEBUG 8116 --- [0.0-8082-exec-2] o.s.security.web.FilterChainProxy:/ ws / 849 / 3qaa31j0 / websocket有一个空的过滤列表 2015-12-31 13:16:09.659 DEBUG 8116 --- [0.0-8082-exec-2] o.s.web.servlet.DispatcherServlet:DispatcherServlet with name&#39; dispatcherServlet&#39;处理[/ ws / 849 / 3qaa31j0 / websocket]的GET请求 2015-12-31 13:16:09.659 DEBUG 8116 --- [0.0-8082-exec-2] o.s.b.a.e.mvc.EndpointHandlerMapping:查找path / ws / 849 / 3qaa31j0 / websocket的处理程序方法 2015-12-31 13:16:09.688 DEBUG 8116 --- [0.0-8082-exec-2] o.s.b.a.e.mvc.EndpointHandlerMapping:没找到[/ ws / 849 / 3qaa31j0 / websocket]的处理程序方法 2015-12-31 13:16:09.688 DEBUG 8116 --- [0.0-8082-exec-2] s.w.s.m.m.a.RequestMappingHandlerMapping:查找path / ws / 849 / 3qaa31j0 / websocket的处理程序方法 2015-12-31 13:16:09.690 DEBUG 8116 --- [0.0-8082-exec-2] s.w.s.m.m.a.RequestMappingHandlerMapping:找不到[/ ws / 849 / 3qaa31j0 / websocket]的处理程序方法 2015-12-31 13:16:09.690 DEBUG 8116 --- [0.0-8082-exec-2] o.s.w.s.s.s.WebSocketHandlerMapping:请求匹配模式[/ ws / 849 / 3qaa31j0 / websocket]是[/ ws /] 2015-12-31 13:16:09.690 DEBUG 8116 --- [0.0-8082-exec-2] o.s.w.s.s.s.WebSocketHandlerMapping:URI请求的模板变量[/ ws / 849 / 3qaa31j0 / websocket]是{} 2015-12-31 13:16:09.690 DEBUG 8116 --- [0.0-8082-exec-2] oswsssWebSocketHandlerMapping:使用handler [org.springframework.web.socket]将[/ ws / 849 / 3qaa31j0 / websocket]映射到HandlerExecutionChain .sockjs.support.SockJsHttpRequestHandler @ 3e16086]和1个拦截器 2015-12-31 13:16:09.690 DEBUG 8116 --- [0.0-8082-exec-2] o.s.web.servlet.DispatcherServlet:[/ ws / 849 / 3qaa31j0 / websocket]的最后修改值为:-1 2015-12-31 13:16:09.692 DEBUG 8116 --- [0.0-8082-exec-2] o.s.w.s.s.t.h.DefaultSockJsService:处理运输请求:获取http://localhost:8082/ws/849/3qaa31j0/websocket 2015-12-31 13:16:09.812 DEBUG 8116 --- [0.0-8082-exec-2] osweb.servlet.DispatcherServlet:Null ModelAndView返回DispatcherServlet,名称为&#39; dispatcherServlet&#39;:假设HandlerAdapter已完成请求处理 2015-12-31 13:16:09.813 DEBUG 8116 --- [0.0-8082-exec-2] o.s.web.servlet.DispatcherServlet:已成功完成请求 2015-12-31 13:16:09.882 DEBUG 8116 --- [0.0-8082-exec-2] s.w.s.h.LoggingWebSocketHandlerDecorator:New WebSocketServerSockJsSession [id = 3qaa31j0] 2015-12-31 13:16:10.091 DEBUG 8116 --- [0.0-8082-exec-3] ossmaiChannelSecurityInterceptor:安全对象:GenericMessage [payload = byte [0],headers = {simpMessageType = CONNECT,stompCommand = CONNECT, nativeHeaders = {login = [test],passcode = [PROTECTED],accept-version = [1.1,1.0],heart-beat = [10000,10000]},simpSessionAttributes = {IP_ADDRESS = / 127.0.0.1:51223 ,Access-Control-Allow-Origin = *},simpHeartbeat = [J @ 574f3f7,stompCredentials = [PROTECTED],simpUser =org.springframework.security.authentication.AnonymousAuthenticationToken@55c70fe4:Principal:anonymous;证书:[保护];认证:真实;细节:null;授权机构:ANONYMOUS,simpSessionId = 3qaa31j0}];属性:[已验证] 2015-12-31 13:16:10.091 DEBUG 8116 --- [0.0-8082-exec-3] o.s.s.m.a.i.ChannelSecurityInterceptor:以前经过身份验证:org.springframework.security.authentication.AnonymousAuthenticationToken@55c70fe:校长:匿名;证书:[保护];认证:真实;细节:null;授权机构:ANONYMOUS 2015-12-31 13:16:10.104 DEBUG 8116 --- [0.0-8082-exec-3] ossaccess.vote.AffirmativeBased:Voter:org.springframework.security.messaging.access.expression.MessageExpressionVoter@6f9f78f,返回:-1 2015-12-31 13:16:10.119 DEBUG 8116 --- [0.0-8082-exec-3] o.s.b.f.s.DefaultListableBeanFactory:返回单例bean的缓存实例&#39; delegatingApplicationListener&#39; 2015-12-31 13:16:10.120 DEBUG 8116 --- [0.0-8082-exec-3] o.s.b.f.s.DefaultListableBeanFactory:返回单例bean的缓存实例&#39; authorizationAuditListener&#39; 2015-12-31 13:16:10.121 DEBUG 8116 --- [0.0-8082-exec-3] o.s.b.f.s.DefaultListableBeanFactory:返回单例bean的缓存实例&#39; delegatingApplicationListener&#39; 2015-12-31 13:16:10.122 DEBUG 8116 --- [0.0-8082-exec-3] o.s.b.f.s.DefaultListableBeanFactory:返回单例bean的缓存实例&#39; auditListener&#39; 2015-12-31 13:16:10.122 DEBUG 8116 --- [0.0-8082-exec-3] osbaaudit.listener.AuditListener:AuditEvent [timestamp = Thu Dec 31 13:16:10 IST 2015,principal = anonymous, type = AUTHORIZATION_FAILURE,data = {type = org.springframework.security.access.AccessDeniedException,message = Access is denied}] 2015-12-31 13:16:10.125 ERROR 8116 --- [0.0-8082-exec-3] o.s.w.s.m.StompSubProtocolHandler:无法通过会话3qaa31j0中的MessageChannel向客户端发送消息。将STOMP ERROR发送给客户端。
org.springframework.messaging.MessageDeliveryException: Failed to send message to ExecutorSubscribableChannel[clientInboundChannel]; nested exception is org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.messaging.support.AbstractMessageChannel.send(AbstractMessageChannel.java:127) ~[spring-messaging-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.springframework.messaging.support.AbstractMessageChannel.send(AbstractMessageChannel.java:104) ~[spring-messaging-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.springframework.web.socket.messaging.StompSubProtocolHandler.handleMessageFromClient(StompSubProtocolHandler.java:280) ~[spring-websocket-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.springframework.web.socket.messaging.SubProtocolWebSocketHandler.handleMessage(SubProtocolWebSocketHandler.java:317) [spring-websocket-4.2.3.RELEASE.jar:4.2.3.RELEASE]
at org.springframework.web.socket.handler.WebSocketHandlerDecorator.handleMessage(WebSocketHandlerDecorator.java:75) [spring-websocket-4.2.3.RELEASE.jar:4.2.3.RELEASE
**Angular and sockjs code files:**
chatController.js**
angular.module('letsCatchApp').controller(
'chatController',
function($scope, $location, $interval, toaster, chatSocket,$state) {
var typing = undefined;
$scope.username = '';
$scope.sendTo = 'everyone';
$scope.participants = [];
$scope.messages = [];
$scope.newMessage = '';
$scope.sendMessage = function() {
console.log('22222');
var destination = "http://localhost:8082/app/chat.message";
if($scope.sendTo != "everyone") {
destination = "http://localhost:8082/app/chat.private." + $scope.sendTo;
$scope.messages.unshift({message: $scope.newMessage, username: 'you', priv: true, to: $scope.sendTo});
}
chatSocket.send(destination, {}, JSON.stringify({message: $scope.newMessage}));
$scope.newMessage = '';
};
$scope.startTyping = function() {
// Don't send notification if we are still typing or we are typing a private message
if (angular.isDefined(typing) || $scope.sendTo != "everyone") return;
typing = $interval(function() {
$scope.stopTyping();
}, 500);
chatSocket.send("http://localhost:8082/topic/chat.typing", {}, JSON.stringify({username: $scope.username, typing: true}));
};
$scope.stopTyping = function() {
console.log('44444');
if (angular.isDefined(typing)) {
$interval.cancel(typing);
typing = undefined;
chatSocket.send("http://localhost:8082/topic/chat.typing", {}, JSON.stringify({username: $scope.username, typing: false}));
}
};
$scope.privateSending = function(username) {
console.log('55555');
$scope.sendTo = (username != $scope.sendTo) ? username : 'everyone';
};
$scope.initStompClient = function() {
console.log('66666');
chatSocket.init('http://localhost:8082/ws');
console.log('66666rrrrrrrrrrrrrrrrr');
chatSocket.connect(function(frame) {
console.log('101010101010101');
$scope.username = frame.headers['user-name'];
chatSocket.subscribe("http://localhost:8082/app/chat.participants", function(message) {
console.log('7777');
$scope.participants = JSON.parse(message.body);
});
chatSocket.subscribe("http://localhost:8082/topic/chat.login", function(message) {
console.log('888888');
$scope.participants.unshift({username: JSON.parse(message.body).username, typing : false});
});
chatSocket.subscribe("http://localhost:8082/topic/chat.logout", function(message) {
console.log('99999');
var username = JSON.parse(message.body).username;
for(var index in $scope.participants) {
if($scope.participants[index].username == username) {
$scope.participants.splice(index, 1);
}
}
});
chatSocket.subscribe("http://localhost:8082/topic/chat.typing", function(message) {
var parsed = JSON.parse(message.body);
if(parsed.username == $scope.username) return;
for(var index in $scope.participants) {
var participant = $scope.participants[index];
if(participant.username == parsed.username) {
$scope.participants[index].typing = parsed.typing;
}
}
});
chatSocket.subscribe("http://localhost:8082/topic/chat.message", function(message) {
console.log('88888');
$scope.messages.unshift(JSON.parse(message.body));
});
chatSocket.subscribe("http://localhost:8082/user/exchange/amq.direct/chat.message", function(message) {
console.log('9999');
var parsed = JSON.parse(message.body);
parsed.priv = true;
$scope.messages.unshift(parsed);
});
chatSocket.subscribe("http://localhost:8082/user/exchange/amq.direct/errors", function(message) {
toaster.pop('error', "Error", message.body);
});
}, function(error) {
console.log("errrooooooo======= "+error);
toaster.pop('error', 'Error', 'Connection error ' + error);
});
};
//initStompClient();
});
chatService.js
angular.module('letsCatchApp').service('chatSocket',
function($rootScope,$http) {
console.log('Chat service is called.... ');
var stompClient;
this.test = function() {
console.log('Chat service test... ');
return $http.get('http://localhost:8082/app/')
}
this.init = function(url) {
console.log('Chat service init ... '+url);
stompClient = Stomp.over(new SockJS(url));
console.log('Chat service init ...end---- '+url);
}
this.connect = function(successCallback, errorCallback) {
console.log('Chat service init ... connect');
stompClient.connect({'login': 'test',
'passcode': 'test'}, function(frame) {
$rootScope.$apply(function() {
return successCallback(frame);
});
}, function(error) {
$rootScope.$apply(function(){
return errorCallback(error);
});
});
}
this.subscribe = function(destination, callback) {
console.log('Chat service init ... subscribe');
stompClient.subscribe(destination, function(message) {
$rootScope.$apply(function(){
return callback(message);
});
});
}
this.send = function(destination, headers, object) {
return stompClient.send(destination, headers, object);
}
});
**WebsocketConfig files:**
@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer{
//AbstractSessionWebSocketMessageBrokerConfigurer {
public static final String IP_ADDRESS = "IP_ADDRESS";
// public static final String IP_ADDRESS = "IP_ADDRESS";
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
egistry.addEndpoint("/ws").setAllowedOrigins("*").withSockJS();
registry.addEndpoint("/ws").setAllowedOrigins("*")
.setHandshakeHandler(new DefaultHandshakeHandler() {
@Override
protected Principal determineUser(
ServerHttpRequest request,
WebSocketHandler wsHandler,
Map<String, Object> attributes) {
Principal principal = request.getPrincipal();
if (principal == null) {
Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority(
"ANONYMOUS"));
principal = new AnonymousAuthenticationToken(
"WebsocketConfiguration", "anonymous",
authorities);
}
return principal;
}
}).withSockJS()
.setInterceptors(httpSessionHandshakeInterceptor());
}
@Bean
public HandshakeInterceptor httpSessionHandshakeInterceptor() {
return new HandshakeInterceptor() {
@Override
public boolean beforeHandshake(ServerHttpRequest request,
ServerHttpResponse response, WebSocketHandler wsHandler,
Map<String, Object> attributes) throws Exception {
if (request instanceof ServletServerHttpRequest) {
ServletServerHttpRequest servletRequest = (ServletServerHttpRequest) request;
attributes.put(IP_ADDRESS,
servletRequest.getRemoteAddress());
attributes.put("Access-Control-Allow-Origin",
"*");
}
return true;
}
@Override
public void afterHandshake(ServerHttpRequest request,
ServerHttpResponse response, WebSocketHandler wsHandler,
Exception exception) {
}
};
}
@Override
public void configureMessageBroker(MessageBrokerRegistry registry) {
System.out
.println("registering the endpoint ==of ===/queue/===========");
registry.enableSimpleBroker("/queue/", "/topic/", "/exchange/");
// registry.enableStompBrokerRelay("/queue/", "/topic/", "/exchange/");
registry.setApplicationDestinationPrefixes("/app");
}
@Override
public void addArgumentResolvers(List<HandlerMethodArgumentResolver> arg0) {
}
@Override
public void addReturnValueHandlers(
List<HandlerMethodReturnValueHandler> arg0) {
// TODO Auto-generated method stub
}
@Override
public void configureClientInboundChannel(ChannelRegistration arg0) {
// TODO Auto-generated method stub
}
@Override
public void configureClientOutboundChannel(ChannelRegistration arg0) {
// TODO Auto-generated method stub
}
@Override
public boolean configureMessageConverters(List<MessageConverter> arg0) {
return false;
}
@Override
public void configureWebSocketTransport(WebSocketTransportRegistration arg0) {
// TODO Auto-generated method
}
HI Artem Bilan,Thanks for your reply.As per your comments,I am sharing the security config.
**WebsecurityConfig.java**
@Configuration
@EnableWebSecurity
@EnableRedisHttpSession
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserDetailsService customUserDetailsService;
@Autowired
private RoleService roleService;
/**
* This section defines the user accounts which can be used for
* authentication as well as the roles each user has.
*/
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailsService);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(HttpMethod.POST, "/person/**")
//.antMatchers(HttpMethod.OPTIONS, "/**")
.antMatchers(HttpMethod.GET, "/lookup/**")
.antMatchers(HttpMethod.POST, "/upload/image/**")
.antMatchers(HttpMethod.GET, "/ws/**")
.antMatchers(HttpMethod.GET, "/topic/**")
.antMatchers(HttpMethod.GET, "/app/**");
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
Iterable<com.sergialmar.wschat.model.Role> roleIterable = roleService.getRoles();
List<Role> roleList = new ArrayList<Role>();
Iterator<Role> iterator = roleIterable.iterator();
while (iterator.hasNext()) {
Role role = iterator.next();
roleList.add(role);
System.out.println("Roles : " + role.getName());
}
String[] roles = new String[roleList.size()];
for (int roleIndex = 0; roleIndex < roleList.size(); roleIndex++) {
roles[roleIndex] = roleList.get(roleIndex).getName();
}
http.httpBasic().and().authorizeRequests()
.antMatchers(HttpMethod.GET, "/**").hasAnyAuthority(roles)
.antMatchers(HttpMethod.POST, "/**").hasAnyAuthority(roles)
.antMatchers(HttpMethod.PUT, "/**").hasAnyAuthority(roles)
.antMatchers(HttpMethod.DELETE, "/**").hasAnyAuthority(roles)
.antMatchers(HttpMethod.OPTIONS, "/**").hasAnyAuthority(roles)
.and().csrf().disable();
http.headers().frameOptions().disable();
}
}