我想聊聊天,它已经可以了,但是我无法从SecurityContextHolder获取上下文,它总是为空。注释@PreAuthorize和@Secured也不起作用,因为nulable SecurityContext。我怎么能得到这个背景或主体?在普通的控制器中它可以工作,但不适用于websocket。我想添加有关用户的消息信息,也许还有另一种方式?
我的配置:
@Configuration
@EnableWebSocketMessageBroker
@ComponentScan(basePackages = "com.antilamer.controller")
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
@Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/topic");
config.setApplicationDestinationPrefixes("/app");
}
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/chat").withSockJS();
}
}
控制器:
@Controller
public class ChatController {
@MessageMapping("/chat")
@SendTo("/topic/message")
public OutputMessageDTO sendMessage(MessageDTO message) {
return new OutputMessageDTO(message, new Date()); //here i want use my SecurityContext
}
}
答案 0 :(得分:0)
好的,我们不能在websocket中使用安全上下文,但是我找到了获取登录用户的方法,我需要更改我的sendMessage()方法:
public OutputMessageDTO sendMessage(SimpMessageHeaderAccessor headerAccessor, MessageDTO message) {
return new OutputMessageDTO(message, new Date(), headerAccessor.getUser());
}