Question

我正在尝试保护C＃客户端和Spring Boot Websocket服务器之间的连接。服务器有arrayList，其中包含WebSocketSession，主机IP，Web套接字密钥，登录名和卡ID作为字符串。我需要它，因为服务器将在客户端之间路由一些信息。

这是我的WebSocketHander类：

@Component
public class WebSocketHandler extends TextWebSocketHandler {

    private static final Logger LOG = LoggerFactory.getLogger(WebSocketHandler.class);
    private static ArrayList<Client> clientArray = new ArrayList<Client>();

    @Override
    public void afterConnectionEstablished(WebSocketSession session) throws Exception {
        super.afterConnectionEstablished(session);
        addClient(session);
    }

    @Override
    public void afterConnectionClosed(WebSocketSession session, CloseStatus status) throws Exception {
        removeClient(session);
    }

    @Override
    public void handleMessage(WebSocketSession session, WebSocketMessage<?> message) throws Exception {
    }

    private synchronized void addClient(WebSocketSession session) {
        ArrayList<String> sessionHeaderArray = getSessionHeader(session);
        synchronized(clientArray) {
            Client client = new Client(session, sessionHeaderArray.get(0), sessionHeaderArray.get(1), sessionHeaderArray.get(2), sessionHeaderArray.get(3));
            clientArray.add(client);
            LOG.info(client.toString());
        }
    }

    private synchronized void removeClient(WebSocketSession session) {
        ArrayList<String> sessionHeaderArray = getSessionHeader(session);
        synchronized(clientArray) {
            clientArray.forEach(e->{
                if(e.getHost().equals(sessionHeaderArray.get(0)) && e.getWebSocketKey().equals(sessionHeaderArray.get(1)) &&
                        e.getLogin().equals(sessionHeaderArray.get(2)) && e.getCardId().equals(sessionHeaderArray.get(3))) {
                    clientArray.remove(e);
                }
            });
        }
    }

    private ArrayList<String> getSessionHeader(WebSocketSession session) {
        ArrayList<String> list = new ArrayList<String>();
        list.add(session.getHandshakeHeaders().getFirst("host"));
        list.add(session.getHandshakeHeaders().getFirst("sec-websocket-key"));
        list.add(session.getHandshakeHeaders().getFirst("login"));
        list.add(session.getHandshakeHeaders().getFirst("cardid"));
        return list;
    }
}

我还没有实现消息处理。接下来是我的WebSocketConfig类：

@EnableWebSocket
@Configuration
@EnableAutoConfiguration
public class WebSocketConfiguration extends SpringBootServletInitializer implements WebSocketConfigurer {

    @Autowired
    WebSocketHandler handler;

    @Override
    public void registerWebSocketHandlers(WebSocketHandlerRegistry register) {
        register.addHandler(handler, "/topic");
    }

}

此配置允许服务器和客户端之间的简单文本通信，但我需要它是安全的。我是否需要重建它并实施STOMP通信协议？当我尝试使用“wss”连接客户端时，我在服务器端收到错误java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens，在客户端（C＃）端收到|Fatal|WebSocket.connect:0|An error has occurred during a TLS handshake。

Spring Boot Websockets保护了通信

0 个答案: