org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry Java Examples

The following examples show how to use org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: WebsocketSecurityConfiguration.java    From alchemy with Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        .nullDestMatcher().authenticated()
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        // matches any destination that starts with /topic/
        // (i.e. cannot send messages directly to /topic/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpDestMatchers("/topic/**").authenticated()
        // message types other than MESSAGE and SUBSCRIBE
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example #2
Source File: WebSocketSecurityConfiguration.java    From spring-react-boilerplate with MIT License 5 votes vote down vote up
@Override
 protected void configureInbound(MessageSecurityMetadataSourceRegistry message) {
     message
.nullDestMatcher().permitAll()
.simpDestMatchers("/app/**").authenticated()
.simpDestMatchers("/topic/**").authenticated()
.anyMessage().hasRole("USER");
 }
 
Example #3
Source File: WebsocketSecurityConfiguration.java    From TeamDojo with Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        .nullDestMatcher().authenticated()
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        // matches any destination that starts with /topic/
        // (i.e. cannot send messages directly to /topic/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpDestMatchers("/topic/**").authenticated()
        // message types other than MESSAGE and SUBSCRIBE
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example #4
Source File: _WebsocketSecurityConfiguration.java    From jhipster-ribbon-hystrix with GNU General Public License v3.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        // message types other than MESSAGE and SUBSCRIBE
        .nullDestMatcher().authenticated()
        // matches any destination that starts with /rooms/
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        .simpDestMatchers("/topic/**").authenticated()
        // (i.e. cannot send messages directly to /topic/, /queue/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example #5
Source File: WebsocketSecurityConfiguration.java    From gpmr with Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        // message types other than MESSAGE and SUBSCRIBE
        .nullDestMatcher().authenticated()
        // matches any destination that starts with /rooms/
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        .simpDestMatchers("/topic/**").authenticated()
        // (i.e. cannot send messages directly to /topic/, /queue/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example #6
Source File: WebsocketSecurityConfiguration.java    From ServiceCutter with Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        // message types other than MESSAGE and SUBSCRIBE
        .nullDestMatcher().authenticated()
        // matches any destination that starts with /rooms/
        .simpDestMatchers("/topic/**").authenticated()
        // (i.e. cannot send messages directly to /topic/, /queue/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example #7
Source File: WebSocketSecurityConfig.java    From spring-session with Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
	messages
		.simpMessageDestMatchers("/queue/**", "/topic/**").denyAll()
		.simpSubscribeDestMatchers("/queue/**/*-user*", "/topic/**/*-user*").denyAll()
		.anyMessage().authenticated();
}
 
Example #8
Source File: WebSocketSecurityConfig.java    From bearchoke with Apache License 2.0 5 votes vote down vote up
@Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
        // Waiting on a response here: https://jira.spring.io/browse/SEC-2802
//        messages
//                .antMatchers(SimpMessageType.MESSAGE, "/user/queue/errors").permitAll()
//                .antMatchers(SimpMessageType.MESSAGE, "/user/*").hasRole("USER")
//                .antMatchers(SimpMessageType.MESSAGE, "/app/user/*").hasRole("USER")
//                .anyMessage().permitAll();
    }
 
Example #9
Source File: WebSocketAuthorizationSecurityConfig.java    From joal with Apache License 2.0 4 votes vote down vote up
@Override
protected void configureInbound(final MessageSecurityMetadataSourceRegistry messages) {
    messages.anyMessage().authenticated();
}
 
Example #10
Source File: SocketSecurityConfig.java    From tutorials with MIT License 4 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
            .simpDestMatchers("/secured/**", "/secured/**/**").authenticated()
            .anyMessage().authenticated();
}
 
Example #11
Source File: WebSocketSecurityConfig.java    From cloudstreetmarket.com with GNU General Public License v3.0 3 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
   	
	messages
	.simpMessageDestMatchers(Constants.WS_TOPIC_ACTIVITY_FEED_PATH, "/queue/*", "/app/queue/*").permitAll();
	
}