1. 首页
  2. 问题列表
  3. Stomp Disconnect命令拒绝Spring WebSocket访问
提问者:小点点

Stomp Disconnect命令拒绝Spring WebSocket访问


我需要您帮助解决我遇到的一个问题。我正在使用Spring WebSocket|Spring Security。

发生了什么事

Stomp Client能够成功连接,但过了一段时间后我得到了这个异常

2021-05-31 11:35:24.563  INFO 1 --- [nio-8080-exec-4] o.s.w.s.m.SubProtocolWebSocketHandler    : No messages received after 114650 ms. Closing HtmlFileStreamingSockJsSession[id=hkui12fj].
Error Occured on stomp Command : DISCONNECT
2021-05-31 11:35:24.563 ERROR 1 --- [nio-8080-exec-4] c.s.c.w.e.ConnectDisconnectEventHandler  : Error Occured in the system null
2021-05-31 11:35:24.564  WARN 1 --- [nio-8080-exec-4] w.s.h.ExceptionWebSocketHandlerDecorator : Unhandled exception after connection closed for ExceptionWebSocketHandlerDecorator [delegate=LoggingWebSocketHandlerDecorator [delegate=SubProtocolWebSocketHandler[StompSubProtocolHandler[v10.stomp, v11.stomp, v12.stomp]]]]

org.springframework.messaging.MessageDeliveryException: Failed to send message to ExecutorSubscribableChannel[clientInboundChannel]; nested exception is org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.messaging.support.AbstractMessageChannel.send(AbstractMessageChannel.java:149) ~[spring-messaging-5.3.5.jar!/:5.3.5]
    at org.springframework.messaging.support.AbstractMessageChannel.send(AbstractMessageChannel.java:125) ~[spring-messaging-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.messaging.StompSubProtocolHandler.afterSessionEnded(StompSubProtocolHandler.java:650) ~[spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.messaging.SubProtocolWebSocketHandler.clearSession(SubProtocolWebSocketHandler.java:530) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.messaging.SubProtocolWebSocketHandler.afterConnectionClosed(SubProtocolWebSocketHandler.java:399) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.WebSocketHandlerDecorator.afterConnectionClosed(WebSocketHandlerDecorator.java:85) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.LoggingWebSocketHandlerDecorator.afterConnectionClosed(LoggingWebSocketHandlerDecorator.java:72) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.ExceptionWebSocketHandlerDecorator.afterConnectionClosed(ExceptionWebSocketHandlerDecorator.java:78) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.sockjs.transport.session.AbstractSockJsSession.close(AbstractSockJsSession.java:224) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.WebSocketSessionDecorator.close(WebSocketSessionDecorator.java:160) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.ConcurrentWebSocketSessionDecorator.close(ConcurrentWebSocketSessionDecorator.java:271) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.messaging.SubProtocolWebSocketHandler.checkSessions(SubProtocolWebSocketHandler.java:507) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.messaging.SubProtocolWebSocketHandler.handleMessage(SubProtocolWebSocketHandler.java:339) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.WebSocketHandlerDecorator.handleMessage(WebSocketHandlerDecorator.java:75) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.LoggingWebSocketHandlerDecorator.handleMessage(LoggingWebSocketHandlerDecorator.java:56) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.ExceptionWebSocketHandlerDecorator.handleMessage(ExceptionWebSocketHandlerDecorator.java:58) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.sockjs.transport.session.AbstractSockJsSession.delegateMessages(AbstractSockJsSession.java:387) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.sockjs.transport.session.WebSocketServerSockJsSession.handleMessage(WebSocketServerSockJsSession.java:195) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.sockjs.transport.handler.SockJsWebSocketHandler.handleTextMessage(SockJsWebSocketHandler.java:93) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.handler.AbstractWebSocketHandler.handleMessage(AbstractWebSocketHandler.java:43) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.adapter.standard.StandardWebSocketHandlerAdapter.handleTextMessage(StandardWebSocketHandlerAdapter.java:114) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.adapter.standard.StandardWebSocketHandlerAdapter.access$000(StandardWebSocketHandlerAdapter.java:43) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.adapter.standard.StandardWebSocketHandlerAdapter$3.onMessage(StandardWebSocketHandlerAdapter.java:85) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.springframework.web.socket.adapter.standard.StandardWebSocketHandlerAdapter$3.onMessage(StandardWebSocketHandlerAdapter.java:82) [spring-websocket-5.3.5.jar!/:5.3.5]
    at org.apache.tomcat.websocket.WsFrameBase.sendMessageText(WsFrameBase.java:415) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.server.WsFrameServer.sendMessageText(WsFrameServer.java:129) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.WsFrameBase.processDataText(WsFrameBase.java:515) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.WsFrameBase.processData(WsFrameBase.java:301) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.WsFrameBase.processInputBuffer(WsFrameBase.java:133) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.server.WsFrameServer.onDataAvailable(WsFrameServer.java:85) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.server.WsFrameServer.doOnDataAvailable(WsFrameServer.java:183) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.server.WsFrameServer.notifyDataAvailable(WsFrameServer.java:162) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.websocket.server.WsHttpUpgradeHandler.upgradeDispatch(WsHttpUpgradeHandler.java:156) [tomcat-embed-websocket-9.0.44.jar!/:9.0.44]
    at org.apache.coyote.http11.upgrade.UpgradeProcessorInternal.dispatch(UpgradeProcessorInternal.java:60) [tomcat-embed-core-9.0.44.jar!/:9.0.44]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:59) [tomcat-embed-core-9.0.44.jar!/:9.0.44]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893) [tomcat-embed-core-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707) [tomcat-embed-core-9.0.44.jar!/:9.0.44]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.44.jar!/:9.0.44]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_212]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_212]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.44.jar!/:9.0.44]
    at java.lang.Thread.run(Thread.java:748) [na:1.8.0_212]
Caused by: org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:73) ~[spring-security-core-5.4.5.jar!/:5.4.5]
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.attemptAuthorization(AbstractSecurityInterceptor.java:238) ~[spring-security-core-5.4.5.jar!/:5.4.5]
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:208) ~[spring-security-core-5.4.5.jar!/:5.4.5]
    at org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor.preSend(ChannelSecurityInterceptor.java:70) ~[spring-security-messaging-5.4.5.jar!/:5.4.5]
    at org.springframework.messaging.support.AbstractMessageChannel$ChannelInterceptorChain.applyPreSend(AbstractMessageChannel.java:181) ~[spring-messaging-5.3.5.jar!/:5.3.5]
    at org.springframework.messaging.support.AbstractMessageChannel.send(AbstractMessageChannel.java:135) ~[spring-messaging-5.3.5.jar!/:5.3.5]
    ... 41 common frames omitted

我能够弄清楚它发生在跺脚断开命令上。

WebSocket安全配置只有几件事。

@Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
        messages.anyMessage().authenticated();
    }

    @Override
    protected boolean sameOriginDisabled() {
        return true;
    }

任何帮助将不胜感激。

我有两个这样注册的拦截器。

首先WebSocketAuthenticationFilter它只是一个通道拦截器,用于拦截传入请求并将用户设置为在websocket中经过身份验证。

第二个-ConnectDisconnect tChannelInterceptor,我在其中跟踪用户何时连接和何时断开连接。


共1个答案

匿名用户 

 @Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messageSecurityMetadataSourceRegistry) {
        messageSecurityMetadataSourceRegistry
                .simpTypeMatchers(SimpMessageType.CONNECT, SimpMessageType.DISCONNECT, SimpMessageType.OTHER).permitAll()
                .anyMessage().authenticated();
    }

相关问题



热门标签
Java JavaScript Python PHP C# Android Html jQuery C++ Css IOS MySQL NodeJS