[SHIRO-620] authentication and authorization support for spring websocket - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Authentication (log-in), Authorization (access control)
Labels:
- features
- security
- spring
- websocket

Description

Shiro could add some support for spring websockets.

	<websocket:handlers>
		<websocket:mapping path="/ws" handler="wsHandler"/>
		<websocket:handshake-interceptors>
			<bean class="org.apache.shiro.somepackage.WebsocketSecurityInterceptor"></bean>
		</websocket:handshake-interceptors>
	</websocket:handlers>

This security interceptor could do two things by overriding the beforeHandshake method:

Decide whether or not the user can open the websocket
Set authentication information in the socket attributes

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Laszlo Hornyak

Votes:: 2 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 29/Mar/17 21:09

Updated:: 30/Mar/17 19:39