Java Code Examples for org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry

The following examples show how to use org.springframework.security.config.annotation.web.messaging.MessageSecurityMetadataSourceRegistry. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: alchemy   Source File: WebsocketSecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        .nullDestMatcher().authenticated()
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        // matches any destination that starts with /topic/
        // (i.e. cannot send messages directly to /topic/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpDestMatchers("/topic/**").authenticated()
        // message types other than MESSAGE and SUBSCRIBE
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example 2
@Override
 protected void configureInbound(MessageSecurityMetadataSourceRegistry message) {
     message
.nullDestMatcher().permitAll()
.simpDestMatchers("/app/**").authenticated()
.simpDestMatchers("/topic/**").authenticated()
.anyMessage().hasRole("USER");
 }
 
Example 3
Source Project: TeamDojo   Source File: WebsocketSecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        .nullDestMatcher().authenticated()
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        // matches any destination that starts with /topic/
        // (i.e. cannot send messages directly to /topic/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpDestMatchers("/topic/**").authenticated()
        // message types other than MESSAGE and SUBSCRIBE
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example 4
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        // message types other than MESSAGE and SUBSCRIBE
        .nullDestMatcher().authenticated()
        // matches any destination that starts with /rooms/
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        .simpDestMatchers("/topic/**").authenticated()
        // (i.e. cannot send messages directly to /topic/, /queue/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example 5
Source Project: gpmr   Source File: WebsocketSecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        // message types other than MESSAGE and SUBSCRIBE
        .nullDestMatcher().authenticated()
        // matches any destination that starts with /rooms/
        .simpDestMatchers("/topic/tracker").hasAuthority(AuthoritiesConstants.ADMIN)
        .simpDestMatchers("/topic/**").authenticated()
        // (i.e. cannot send messages directly to /topic/, /queue/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example 6
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
        // message types other than MESSAGE and SUBSCRIBE
        .nullDestMatcher().authenticated()
        // matches any destination that starts with /rooms/
        .simpDestMatchers("/topic/**").authenticated()
        // (i.e. cannot send messages directly to /topic/, /queue/)
        // (i.e. cannot subscribe to /topic/messages/* to get messages sent to
        // /topic/messages-user<id>)
        .simpTypeMatchers(SimpMessageType.MESSAGE, SimpMessageType.SUBSCRIBE).denyAll()
        // catch all
        .anyMessage().denyAll();
}
 
Example 7
Source Project: spring-session   Source File: WebSocketSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
	messages
		.simpMessageDestMatchers("/queue/**", "/topic/**").denyAll()
		.simpSubscribeDestMatchers("/queue/**/*-user*", "/topic/**/*-user*").denyAll()
		.anyMessage().authenticated();
}
 
Example 8
Source Project: bearchoke   Source File: WebSocketSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
        // Waiting on a response here: https://jira.spring.io/browse/SEC-2802
//        messages
//                .antMatchers(SimpMessageType.MESSAGE, "/user/queue/errors").permitAll()
//                .antMatchers(SimpMessageType.MESSAGE, "/user/*").hasRole("USER")
//                .antMatchers(SimpMessageType.MESSAGE, "/app/user/*").hasRole("USER")
//                .anyMessage().permitAll();
    }
 
Example 9
Source Project: joal   Source File: WebSocketAuthorizationSecurityConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Override
protected void configureInbound(final MessageSecurityMetadataSourceRegistry messages) {
    messages.anyMessage().authenticated();
}
 
Example 10
Source Project: tutorials   Source File: SocketSecurityConfig.java    License: MIT License 4 votes vote down vote up
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
    messages
            .simpDestMatchers("/secured/**", "/secured/**/**").authenticated()
            .anyMessage().authenticated();
}
 
Example 11
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
   	
	messages
	.simpMessageDestMatchers(Constants.WS_TOPIC_ACTIVITY_FEED_PATH, "/queue/*", "/app/queue/*").permitAll();
	
}