从这里实现(http://grails.org/plugin/spring-websocket)正在工作,但是Spring安全插件无法识别经过身份验证的用户。我可以想象为什么这不起作用,但有人设法让这个控制器中的springSecurityService识别出经过身份验证的用户吗?
我的控制器目前看起来是这样的:
@Secured('hasRole("ROLE_USER")')
class WebsocketChatController {
SpringSecurityService springSecurityService
def index() {}
@MessageMapping("/hello")
@SendTo("/topic/hello")
protected String hello(String world) {
return "hello from controller! ( character: " + springSecurityService.currentUser + ")"
}
}但是springSecurityService.currentUser为null。。。
试试这个:
@Secured('hasRole("ROLE_USER")')
class WebsocketChatController {
def index() {}
@MessageMapping("/hello")
@SendTo("/topic/hello")
protected String hello(String world, Principal principal) {
return "hello from controller! ( character: " + principal.name + ")"
}
}
}
如文件第21.4.4节注释消息处理所述(http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html)
java.security.Principal method arguments reflecting the user logged in at the time of the WebSocket HTTP handshake.
Principal将包含currentUser,正如您从SpringSecurity 中所知