Commit Graph

448 Commits

Author SHA1 Message Date
Rossen Stoyanchev
33f9eadd6a Ensure concurrent WebSocketSession wrapper is used
Issue: SPR-13326
2015-08-13 08:01:50 -04:00
Juergen Hoeller
7575271075 Polishing 2015-07-30 17:52:33 +02:00
Rossen Stoyanchev
3eb54cc0b3 Avoid duplicates from <websocket:decorator-factory>
Before this change <websocket:decorator-factory> decorated to
the SubProtocolWebSocketHandler RootBeanDefinition rather than
using a RuntimeBeanReference, which led to a separate instance
of SubProtocolWebSocketHandler to be created.

Issue: SPR-13190
2015-07-06 07:52:12 -04:00
Juergen Hoeller
bf38b3a4fc Polishing
(cherry picked from commit 92bf32b)
2015-05-23 20:37:21 +02:00
Juergen Hoeller
aa3a78aa0e SockJsTransportFailureException provides constructor variant without session id
(cherry picked from commit e0a11f2)
2015-05-23 20:37:15 +02:00
Juergen Hoeller
6cdc208c73 Polishing 2015-05-23 00:09:58 +02:00
Juergen Hoeller
633d13ffab Actual hasText assertion in SockJsFrame
Issue: SPR-13019
(cherry picked from commit 02d28ae)
2015-05-13 16:11:59 +02:00
Rossen Stoyanchev
b44044e36f Allow "ws" and "wss" for isValidCorsOrigin checks
Issue: SPR-12956
2015-05-04 11:02:55 -04:00
Brian Clozel
e2a55ced50 Fix client-library-url ignored in MVC namespace
Prior to this commit, the `client-library-url` XML attribute was not
effective in the MVC namespace, leaving the default value configured:

```xml
<websocket:sockjs client-library-url="/js/sockjs.js" />
```

This commit fixes the sockjs namespace handler and makes sure that this
attribute is configured on the `SockJsService` Bean to be created.

Issue: SPR-12874
2015-04-01 15:38:33 +02:00
Juergen Hoeller
52ed9b7106 Consistent javadoc param declarations for type variables
(cherry picked from commit d23893f)
2015-03-25 01:02:40 +01:00
Juergen Hoeller
3570a9a94a Polishing
(cherry picked from commit 2b34094)
2015-02-27 22:36:02 +01:00
Sebastien Deleuze
5db4e4bab0 Adjust log level for invalid SockJS or Websocket requests 2015-02-19 16:06:06 +01:00
Rossen Stoyanchev
6fafe63311 Ignore Pong messages in StompSubProtocolHandler
Issue: SPR-12728
2015-02-18 12:27:13 -05:00
Rossen Stoyanchev
f1e406c63b Fix handling of empty payload Pong message on Jetty
Issue: SPR-12727
2015-02-18 12:27:13 -05:00
Sebastien Deleuze
23fa37b08b Change SockJS and Websocket default allowedOrigins to same origin
This commit adds support for a same origin check that compares
Origin header to Host header. It also changes the default setting
from all origins allowed to only same origin allowed.

Issues: SPR-12697, SPR-12685
(cherry picked from commit 6062e15)
2015-02-18 17:26:55 +01:00
Sebastien Deleuze
cc78d40c6b Fix SockJS origin check
This commit introduces the following changes:
 - Requests without Origin header are not rejected anymore
 - Disable Iframe when allowedOrigins is not empty and not equals to *
 - The Iframe is not cached anymore in order to have a reliable origin check
 - allowedOrigins must not be null or empty
 - allowedOrigins format is now validated (should be * or start by http(s)://)

Issue: SPR-12660
(cherry picked from commit 9b3319b)
2015-02-18 17:26:44 +01:00
Rossen Stoyanchev
f398dd03a7 Pass SockJS session attributes to HandshakeHandler
Before this change the WebSocketTransportHandler passed
Collections.emptyMap as attributes to the HandshakeHandler because
it didn't matter what attributes the underlying WebSocketSession has
since it is wrapped by the SockJsSession and that's what exposed for
use everywhere.

This change has the WebSocketTransportHandler passing the attributes
from the SockJsSession instead since it's more accurate for the
underlying WebSocketSession to have access to the same map instance
and it allows the HandshakeHandler to change the attributes even if
it doesn't need to do that today.

Issue: SPR-12716
2015-02-16 14:32:03 -05:00
Rossen Stoyanchev
d63cfc8eeb Add JdkIdGenerator and use it in SockJS client
Issue: SPR-12658
2015-01-22 21:29:18 -05:00
Rossen Stoyanchev
51367dec05 Refine condition to send WebSocket binary messages
The following two refinements have been added:
1) SockJS doesn't support binary messages so don't even try
2) don't bother if payload.length == 0

Issue: SPR-12475
2014-12-29 15:13:09 -05:00
Rossen Stoyanchev
670974d76a Allow sending binary messages with STOMP
After this change the StompSubProtocolHandler sends STOMP frames
with content-type=octet-stream as a binary WebSocket message.

Issue: SPR-12475
2014-12-23 14:24:43 -05:00
Rossen Stoyanchev
b796c1e87e Synchronize message sending
Issue: SPR-12516
2014-12-07 16:10:40 -05:00
Sebastien Deleuze
2fccf3ff44 Add support for autowiring Jackson handlers
This commit introduces the SpringHandlerInstantiator
class, a Jackson HandlerInstantiator that allows to autowire
Jackson handlers (JsonSerializer, JsonDeserializer, KeyDeserializer,
TypeResolverBuilder and TypeIdResolver) if needed.

SpringHandlerInstantiator is automatically used with
@EnableWebMvc and <mvc:annotation-driven />.

Issue: SPR-10768
2014-12-05 17:37:28 +01:00
Sebastien Deleuze
fbd85925de Use Jackson improved default configuration everywhere
With this commit, Jackson builder is now used in spring-websocket
to create the ObjectMapper instance.

It is not possible to use the builder for spring-messaging
and spring-jms since these modules don't have a dependency on
spring-web, thus they now just customize the same features:
 - MapperFeature#DEFAULT_VIEW_INCLUSION is disabled
 - DeserializationFeature#FAIL_ON_UNKNOWN_PROPERTIES is disabled

Issue: SPR-12293
2014-12-03 09:49:41 +01:00
Rossen Stoyanchev
dc5b5ca8ee Check the user of a SockJS request
Issue: SPR-12497
2014-12-02 12:13:35 -05:00
Juergen Hoeller
e6d7af4ea8 Polishing 2014-11-28 17:36:58 +01:00
Juergen Hoeller
0caeffcd54 Polishing
(cherry picked from commit 7e07f3d)
2014-11-27 18:57:57 +01:00
Brian Clozel
bb150c47cf Add undertow 1.1.0.Final support
Upgrade undertow dependency to 1.1.0.Final.
Add support for undertow 1.1.0.Final in the
UndertowRequestUpgradeStrategy, after a breaking change in the
`io.undertow.websockets.jsr.ConfiguredServerEndpoint` constructor.

Issue: SPR-12302
2014-11-24 14:22:10 +01:00
Juergen Hoeller
05bdc2cf77 Consistent declaration and use of UTF-8 Charset constants, plus related polishing 2014-11-11 02:38:30 +01:00
Juergen Hoeller
9ff8a01f29 Polishing 2014-11-07 17:14:50 +01:00
Brian Clozel
1fff631daa Fix SubProtocolHandler duplicate registration
Prior to this change, duplicate SubProtocolHandlers could be registered
when configuring STOMP with several registrations:

    public void registerStompEndpoints
          (final StompEndpointRegistry registry) {
      this.endpointRegistry.addEndpoint("/stompOverWebSocket");
      this.endpointRegistry.addEndpoint("/stompOverSockJS").withSockJS();
    }

This commit registers sub-protocols in a Set instead of a list (see
SubProtocolWebSocketHandler), thus fixing the issue.

Issue: SPR-12403
2014-11-03 14:25:27 +01:00
Sam Brannen
14f4d34fdb Clean up warnings in spring-websocket 2014-11-01 16:11:57 +01:00
Juergen Hoeller
1146d5ba1d Polishing 2014-10-29 22:44:59 +01:00
Rossen Stoyanchev
38ef6dec50 Fix test issue with Set iteration order 2014-10-29 17:23:04 -04:00
Rossen Stoyanchev
8f21c85511 Explicitly close Spring context in WS integration test 2014-10-28 22:10:49 -04:00
Rossen Stoyanchev
8c727be4e1 Close Spring context in SockJS integration test setup 2014-10-28 17:51:15 -04:00
Rossen Stoyanchev
70e6e3bb39 Fix condition check in SockJsClient lifecycle method 2014-10-28 17:51:15 -04:00
Rossen Stoyanchev
da612d079f Replace "if(" with "if (" 2014-10-27 09:04:23 -04:00
Sebastien Deleuze
6592784ef4 Fix a package tangle between SockJS support and transport packages
Issue: SPR-12379
2014-10-27 13:28:01 +01:00
Sebastien Deleuze
58f4014b17 Add an option to disable automatic addition of CORS header
Issues: SPR-12283
2014-10-26 21:20:53 +01:00
Sebastien Deleuze
743356fa21 Add an option to set an Origin whitelist for Websocket and SockJS
This commit introduces a new OriginHandshakeInterceptor. It filters
Origin header value against a list of allowed origins.

AbstractSockJsService as been modified to:
 - Reject CORS requests with forbidden origins
 - Disable transport types that does not support CORS when an origin
   check is required
 - Use the Origin request header value instead of "*" for
   Access-Control-Allow-Origin response header value
   (mandatory when  Access-Control-Allow-Credentials=true)
 - Return CORS header only if the request contains an Origin header

It is possible to configure easily this behavior thanks to JavaConfig API
WebSocketHandlerRegistration#addAllowedOrigins(String...) and
StompWebSocketEndpointRegistration#addAllowedOrigins(String...).
It is also possible to configure it using the websocket XML namespace.

Please notice that this commit does not change the default behavior:
cross origin requests are still enabled by default.

Issues: SPR-12226
2014-10-26 21:18:04 +01:00
Rossen Stoyanchev
01aa64c534 Simple broker sends notice after disconnect
Before this change the simple broker simply removed subscriptions
upon receiving a DISCONNECT message assuming it was a result of
a client STOMP WebSocket session ending.

However, if the server-side application sends a DISCONNECT to
the broker in order to terminate a session, the STOMP WebSocket
session could remain unware without any further action. This
change ensures the simple broker sends a DISCONNECT_ACK message
downstream whenever it receives a DISCONNECT.

Issue: SPR-12288
2014-10-24 09:48:18 -04:00
Rossen Stoyanchev
687955a704 Add ImmutableMessageChannelInterceptor
This change adds a ChannelInterceptor that flips the immutable flag on
messages being sent. This allows components sending messages to leave
the message mutable for interceptors to further apply modifications
before the message is sent (and exposed to concurrency).

The interceptor is automatically added with the STOMP/WebSocket Java
and XML config and the StompSubProtocolHandler leaves parsed incoming
messages mutable so they can be further modified before being sent.

Issue: SPR-12321
2014-10-23 15:25:51 -04:00
Juergen Hoeller
3106905877 Polishing 2014-10-22 01:19:14 +02:00
Juergen Hoeller
8325b10080 Consistent formatting of license headers, package javadocs, and import declarations 2014-10-21 01:44:07 +02:00
Juergen Hoeller
b6fdcffc94 HttpSessionHandshakeInterceptor and related web.socket.server polishing
Issue: SPR-12352
2014-10-20 23:32:46 +02:00
Juergen Hoeller
77a62ec8b8 Polishing 2014-10-20 17:42:18 +02:00
Juergen Hoeller
10328f1c22 Reimplemented ServerEndpointExporter to avoid BeanPostProcessor role
Issue: SPR-12340
2014-10-20 17:41:14 +02:00
Rossen Stoyanchev
3056301015 Improve HttpSessionHandshakeInterceptor
Use explicit flag whether to copy all attributes.
2014-10-14 09:29:06 -04:00
Sam Brannen
2f54b273a5 Delete unused imports in spring-websocket module 2014-10-13 20:37:08 +02:00
Rossen Stoyanchev
97596fb9f6 Allow plugging in a WebSocketHandlerDecorator
The WebSocketMessageBroker config now allows wrapping the
SubProtocolWebSocketHandler to enable advanced use cases that may
require access to the underlying WebSocketSession.

Issue: SPR-12314
2014-10-13 09:35:51 -04:00