2015-05-04 150 views
2

我想保護我的WebSockets,但在配置中有一些麻煩。 我正在嘗試使用JavaConfig。我需要它允許只聽授權用戶的websockets。 請幫我在我的問題WebSocket安全Java配置

我的WebSocket安全配置:

@Configuration 
public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer { 

    @Override 
    protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) { 
     messages 
       .simpMessageDestMatchers("/chat/**").permitAll() 
       .anyMessage().authenticated(); 
    } 
} 

55 [RMI TCP Connection(7)-127.0.0.1] INFO org.springframework.web.context.ContextLoader - Root WebApplicationContext: initialization started 
148 [RMI TCP Connection(7)-127.0.0.1] INFO org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Refreshing Root WebApplicationContext: startup date [Mon May 04 14:25:20 EEST 2015]; root of context hierarchy 
217 [RMI TCP Connection(7)-127.0.0.1] INFO org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Registering annotated classes: [class org.myapp.server.config.DatabaseConfig,class org.myapp.server.config.DataSourceConfig,class org.myapp.server.config.RemountingServicesConfig,class org.myapp.server.config.WebConfig,class org.myapp.server.config.WebSocketConfig,class org.myapp.server.config.MongoConfig] 
728 [RMI TCP Connection(7)-127.0.0.1] ERROR org.springframework.web.context.ContextLoader - Context initialization failed 
java.lang.NoClassDefFoundError: org/springframework/security/messaging/web/csrf/CsrfChannelInterceptor 
    at java.lang.Class.getDeclaredMethods0(Native Method) 
    at java.lang.Class.privateGetDeclaredMethods(Class.java:2688) 
    at java.lang.Class.getDeclaredMethods(Class.java:1962) 
    at org.springframework.util.ReflectionUtils.getDeclaredMethods(ReflectionUtils.java:571) 
    at org.springframework.util.ReflectionUtils.doWithMethods(ReflectionUtils.java:490) 
    at org.springframework.util.ReflectionUtils.doWithMethods(ReflectionUtils.java:503) 
    at org.springframework.util.ReflectionUtils.doWithMethods(ReflectionUtils.java:474) 
    at org.springframework.util.ReflectionUtils.getUniqueDeclaredMethods(ReflectionUtils.java:534) 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.getTypeForFactoryMethod(AbstractAutowireCapableBeanFactory.java:677) 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.determineTargetType(AbstractAutowireCapableBeanFactory.java:621) 
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:591) 
    at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1397) 
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.doGetBeanNamesForType(DefaultListableBeanFactory.java:434) 
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:404) 
    at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanFactoryPostProcessors(PostProcessorRegistrationDelegate.java:97) 
    at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:606) 
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:462) 
    at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:403) 
    at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:306) 
    at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:106) 
    at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4708) 
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5135) 
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) 
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725) 
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701) 
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:714) 
    at org.apache.catalina.startup.HostConfig.manageApp(HostConfig.java:1585) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) 
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) 
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) 
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:463) 
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:413) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) 
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) 
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) 
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1466) 
    at javax.management.remote.rmi.RMIConnectionImpl.access$300(RMIConnectionImpl.java:76) 
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1307) 
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1399) 
    at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:828) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:323) 
    at sun.rmi.transport.Transport$1.run(Transport.java:178) 
    at sun.rmi.transport.Transport$1.run(Transport.java:175) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at sun.rmi.transport.Transport.serviceCall(Transport.java:174) 
    at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:557) 
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:812) 
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:671) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at java.lang.Thread.run(Thread.java:745) 
Caused by: java.lang.ClassNotFoundException: org.springframework.security.messaging.web.csrf.CsrfChannelInterceptor 
    at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1305) 
    at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1157) 
    ... 63 more 
04-May-2015 14:25:21.102 SEVERE [RMI TCP Connection(7)-127.0.0.1] org.apache.catalina.core.StandardContext.startInternal Error listenerStart 
04-May-2015 14:25:21.103 SEVERE [RMI TCP Connection(7)-127.0.0.1] org.apache.catalina.core.StandardContext.startInternal Context [/server] startup failed due to previous errors 
731 [RMI TCP Connection(7)-127.0.0.1] INFO org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Closing Root WebApplicationContext: startup date [Mon May 04 14:25:20 EEST 2015]; root of context hierarchy 
731 [RMI TCP Connection(7)-127.0.0.1] WARN org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Exception thrown from ApplicationListener handling ContextClosedEvent 
java.lang.IllegalStateException: ApplicationEventMulticaster not initialized - call 'refresh' before multicasting events via the context: Root WebApplicationContext: startup date [Mon May 04 14:25:20 EEST 2015]; root of context hierarchy 
    at org.springframework.context.support.AbstractApplicationContext.getApplicationEventMulticaster(AbstractApplicationContext.java:344) 
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:331) 
    at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:869) 
    at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:836) 
    at org.springframework.web.context.ContextLoader.closeWebApplicationContext(ContextLoader.java:579) 
    at org.springframework.web.context.ContextLoaderListener.contextDestroyed(ContextLoaderListener.java:115) 
    at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:4751) 
    at org.apache.catalina.core.StandardContext.stopInternal(StandardContext.java:5352) 
    at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:232) 
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:160) 
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725) 
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701) 
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:714) 
    at org.apache.catalina.startup.HostConfig.manageApp(HostConfig.java:1585) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) 
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) 
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) 
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:463) 
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:413) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) 
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) 
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) 
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1466) 
    at javax.management.remote.rmi.RMIConnectionImpl.access$300(RMIConnectionImpl.java:76) 
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1307) 
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1399) 
    at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:828) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:323) 
    at sun.rmi.transport.Transport$1.run(Transport.java:178) 
    at sun.rmi.transport.Transport$1.run(Transport.java:175) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at sun.rmi.transport.Transport.serviceCall(Transport.java:174) 
    at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:557) 
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:812) 
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:671) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at java.lang.Thread.run(Thread.java:745) 
737 [RMI TCP Connection(7)-127.0.0.1] WARN org.springframework.web.context.support.AnnotationConfigWebApplicationContext - Exception thrown from LifecycleProcessor on context close 
java.lang.IllegalStateException: LifecycleProcessor not initialized - call 'refresh' before invoking lifecycle methods via the context: Root WebApplicationContext: startup date [Mon May 04 14:25:20 EEST 2015]; root of context hierarchy 
    at org.springframework.context.support.AbstractApplicationContext.getLifecycleProcessor(AbstractApplicationContext.java:357) 
    at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:877) 
    at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:836) 
    at org.springframework.web.context.ContextLoader.closeWebApplicationContext(ContextLoader.java:579) 
    at org.springframework.web.context.ContextLoaderListener.contextDestroyed(ContextLoaderListener.java:115) 
    at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:4751) 
    at org.apache.catalina.core.StandardContext.stopInternal(StandardContext.java:5352) 
    at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:232) 
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:160) 
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725) 
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701) 
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:714) 
    at org.apache.catalina.startup.HostConfig.manageApp(HostConfig.java:1585) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) 
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) 
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) 
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:463) 
    at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:413) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) 
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) 
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) 
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1466) 
    at javax.management.remote.rmi.RMIConnectionImpl.access$300(RMIConnectionImpl.java:76) 
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1307) 
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1399) 
    at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:828) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:483) 
    at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:323) 
    at sun.rmi.transport.Transport$1.run(Transport.java:178) 
    at sun.rmi.transport.Transport$1.run(Transport.java:175) 
    at java.security.AccessController.doPrivileged(Native Method) 
    at sun.rmi.transport.Transport.serviceCall(Transport.java:174) 
    at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:557) 
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:812) 
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:671) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at java.lang.Thread.run(Thread.java:745) 
[2015-05-04 02:25:21,625] Artifact org.myapp.server:war exploded: Error during artifact deployment. See server log for details. 

如何才能解決這個問題呢? 感謝援助提供

+0

你找到任何解決這個? – Extrawurst

回答

8

好像你忘了,包括在你的pom.xml正確的jar文件(如果使用maven)。

如果您使用的春天啓動時,您需要添加:

<dependency> 
    <groupId>org.springframework.boot</groupId> 
    <artifactId>spring-boot-starter-security</artifactId> 
</dependency> 

<dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-messaging</artifactId> 
</dependency>