Geek Answers Handbook

Get bound HTTPSession websocket session in spring

I have a simple web socket app that uses stomp. when a user visits a page, he automatically makes a point connection to the server. The user is authenticated using spring security. When the user closes the browser, I want the user to automatically log out. To do this, I create a listener to listen to SessionDisconnectEvent. The problem is that I don't have the httpSession handle associated with the websocket session? Is there a need to get httpsession from a websocket session?

here is my code:

<websocket:message-broker application-destination-prefix="/test">

        <websocket:stomp-endpoint path="/sbapp">
            <websocket:handshake-interceptors>
                <bean class="com.sample.HttpSessionIdHandshakeInterceptor"></bean>
            </websocket:handshake-interceptors>
            <websocket:sockjs />
        </websocket:stomp-endpoint>
        <websocket:stomp-broker-relay prefix="/topic,/queue,/user" relay-host="localhost" relay-port="61613"/>
    </websocket:message-broker>

here is my websocket session listener:

@Component
public class StompDisconnectListener implements ApplicationListener<SessionDisconnectEvent>{

    @Override
    public void onApplicationEvent(SessionDisconnectEvent event) {

        System.out.println("Stomp disconnect: " + event.getSessionId());
    }
}

, , HttpSession, HttpSession. ?

+4
3

, , sessionAttributes .

HttpSessionHandshakeInterceptor dispatcher-servlet.xml:

<websocket:message-broker
    application-destination-prefix="/test">
    <websocket:stomp-endpoint path="/sbapp">
        <websocket:handshake-interceptors>
            <bean class="org.springframework.web.socket.server.support.HttpSessionHandshakeInterceptor"/>
        </websocket:handshake-interceptors>
        <websocket:sockjs session-cookie-needed="true" />
    </websocket:stomp-endpoint>
    <websocket:simple-broker prefix="/topic, /message" />
</websocket:message-broker>

:

@MessageMapping("/authorization.action")
public Message authorizationAction(
        SimpMessageHeaderAccessor headerAccessor, Message message) {
    String sessionId = headerAccessor.getSessionId();
    Map<String, Object> sessionAttributes = headerAccessor.getSessionAttributes();
    System.out.println(sessionId);
    System.out.println(sessionAttributes);
    // Do something with session
    return new Message(...);
}

.

+2

Spring WebSockets. , . SessionDisconnectEvent HttpSessionID :

import org.springframework.context.ApplicationListener;
import org.springframework.messaging.simp.SimpMessageHeaderAccessor;
import org.springframework.web.socket.messaging.SessionDisconnectEvent;

public class WebSocketDisconnectHandler<S>
    implements ApplicationListener<SessionDisconnectEvent> {

    public void onApplicationEvent(SessionDisconnectEvent event) {
    String session = SimpMessageHeaderAccessor.getSessionAttributes(event.getMessage().getHeaders()).get("HTTP.SESSION.ID").toString();
    }
}

( , :)

headers {simpMessageType=CONNECT, stompCommand=CONNECT, nativeHeaders={X-XSRF-TOKEN=[cb73273e-bff3-4eb7-965d-4c696e22c25a], accept-version=[1.1,1.0], heart-beat=[10000,10000]}, simpSessionAttributes={HTTP.SESSION.ID=6dd63204-d5ec-4362-8f37-29af5605298d, org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.CSRF_TOKEN=org.springframework.security.web.csrf.DefaultCsrfToken@10b64145, org.springframework.security.web.csrf.CsrfToken=org.springframework.security.web.csrf.DefaultCsrfToken@10b64145}, simpHeartbeat=[J@3955ead4, simpSessionId=3x25c1e5}

bean WebSocket, ExpingSession:

import your.package.WebSocketDisconnectHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.session.ExpiringSession;

@Configuration
public class WebSocketHandlersConfig<S extends ExpiringSession> {

    @Bean
    public WebSocketDisconnectHandler<S> webSocketDisconnectHandler() {
        return new WebSocketDisconnectHandler<S>();
    }
}
+2

More articles:


All Articles