Package org.springframework.security.config.annotation.rsocket

Class RSocketSecurity

java.lang.Object
org.springframework.security.config.annotation.rsocket.RSocketSecurity
public class RSocketSecurity extends Object
Allows configuring RSocket based security. A minimal example can be found below: 
 @Configuration
 @EnableRSocketSecurity
 public class SecurityConfig {
     @Bean
     PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
         rsocket
             .authorizePayload((authorize) ->
                 authorize
                     .anyRequest().authenticated()
             );
         return rsocket.build();
     }

     @Bean
     public MapReactiveUserDetailsService userDetailsService() {
          UserDetails user = User.withDefaultPasswordEncoder()
               .username("user")
               .password("password")
               .roles("USER")
               .build();
          return new MapReactiveUserDetailsService(user);
     }
 }
A more advanced configuration can be seen below: 
 @Configuration
 @EnableRSocketSecurity
 public class SecurityConfig {
     @Bean
     PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
         rsocket
             .authorizePayload((authorize) ->
                 authorize
                     // must have ROLE_SETUP to make connection
                     .setup().hasRole("SETUP")
                      // must have ROLE_ADMIN for routes starting with "admin."
                     .route("admin.*").hasRole("ADMIN")
                     // any other request must be authenticated for
                     .anyRequest().authenticated()
             );
         return rsocket.build();
     }
 }
Since:
5.2

  • Constructor Details

    • RSocketSecurity

      public RSocketSecurity()

  • Method Details

    • addPayloadInterceptor

      public RSocketSecurity addPayloadInterceptor(org.springframework.security.rsocket.api.PayloadInterceptor interceptor)
      Adds a PayloadInterceptor to be used. This is typically only used when using the DSL does not meet a users needs. In order to ensure the PayloadInterceptor is done in the proper order the PayloadInterceptor should either implement Ordered or be annotated with Order.
      Parameters:
      interceptor -
      Returns:
      the builder for additional customizations
      See Also:

    • authenticationManager

      public RSocketSecurity authenticationManager(org.springframework.security.authentication.ReactiveAuthenticationManager authenticationManager)

    • simpleAuthentication

      public RSocketSecurity simpleAuthentication(Customizer<RSocketSecurity.SimpleAuthenticationSpec> simple)
      Adds support for validating a username and password using Simple Authentication
      Parameters:
      simple - a customizer
      Returns:
      RSocketSecurity for additional configuration
      Since:
      5.3

    • basicAuthentication

      @Deprecated public RSocketSecurity basicAuthentication(Customizer<RSocketSecurity.BasicAuthenticationSpec> basic)
      Deprecated.
      Use simpleAuthentication(Customizer)
      Adds authentication with BasicAuthenticationPayloadExchangeConverter.
      Parameters:
      basic -
      Returns:
      this instance

    • jwt

      public RSocketSecurity jwt(Customizer<RSocketSecurity.JwtSpec> jwt)

    • authorizePayload

      public RSocketSecurity authorizePayload(Customizer<RSocketSecurity.AuthorizePayloadsSpec> authorize)

    • build

      public org.springframework.security.rsocket.core.PayloadSocketAcceptorInterceptor build()

    • setApplicationContext

      protected void setApplicationContext(org.springframework.context.ApplicationContext applicationContext) throws org.springframework.beans.BeansException
      Throws:
      org.springframework.beans.BeansException