Skip to content

SEC-2914: Support @AuthenticationPrincipal on @SubscribeMapping endpoints #3129

New issue
New issue
Open
Open
SEC-2914: Support @AuthenticationPrincipal on @SubscribeMapping endpoints#3129
Labels
in: messagingAn issue in spring-security-messagingtype: enhancementA general enhancementtype: jiraAn issue that was migrated from JIRA
@spring-projects-issues

Description

@spring-projects-issues
spring-projects-issues
opened on Mar 25, 2015

Igor Kolomiets (Migrated from SEC-2914) said:

I'm using latest websocket/messaging related features of Spring Security 4 to secure my application's websocket messaging endpoints. We have many @SubscribeMapping annotated methods to provide request-response style of communication that need access to current authenticated user. Currently we do this to get authenticated user:

@SubscribeMapping("/foo")
public MyResponse foo(MyAuthenticationToken authenticationToken) {
MyUser user = authenticationToken.getPrincipal();
}

Naturally I'd like to use @AuthenticationPrincipal so we can do this:

@SubscribeMapping("/foo")
public MyResponse foo(@AuthenticationPrincipal MyUser user) {

}

But it looks like @AuthenticationPrincipal is only supported by @MessageMapping annotated methods. Can we have it work for those annotated with @SubscribeMapping?

Metadata

Metadata

Assignees

No one assigned

    Labels

    in: messagingAn issue in spring-security-messagingtype: enhancementA general enhancementtype: jiraAn issue that was migrated from JIRA

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions