root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch '5.3.x'

This commit is contained in:
Sam Brannen 2022-01-08 16:36:21 +01:00
parent b981e36174 709a41fd43
commit ae5d8b645b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/docs/asciidoc/web/websocket.adoc
View File

@ -1732,11 +1732,11 @@ the user is already authenticated at the HTTP transport level, and expects that
the WebSocket or SockJS session contain the authenticated user.
NOTE: Spring Security provides
https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#websocket[WebSocket sub-protocol authorization]
https://docs.spring.io/spring-security/reference/servlet/integrations/websocket.html#websocket-authorization[WebSocket sub-protocol authorization]
that uses a `ChannelInterceptor` to authorize messages based on the user header in them.
Also, Spring Session provides a
https://docs.spring.io/spring-session/docs/current/reference/html5/#websocket[WebSocket integration]
that ensures the user HTTP session does not expire when the WebSocket session is still active.
Also, Spring Session provides
https://docs.spring.io/spring-session/reference/web-socket.html[WebSocket integration]
that ensures the user's HTTP session does not expire while the WebSocket session is still active.