The interface is to be implemented in addition to
java.security.Principal when Principal.getName() is not globally unique
enough for use in user destinations.
Issue: SPR-11327
sockjs-client expects a prelude to be written on every request with
streaming transports. The protocol tests don't make this clear and
don't expose this issue.
The test case for SPR-11183 (writing 20K messages in succession) did
expose the issue and this commit addresses it.
Issue: SPR-11183
This change adds a protected method to DefaultHandshakeHandler to
determine the user for the WebSocket session. By default it's
implemeted to obtain it from the request.
Issue: SPR-11228
The Jetty ServletWebUpgradeRequest implements getUserPrincipal to
return the Principal from the HttpServletRequest on the upgrade.
This change ensures we can fall back on that.
However the JettyRequestUpgradeStrategy still passes the user from
HttpServletRequest from the upgrade, in order to work with Jetty
9.0.x and avoid running into this 9.1.x issue:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=423118
The observed behavior was that the client does not get a response from
the WebSocket HTTP handshake. On the server the handshake actually
succeeds, the response is set correctly to status 101, and the
WebSocketHandler gets notified of the successfully established
connection.
This change flushes the ServletResponse just before returning from the
GlassfishRequestUpgradeStrategy. This is actually what Glassfish's own
TyrusServletFilter does as well at the end along with a comment that it
is a possible bug.
This commit adds an XML namespace equivalent of @EnableWebSocket and
@EnableWebSocketMessageBroker. Those are <websocket:handlers> and
<websocket:message-broker> respectively.
Examples can be found in the test suite.
This commit also alters the way MessageHandler's subscribe to their
respective MessageChannel's of interest. Rather than performing the
subscriptions in configuration code, the message channels are now
passed into MessageHandler's so they can subscribe themselves on
startup.
Issue: SPR-11063
Apply consistent styling to new classes introduced in Spring 4.0.
- Javadoc line wrapping, whitespace and formatting
- General code whitespace
- Consistent Assert.notNull messages
@EnableWebSocketMessageBroker message channel configuration can now be
customized via WebSocketMessageBrokerConfigurer. It is necessary to
make this easy and even required as part of the basic configuration
since by default the message channels are backed by a thread pool of
size 1, not suitable for production use.
Issue: SPR-11023
Two concurrent threads should not send a message on a single WebSocket
session at the same time, for example see:
http://docs.oracle.com/javaee/7/api/javax/websocket/RemoteEndpoint.Basic.html
In StompSubProtocolHandler it is quite possible that multiple messages
may be broadcast to a single WebSocket client concurrently.
This change adds synchronization around the sending of a message to a
specific cilent session.
Issue: SPR-11023
Fix a variety of typos throughout the project, primarily in
comments (javadoc or otherwise) but also in a handful of log messages
and a couple exception messages.
ISSUE: SPR-11123
The addition of SubProtocolCapable simplifies configuration since it is
no longer necessary to explicitly configure DefaultHandshakeHandler
with a list of supported sub-protocols. We will not also check if the
WebSocketHandler to use for the WebSocket request is an instance of
SubProtocolCapable and obtain the list of sub-protocols that way. The
provided SubProtocolWebSocketHandler does implement this interface.
Issue: SPR-11111
Fix remaining Java compiler warnings, mainly around missing
generics or deprecated code.
Also add the `-Werror` compiler option to ensure that any future
warnings will fail the build.
Issue: SPR-11064
Before this change spring-messaging contained a few WebSocket-related
classes including WebSocket sub-protocol support for STOMP as well
as @EnableWebSocketMessageBroker and related configuration classes.
After this change those classes are located in the spring-websocket
module under org.springframework.web.socket.messaging.
This means the following classes in application configuration must
have their packages updated:
org.springframework.web.socket.messaging.config.EnableWebSocketMessageBroker
org.springframework.web.socket.messaging.config.StompEndpointRegistry
org.springframework.web.socket.messaging.config.WebSocketMessageBrokerConfigurer
MessageBrokerConfigurer has been renamed to MessageBrokerRegistry and
is also located in the above package.
Before this change the amount of logging was too little or too much
with TRACE turned on. This change separates useful debugging
information and logs it under DEBUG and leaves more detailed
information to be logged under TRACE.
Before this change subscribing to a user-specific destination in STOMP
required manually appending a unique queue suffix provided in a header
with the CONNECTED frame.
This change removes the need to do that. Instead STOMP clients can
subscribe to "/user/queue/error" and can then begin to receive messages
sent to "/user/{username}/queue/error" without colliding with any other
user doing the same.
Issue: SPR-11077
This changes switches from using Jetty's WebSocketListener interface
to use Jetty's @WebSocket annotations instead. The change should be
transparent but the annnotations provide a little more controler
including handling pong frames.
This change also introduces a WebSocketMessage interface.
Issue: SPR-10877
- add WebSocketHttpHeaders
- client-side support for WebSocket extensions
- DefaultHandshakeHandler updates
- replace use of ServletAttributes in JettyRequestUpgradeStratey
- upgrade spring-web to jetty 9.0.5
This commits adds simple, overridable WebSocket Extension
filtering during the handshake phase and adds that
information in the WebSocket session.
The actual WebSocket Extension negotiation happens
within the server implementation (Glassfish, Jetty, Tomcat...),
so one can only remove requested extensions from
the list provided by the WebSocket client.
See RFC6455 Section 9.
Issue: SPR-10843
Commit 2397b21096 changed websocket
support to use GlassFish 4.0.1 nightlies, but broke support for 4.0. In
GlassFish 4.0.1, the package that TyrusEndpoint is located in changed.
This commit provides an abstract handler that does all required
GlassFish setup, but delegates to version specific upgrade handlers to
create the final TyrusEndpoint.
GlassFish 4.0 handler uses reflection to create its endpoint to prevent
dependency issues of depending on different versions of
tyrus-websocket-core and tyrus-container-servlet
After this change, annotated message handling methods configured to use
a destination prefix (e.g. "/app") no longer have to include the prefix
in their mapping. For example if a client sends a message to "/app/foo"
the annotated methods should be mapped with @MessageMapping("/foo").
Ensure configuration provided for WebSocketHandler's (eg interceptors,
or HandshakeHandler) are passed on to the SockJsService if congiured.
Better separate Servlet-specific parts of the configuration to make it
more obvious where non-Servlet alternatives could fit in.
Add more tests.
Improve WebSocket integration tests.
While RC2 is not yet out, we need to support RC1 as well.
This change introduces temporary code that can be removed
once RC2 becomes available to avoid having to use Tomcat
snapshots.
After this change the DefaultHandshakeHandler delegates to a
server-specific RequestUpgradeStrategy to update the HTTP response for
the handshake request and to begin the WebSocket interaction.
The DefaultHandshakeHandler however still retains the initial
validation of the WebSocket handshake including negotation of origin,
sub-protocol, etc. This allows sub-classes to override various
aspects of the negotiation independant of the WebSocket engine.
In addition to implementing ServerEndpointConfig, the
ServerEndpointRegistration now also extends
ServerEndpointConfig.Configurator making it easier to override
handshake customization methods without having to extend a separate
class.
Tomcat now provides a method for initiating a WebSocket upgrade at
runtime vs relying on JSR-356 deployment at startup. This change
switches to use that latest feature. For more information on the
Tomcat change see:
https://issues.apache.org/bugzilla/show_bug.cgi?id=55314#c7
Although ServletHttpRequest provides access to Cookies, other
implementations may not. At the moment this was only needed
for SockJS to check the value of the JSESSIONID cookie. This
is now down by parsing the raw cookie values locally.
If comprehensive cookie support is to be added, we should
probably consider HttpHeaders as a potential candidate.
A HandshakeInterceptor can be used to intercept WebSocket handshakes
(or SockJS requests where a new session is created) in order to
inspect the request and response before and after the handshake
including the ability to pass attributes to the WebSocketHandler,
which the hander can access through
WebSocketSession.getHandshakeAttributes()
An HttpSessionHandshakeInterceptor is available that can copy
attributes from the HTTP session to make them available to the
WebSocket session.
Issue: SPR-10624
The method returning query parameters now returns only query string
parameters as opposed to any Servlet request parameter.
This commit also adds a ReadOnlyMultiValueMap.
ServerHttpAsyncResponseControl wraps a ServetHttpRequest and -Response
pair and allows putting the processing of the request in async mode
so that the response remains open until explicitly closed, either from
the current or from another thread.
ServletServerHttpAsyncResponseControl provides a Serlvet-based
implementation.
A getCookies method is now available on ServerHttpRequest with one
ServletServerCookie implementation that wraps a Servlet cookie.
The SockJS service makes use of this to check for an existing session
cookie in the request.
Add SubProtocolHandler to encapsulate the logic for using a
sub-protocol.
A SubProtocolWebSocketHandler is also provided to
delegate to the appropriate SubProtocolHandler based on the
negotiated sub-protocol value at handshake.
StompSubProtocolHandler provides handling for STOMP messages.
Issue: SPR-10786
A SockJS message frame is an array of JSON-encoded messages and before
this change the use of the Jackson 2 library was hard-coded.
A Jackson 2 and Jackson 1.x implementations are provided and
automatically used if those libraries are present on the classpath.
Issue: SPR-10800
The method WsServerContainer.getServerContainer() was removed from
JSR-356 but remained in Tomcat a little while longer. Instead the
ServerContainer is obtained through a ServletContext attribute.
Tomcat has now removed this method, hence the need for this fix.
The SubscriptionRegistry and implementations are now in a package
together with SimpleBrokerWebMessageHandler and primarily support
with matching subscriptions to messages. Subscriptions can contain
patterns as supported by AntPathMatcher.
StopmWebSocketHandler no longer keeps track of subscriptions and simply
ignores messages without a subscription id, since it has no way of
knowing broker-specific destination semantics for patterns.
The Reactor Environment (that's used by the TcpClient) manages a
number of threads. To ensure that these threads are cleaned up
Environment.shutdown() must be called when the Environment is no
longer needed.
A new type MessageHeaderAccesssor provides read/write access to
MessageHeaders along with typed getter/setter methods along the lines
of the existing MessageBuilder methods (internally MessageBuilder
merely delegates to MessageHeaderAccessor). This class is extensible
with sub-classes expected to provide typed getter/setter methods for
specific categories of message headers.
NativeMessageHeaderAccessor is one specific sub-class that further
provides read/write access to headers from some external message
source (e.g. STOMP headers). Native headers are stored in a separate
MultiValueMap and kept under a specific key.
Similar to @ExceptionHandler but for message processing. Such a method
can send messages to both the message broker channel and the client
channel provided the client is subscribed to the target destination.
The "system" STOMP session is established at startup and can be used
to send messages without a client session, e.g. to support broadcasting
from a REST/HTTP handler method.
MessageHolder holds the currently processed message in a ThreadLocal,
which allows PubSubMessageBuilder to automatically add a session id
to messages to be sent.
Rename to PubSubHeaderAccessor and StompHeaderAccessor
Move the renamed classes to support packages
Remove fromPayloadAndHeaders from MessageBuilder, just use
withPayload(..).copyHeaders(..) instead.
The use of an AtomicBoolean and no lock meant that it was possible
for a message to be queued and then never be flushed and sent to the
broker:
1. On t1, a message is received and isConnected is false. The message
will be queued.
2. On t2, CONNECTED is received from the broker. isConnected is set
to true, the queue is drained and the queued messages are forwarded
3. On t1, the message is added to the queue
To fix this, checking that isConnected is false (step 1 above) and the
queueing of a message (step 3 above) need to be performed as a unit
so that the flushing of the queued messages can't be interleaved. This
is achieved by synchronizing on a monitor and performing steps 1
and 3 and synchronizing on the same monitor while performing step 2.
The monitor is held while the messages are actually being forwarded
to the broker. An alternative would be to drain the queue into
a local variable, release the monitor, and then forward the messages.
The main advantage of this alternative is that the monitor is held for
less time. It also reduces the theoretical risk of deadlock by not
holding the monitor while making an alien call. The downside of the
alternative is that it may lead to messages being forwarded out of
order. For this reason the alternative approach was rejected.
When an annotated handler returns a Message from a @SubscribeEvent
or @MessageMapping method and it contains no destination in its
headers, use the received message's destination as the response
message's destination.
Without generics, extending AbstractPubSubChannelRegistry and using
a custom Message type requires some unpleasant casting and suppression
of warnings. By genericizing PubSubChannelRegistry and
AbstractPubSubChannelRegistry these problems can be avoided.
To improve compatibility between Spring's messaging classes and
Spring Integration, the type of Message that is created has been made
pluggable through the introduction of a factory abstraction;
MessageFactory.
By default a MessageFactory is provided that will create
org.springframework.messaging.GenericMessage instances, however this
can be replaced with an alternative implementation. For example,
Spring Integration can provide an implementation that creates
org.springframework.integration.message.GenericMessage instances.
This control over the type of Message that's created allows messages
to flow from Spring messaging code into Spring Integration code without
any need for conversion. In further support of this goal,
MessageChannel, MessageHandler, and SubscribableChannel have been
genericized to make the Message type that they deal with more
flexible.
org.springframework.web.stomp is now
org.springframework.web.messaging.stomp
Also classes in the ~.stomp.server and ~.stomp.adapter packages have
been renamed.
Allow WebSocketHandler methods to raise an exception.
By default we install ExceptionWebSocketHandlerDecorator, which logs
unhandled exceptions and closes the session. That decorator can be
extended or replaced.
Any exceptions that remain unhandled still (i.e. no exception handling
decorator), are caught in the lowest level before propagating to the
WebSocket engine or a SockJS transport handler and handled the same
way. That means default behavior is guaranteed but also fully
customizable.
WebSocketHandler implementations:
- methods must deal with exceptions locally
- uncaught runtime exceptions are handled by ending the session
- transport errors (websocket engine) are passed into handleError
WebSocketSession methods may raise IOException
SockJS implementation of WebSocketHandler:
- delegate SockJS transport errors into handleError
- stop runtime exceptions from user WebSocketHandler and end session
SockJsServce and TransportHandlers:
- raise IOException or TransportErrorException
HandshakeHandler:
- raise IOException
HandlerProvider is now an interface that can be used to plug in
WebSocket handlers with per-connection scope semantics. There are two
implementations, of the interface, one simple and a second that creates
handler instances through AutowireCapableBeanFactory.
HandlerProvider also provides a destroy method that is used to
apply a destroy callback whenever a client connection closes.
There is now a WebSocketMessage type with TextMessage and BinaryMessage
sub-types. WebSocketHandler is also sub-divided into TextMessageHandler
and BinaryMessageHandler, so that applications can choose to handle
text, binary, or both.
Also in this commit, the SockJsHandler and SockJsSession interfaces
have been removed. SockJsService now accepts WebSocketHandler.
As opposed to close(), which actively closes the session, the
onClosed method is called when the underlying connection has been
closed or disconnected.
Add HandlerProvider<T> class
Modify HandshakeHandler to accept + adapt WebSocketHandler at runtime
Modify SockJsService to accept + adapt SockJsHandler at runtime
This is useful to make sure response headers are written to the
underlying response. It is also useful in conjunction with long
running, async requests and HTTP streaming, to ensure the Servlet
response buffer is sent to the client without additional delay and
also causes an IOException to be raised if the client has gone away.
- configure SockJS handler by type (as well as by instance)
- add method to obtain SockJS handler instance via SockJsConfiguration
- detect presense of jsr-356 and use it if available
Rossen Stoyanchev
Juergen Hoeller
Brian Clozel
Phillip Webb
Eric Dahl
Michael Irwin
Sam Brannen
Jan Machacek
Andy Wilkinson
Phillip Webb
Rossen Stoyanchev
Rob Winch