@Override
public void modifyHandshake(
ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) {
// Is Authenticated?
Principal principal = request.getUserPrincipal();
if (principal == null) {
throw new RuntimeException("Not authenticated");
}
// Is Authorized?
if (!request.isUserInRole("websocket")) {
throw new RuntimeException("Not authorized");
}
// normal operation
super.modifyHandshake(sec, request, response);
}
@Override
public void modifyHandshake(
ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) {
delegate.modifyHandshake(sec, request, response);
// do not store null keys/values because Tomcat 8 uses ConcurrentMap for UserProperties
Map<String, Object> userProperties = sec.getUserProperties();
Object httpSession = request.getHttpSession();
LOG.trace("httpSession: {}", httpSession);
if (httpSession != null) {
userProperties.put("session", httpSession);
}
Map<String, List<String>> headers = request.getHeaders();
LOG.trace("headers: {}", headers);
if (headers != null) {
userProperties.put("headers", headers);
}
Map<String, List<String>> parameterMap = request.getParameterMap();
LOG.trace("parameterMap: {}", parameterMap);
if (parameterMap != null) {
userProperties.put("parameterMap", parameterMap);
}
String queryString = request.getQueryString();
LOG.trace("queryString: {}", queryString);
if (queryString != null) {
userProperties.put("queryString", queryString);
}
URI requestURI = request.getRequestURI();
LOG.trace("requestURI: {}", requestURI);
if (requestURI != null) {
userProperties.put("requestURI", requestURI);
}
Principal userPrincipal = request.getUserPrincipal();
LOG.trace("userPrincipal: {}", userPrincipal);
if (userPrincipal != null) {
userProperties.put("userPrincipal", userPrincipal);
}
}
