marcus-held
commented
7 years ago I do have the same need in my application. Is there any update on this? Will we have this in the roadmap anytime soon?
Open spring-projects-issues opened 9 years ago
marcus-held
commented
7 years ago I do have the same need in my application. Is there any update on this? Will we have this in the roadmap anytime soon?
Igor Kolomiets (Migrated from SEC-2914) said:
I'm using latest websocket/messaging related features of Spring Security 4 to secure my application's websocket messaging endpoints. We have many @SubscribeMapping annotated methods to provide request-response style of communication that need access to current authenticated user. Currently we do this to get authenticated user:
@SubscribeMapping("/foo") public MyResponse foo(MyAuthenticationToken authenticationToken) { MyUser user = authenticationToken.getPrincipal(); }
Naturally I'd like to use @AuthenticationPrincipal so we can do this:
@SubscribeMapping("/foo") public MyResponse foo(@AuthenticationPrincipal MyUser user) {
}
But it looks like @AuthenticationPrincipal is only supported by @MessageMapping annotated methods. Can we have it work for those annotated with @SubscribeMapping?