search

spring-projects / spring-security

Spring Security
http://spring.io/projects/spring-security
Apache License 2.0
8.72k stars 5.86k forks source link

hasIpAddress in RSocket Security #7988

Open kacper-emersoft opened 4 years ago

kacper-emersoft commented 4 years ago

Summary

I cannot see any option to check/validate IP address of client using Spring Security RSocket library.

Actual Behavior

RSocket Security gives no option to validate or whitelist IP address of client on setup phase.

Expected Behavior

I would love to have similar method like .hasIpAddress in Webflux or MVC security configuration.

Configuration

Version

5.2.1.RELEASE

Sample

@Bean
    PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rSocket) {
        return rSocket
                .authorizePayload(authorize ->
                        authorize
                                .anyRequest().hasAnyRole(...) // hasIpAddress missing
                                .anyExchange().permitAll()
                )
                .jwt(Customizer.withDefaults())
                .build();
    }
kacper-emersoft commented 4 years ago

a bit more discussion in RSocket github: https://github.com/rsocket/rsocket-java/issues/743