2

We are using JWT token to authenticate the WebSocket Connect request by intercepting it in ChannelInterceptor.

But I could not find any way to specify the duration after which the WebSocket connection should expire based on the expiration of the JWT token.

Is there any way I could specify a specific duration for each connection after which they should automatically disconnect?

Abhinav Jain
  • 110
  • 1
  • 5
  • Will you not be checking the expiry of jwt before sending any event? – Shweta Valunj Apr 22 '21 at 16:47
  • @ShwetaValunj I am just publishing a message on a particular topic. Everyone subscribed to that topic will receive the message. Is there any way to check the expiry of JWT after the WebSocket connection is established? – Abhinav Jain Apr 23 '21 at 03:56
  • Can you explain where is the JWT stored? Before consuming the message from topic can you not check the expiry ? – Shweta Valunj Apr 23 '21 at 07:28
  • The message from the topic is being consumed at the front end. I do not want the check to be at the frontend (as users with expired tokens should not even receive new messages). JWT is being used to validate the WebSocket connection request. I am intercepting the request using ChannelInterceptor. – Abhinav Jain Apr 23 '21 at 11:47
  • I can suggest you the following. You can then check the expiry before sending the message or just before consuming the message. – Shweta Valunj Apr 23 '21 at 12:58
  • For me, preSend and preReceive methods of channel interceptors do not get called when publishing a message to a topic, i.e when the client is already subscribed to those topics and is receiving those messages from server. – Abhinav Jain May 07 '21 at 03:13
  • @AbhinavJain Could you please share the solution you approached for this? I have the same problem. – section117 Feb 23 '22 at 06:21
  • @section117 We could not find the perfect solution for this and used a workaround. Whenever a user establishes a WebSocket connection to the server, we save their session and its validity. Whenever we publish data to WebSocket we disconnect any session which is no longer valid. – Abhinav Jain Feb 24 '22 at 08:16
  • @AbhinavJain could you please tell me how exactly did you manage to disconnect the web socket session? If you could post any code it would be helpful. Also, how did you save the session? Did you just save the session ID or saved the complete session object? – section117 Mar 06 '22 at 19:56

0 Answers0