Spring STOMP configure mutual authentication wss/ssl

Question

Is possible configure mutual authentication wss in Stomp client/server in spring boot with jetty server?

I have tried this with no success.

in client code i try to set SSLContext with user properties in client. The other example online use only tomcat properties.

@Service
@Slf4j
public class StompClient {

    @Value("${web-socket.server.endpoint}")
    private String URL;

    private WebSocketStompClient stompClient;

    private StompSession stompSession;

    private MutualAuthConfiguration mutualAuthConfiguration;


    @Autowired
    @Qualifier("MyStompSessionHandler")
    private StompSessionHandler sessionHandler;


    @Autowired
    public StompClient(MutualAuthConfiguration mutualAuthConfiguration) throws GeneralSecurityException, IOException {
        this.mutualAuthConfiguration = mutualAuthConfiguration;


        SSLContext sslContext = new SSLContextBuilder()
                .loadTrustMaterial(mutualAuthConfiguration.getTrustStore().getURL(), mutualAuthConfiguration.getTrustStorePassword().toCharArray())
                .loadKeyMaterial(mutualAuthConfiguration.getKeyStore().getURL(), mutualAuthConfiguration.getKeyStorePassword().toCharArray(), mutualAuthConfiguration.getKeyPassword().toCharArray())
                .build();

        StandardWebSocketClient wsClient = new StandardWebSocketClient();

      //FIXME is OK? i don't find correct properties for jetty.
        wsClient.getUserProperties().put("org.eclipse.jetty.server.SslConnectionFactory", sslContext);


        List<Transport> transports = new ArrayList<>(2);
        transports.add(new WebSocketTransport(wsClient));

        transports.add(new RestTemplateXhrTransport());



        WebSocketClient client = new SockJsClient(transports);

        stompClient = new WebSocketStompClient(client);
        stompClient.setMessageConverter(new MappingJackson2MessageConverter());
    }



}

How to configure server part for wss / ssl ? I dont find any information for configure

@Configuration
@EnableWebSocketMessageBroker
@Slf4j
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        config.enableSimpleBroker("/topic");
        config.setApplicationDestinationPrefixes("/app");

    }
  @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {

        registry.addEndpoint("/ws-test")
                .withSockJS()
                .setHeartbeatTime(1000).setWebSocketEnabled(true);
    }

score 0 · Answer 1 · answered Sep 17 '21 at 09:09

0

after several unsuccessful tests I switched to this library

https://github.com/TooTallNate/Java-WebSocket

that allows me to do everything I need.

Only problem that is not built into spring.

answered Sep 17 '21 at 09:09

Furetto

329
3
9

Spring STOMP configure mutual authentication wss/ssl

1 Answers1