BayeuxServer bayeuxServer = ...;
bayeuxServer.setSecurityPolicy(new SecurityPolicy(){....});
public interface SecurityPolicy {
/**
* <p>Checks if a handshake message should be accepted.</p>
* <p>Both remote sessions and local sessions are subject to this check.
* Applications usually want local sessions (that is, server-side only sessions related to services)
* to always pass this check, so a typical implementation filters local session using
* {@link ServerSession#isLocalSession()}.</p>
* <源码调用处>是否可以握手
* @param server the {@link BayeuxServer} object
* @param session the session (not yet added to the BayeuxServer)
* @param message the handshake message
* @param promise the promise to notify whether the handshake message should be accepted and the
* {@link ServerSession} instance associated to the {@link BayeuxServer} object
*/
default void canHandshake(BayeuxServer server, ServerSession session, ServerMessage message, Promise<Boolean> promise) {
promise.succeed(canHandshake(server, session, message));
}
/**
* <p>Blocking version of {@link #canHandshake(BayeuxServer, ServerSession, ServerMessage, Promise)}.</p>
* 是否可以握手 返回true表示通过 false不通过 由上面canHandshake根据返回值调度
* @param server the {@link BayeuxServer} object
* @param session the session (not yet added to the BayeuxServer)
* @param message the handshake message
* @return whether the handshake message is allowed
*/
default boolean canHandshake(BayeuxServer server, ServerSession session, ServerMessage message) {
return false;
}
/**
* <p>Checks if a message should be allowed to create a new channel.</p>
* <p>A subscribe message or publish message to a channel not yet known to the server triggers this check.
* Both remote sessions and local sessions, when performing subscribes or publishes via
* {@link ClientSessionChannel#subscribe(ClientSessionChannel.MessageListener)} or
* {@link ClientSessionChannel#publish(Object)} are therefore subject to this check.</p>
* <p>Direct calls to {@link BayeuxServer#createChannelIfAbsent(String, ConfigurableServerChannel.Initializer...)}
* are not subject to this check.</p>
* 是否可以创建channel
* @param server the {@link BayeuxServer} object
* @param session the client sending the message
* @param channelId the channel to be created
* @param message the message trying to create the channel
* @param promise the promise to notify whether the channel should be created
*/
default void canCreate(BayeuxServer server, ServerSession session, String channelId, ServerMessage message, Promise<Boolean> promise) {
promise.succeed(canCreate(server, session, channelId, message));
}
/**
* <p>Blocking version of {@link #canCreate(BayeuxServer, ServerSession, String, ServerMessage, Promise)}.</p>
* <源码调用处>是否可以创建channel 返回true表示通过 false不通过 由上面canCreate根据返回值调度
* @param server the {@link BayeuxServer} object
* @param session the client sending the message
* @param channelId the channel to be created
* @param message the message trying to create the channel
* @return whether the channel creation is allowed
*/
default boolean canCreate(BayeuxServer server, ServerSession session, String channelId, ServerMessage message) {
return false;
}
/**
* <p>Checks if a subscribe message from a client is allowed to subscribe to a channel.</p>
* <p>Both remote and local sessions are subject to this check when performing subscribes via
* {@link ClientSessionChannel#subscribe(ClientSessionChannel.MessageListener)}.</p>
* <p>{@link ServerChannel#subscribe(ServerSession)} is not subject to this check.</p>
** 是否可以订阅channel 返回true表示通过 false不通过
* @param server the {@link BayeuxServer} object
* @param session the client sending the message
* @param channel the channel to subscribe to
* @param message the subscribe message
* @param promise the promise to notify whether the client can subscribe to the channel
*/
default void canSubscribe(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message, Promise<Boolean> promise) {
promise.succeed(canSubscribe(server, session, channel, message));
}
/**
* <p>Blocking version of {@link #canSubscribe(BayeuxServer, ServerSession, ServerChannel, ServerMessage, Promise)}.</p>
* 是否可以订阅channel 返回true表示通过 false不通过 由上面canSubscribe根据返回值调度
* @param server the {@link BayeuxServer} object
* @param session the client sending the message
* @param channel the channel to subscribe to
* @param message the subscribe message
* @return whether the channel subscription is allowed
*/
default boolean canSubscribe(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message) {
return false;
}
/**
* <p>Checks if a client can publish a message to a channel.</p>
* <p>Both remote and local sessions are subject to this check when performing publishes via
* {@link ClientSessionChannel#publish(Object)}.</p>
* <p>Server-side publishes are not subject to this check.</p>
* <源码调用处>是否有权推送
* @param server the {@link BayeuxServer} object
* @param session the client sending the message
* @param channel the channel to publish to
* @param message the message to being published
* @param promise the promise to notify whether the client can publish to the channel
*/
default void canPublish(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message, Promise<Boolean> promise) {
promise.succeed(canPublish(server, session, channel, message));
}
/**
* <p>Blocking version of {@link #canPublish(BayeuxServer, ServerSession, ServerChannel, ServerMessage, Promise)}.</p>
* 是否有权推送 返回true表示通过 false不通过 由上面canPublish根据返回值调度
* @param server the {@link BayeuxServer} object
* @param session the client sending the message
* @param channel the channel to publish to
* @param message the message to being published
* @return whether the publish is allowed
*/
default boolean canPublish(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message) {
return false;
}
