28
4
Is it somehow possible to use Spring's RSocket integration in a "traditional" servlet-based Spring application without having to sacrifice functionality that Spring offers according to the documentation if you do not mix the two variants?
如果您不混合这两种变体,有没有可能在“传统的”基于Servlet的Spring应用程序中使用Spring的RSocket集成,而不必根据文档牺牲Spring提供的功能?
If so, how? Are there any pitfalls to be aware of?
如果是这样的话,是如何做到的呢?有什么陷阱需要注意吗?
The objective would be to allow an existing Servlet-based Spring application to talk to various clients over RSocket. A fully reactive experience with backpressure is neither expected nor necessary on the server side. Having to start a separate Netty-based server that runs alongside the servlet container is okay and expected.
其目标是允许现有的基于Servlet的Spring应用程序通过RSocket与各种客户端进行对话。服务器端既不需要也不需要完全应对背压的体验。必须启动一个单独的基于Netty的服务器并与Servlet容器一起运行,这是可以接受的,也是意料之中的。
To address questions raised in the comments, there is some functionality I am especially concerned about:
为了解决评论中提出的问题,我特别关注一些功能:
个人中心
文章发布
退出@PreAuthorize on methods that are invoked by the servlet-based parts and the RSocket-based parts of the application?Can you elaborate more in your question that how would you be sacrificing Tx support by using the RSocket integration in a servlet-based env ? Is there such limitation ?
您能在您的问题中详细说明您将如何通过在基于Servlet的环境中使用RSocket集成来牺牲TX支持吗?有这样的限制吗?
I mean the docs says "Spring Security 5.2 provides RSocket support." Also, how would a WebSocket connection be participating in a Transaction anyways ?
我的意思是,文档说“Spring Security5.2提供RSocket支持。”另外,WebSocket连接将如何参与事务呢?
@alegria I've tried to clarify the question. "Is there such limitation" -- I don't know, that's why I'am asking. The Spring docs generally stress how different those stacks are so I'm a bit wary. Same with Spring Security: Yes, it provides RSocket support, but does it play nice when both the imperative and reactive stack are enabled? My testing indicates it does not, at least out of the box.@PreAuthorize is always handled by the imperative stack.
@阿雷格里亚我试图澄清这个问题。“有这样的限制吗?”--我不知道,这就是我问的原因。Spring文档通常强调这些堆栈有多么不同,所以我有点谨慎。Spring Security也是如此:是的,它提供RSocket支持,但当命令性堆栈和反应性堆栈都启用时,它能很好地发挥作用吗?我的测试表明它没有,至少是开箱即用的。@preAuthorize总是由命令性堆栈处理。
Yes, it is possible to use Spring's RSocket integration in a traditional Servlet-based Spring application without sacrificing declarative transaction support or Spring Security integration. Spring provides flexibility and modularity, allowing you to mix different technologies and features based on your requirements. You can run a separate Netty-based RSocket server alongside your existing servlet-based Spring application. Here's how you can achieve this:
是的,可以在传统的基于Servlet的Spring应用程序中使用Spring的RSocket集成,而不牺牲声明性事务支持或Spring Security集成。Spring提供了灵活性和模块化,允许您根据需求混合不同的技术和功能。您可以在现有的基于Servlet的Spring应用程序旁边运行单独的基于Netty的RSocket服务器。以下是如何实现这一点的方法:
Create an RSocket Server Configuration:
创建RSocket服务器配置:
Start by creating an RSocket server configuration class. This class will define your RSocket server and how it handles incoming requests.
首先创建一个RSocket服务器配置类。这个类将定义RSocket服务器以及它如何处理传入的请求。
@Configuration
public class RSocketServerConfig {
@Bean
public RSocketServer rSocketServer() {
return RSocketServer.create();
}
@Bean
public RSocketMessageHandler messageHandler() {
RSocketMessageHandler handler = new RSocketMessageHandler();
handler.setRSocketStrategies(rSocketStrategies());
return handler;
}
@Bean
public RSocketStrategies rSocketStrategies() {
return RSocketStrategies.builder().build();
}
}
Define Your RSocket Controllers:
定义您的RSocket控制器:
Create RSocket controllers similar to how you create Spring MVC controllers. These controllers will handle incoming RSocket requests. For example:
创建RSocket控制器的方法与创建Spring MVC控制器的方式类似。这些控制器将处理传入的RSocket请求。例如:
@Controller
public class RSocketController {
@MessageMapping("your.rsocket.route")
public Mono<String> handleRSocketRequest(String request) {
// Handle the request here
return Mono.just("Response");
}
}
Enable RSocket in Your Application:
在您的应用程序中启用RSocket:
You need to enable RSocket in your Spring application. To do this, add the @EnableRSocket annotation to one of your configuration classes:
您需要在您的Spring应用程序中启用RSocket。为此,将@EnableRSocket注释添加到您的一个配置类中:
@SpringBootApplication
@EnableRSocket
public class YourServletBasedApplication {
public static void main(String[] args) {
SpringApplication.run(YourServletBasedApplication.class, args);
}
}
Configure Spring Security:
配置Spring安全:
If you have Spring Security configured in your application, ensure that you also secure your RSocket endpoints appropriately. You can use Spring Security's features to secure your RSocket controllers.
如果您在应用程序中配置了Spring Security,请确保您还适当地保护RSocket端点。您可以使用Spring Security的功能来保护您的RSocket控制器。
Transaction Management:
交易管理:
Spring's transaction management should work as expected in your servlet-based Spring application. Ensure that your RSocket controllers are within the transaction boundaries when necessary, and configure your transaction manager accordingly.
在基于Servlet的Spring应用程序中,Spring的事务管理应该按预期工作。确保您的RSocket控制器在必要时位于事务边界内,并相应地配置您的事务管理器。
Pitfalls to Be Aware Of:
要注意的陷阱:
Concurrency: Be mindful of the concurrency model of your servlet-based Spring application and ensure that RSocket interactions don't cause contention or concurrency issues.
并发性:注意基于Servlet的Spring应用程序的并发模型,并确保RSocket交互不会导致争用或并发问题。
Resource Management: Managing resources (e.g., database connections, thread pools) between the servlet-based application and the RSocket server should be done carefully to avoid resource exhaustion or contention.
资源管理:应仔细管理基于Servlet的应用程序和RSocket服务器之间的资源(例如,数据库连接、线程池),以避免资源耗尽或争用。
Cross-Origin Resource Sharing (CORS): If your RSocket clients are web-based, you may need to handle CORS settings appropriately to allow RSocket connections from different origins.
跨域资源共享(CORS):如果您的RSocket客户端是基于Web的,您可能需要适当处理CORS设置以允许来自不同来源的RSocket连接。
Error Handling: Implement robust error handling for your RSocket controllers to handle failures gracefully.
错误处理:为RSocket控制器实现健壮的错误处理,以优雅地处理故障。
Remember that while you're integrating RSocket into your servlet-based Spring application, the level of reactivity and backpressure handling is up to you. You can keep your servlet-based code as is and provide a more traditional request-response experience over RSocket if that fits your requirements.
请记住,当您将RSocket集成到基于Servlet的Spring应用程序中时,反应性和反压力处理的级别取决于您。您可以保持基于Servlet的代码不变,并通过RSocket提供更传统的请求-响应体验(如果这符合您的需求)。
can you share the client side and a working example ? I have been trying to run rsocket and regular controllers and trying to call them in my local but could not manage to create a working example, thats why I asked.
你能分享一下客户端和一个实际的例子吗?我一直在尝试运行r套接字和常规控制器,并试图在本地调用它们,但无法创建一个工作示例,这就是我问的原因。
btw this answer feels like chatgpt response, is it ?
顺便说一下,这个回答听起来像是喋喋不休的回答,是吗?
I'm unhappy with the answer because it misses the essence of the question: What steps are necessary exactly to make Spring Security play nice? For example, the standard configuration as shown here does not work with method security. @PreAuthorize is handled by the servlet-based stack when both are active. Also, you state "Configure your transaction manager accordingly". What does "accordingly" entail? Why are there no links to docs or articles that back up the claims?
我对这个答案不满意,因为它忽略了问题的实质:到底需要哪些步骤才能让Spring Security发挥更好的作用?例如,此处所示的标准配置不适用于方法安全性。当基于Servlet的堆栈和基于Servlet的堆栈都处于活动状态时,@PreAuthorize由堆栈处理。另外,您需要声明“相应地配置您的事务管理器”。“相应地”意味着什么?为什么没有指向支持索赔的文档或文章的链接?
ChatGPT answers WILL NOT BE TOLERATED
不会容忍ChatGPT应答
28
4
0
我是一名优秀的程序员,十分优秀!