I am creating a sample app using auth0 , spring, angular 11. without websockets this is ok. But once I want to incorporate websockets, things are going wrong
The article is broken https://auth0.com/blog/2014/01/15/auth-with-socket-io/
I have a proxy conf that maps angular port to spring services port, so not sure what to use here for websocket–
(1) using spring url as-is
new SockJS(‘http://localhost:2023/pipeline’);
Error: Access to XMLHttpRequest at ‘http://localhost:2023/pipeline/info?t=1618440125594’ from origin ‘http://localhost:4200’ blocked by CORS policy
(2) using proxy conf, because I prefixed with server in the endpoint
If I use – const socket = new SockJS(‘server/pipeline’); /server is having target http://localhost:2023 then Error: 401 unauthorized My Rest API endpoints are ok I have Auth0 also in my app. So websocket is not working for me. Any idea how to connect?
““It is a common misconception that a user who is authenticated in the hosting web application, is also authenticated in the socket stream. These are two completely different channels.” - José F. Romaniello, https://auth0.com/blog/2014/01/15/auth-with-socket-io/”
Hi Auth0
I understand the question will get closed in 15 days. Please can someone answer my question??
I need a websocket example - stomp , sockjs or socket.io
If this is not possible, please can you flag and I will inform my company
Auth0 team, do you have an example Auth0, Angular, Spring , Websockets ? This is a critical functionality. There are many websockets -angular-spring examples, but without Auth0
I am getting CORS issue. Has anyone worked on websockets - spring security - angular and Auth0?
It doesn’t appear that we have an example of that framework. The sample you linked is being deprecated and I would not recommend using it. There is no replacement sample at this time.
The example should consider security., as many example are there for the sake of doing type. When taken to enterprise level they flunk.
So looking for an easy example - A simple application with 1 rest controller (couple of end points) and 1 with some topic endpoint etc, and use spring security to control access
Angular page with a single button and a text area that display messages from spring backend for the subscribed topic
Bottom line - an example like the deprecated one, for angular 11
I mentioned the issue in the first post, please can you check (1) and (2). I stashed the code as it happened 27days ago. Will recreate and put the logs.
Can you add some more details to those questions? It’s not possible to get a clear picture of the problem from your first post. Code snippets are helpful. Using clear formatting is also very helpful. It’s difficult to understand what is going on with just an error code and little detail about what is causing it.
The CORS policy usually stems from a request that crosses origins.
Can you post a code block of the call that is returning the 401 error? This is often caused by a setting misconfiguration.
It doesn’t look like it. As I mentioned above, there is no 1:1 replacement for the deprecated sample.