Skip to content

Improve user check in TransportHandlingSockJsService #36129

New issue
New issue
Closed
Closed
Improve user check in TransportHandlingSockJsService#36129
Assignees
rstoyanchev
Labels
in: webIssues in web modules (web, webmvc, webflux, websocket)type: backportAn issue that is a backport of another issue to a maintenance branchtype: enhancementA general enhancement
Milestone
6.2.16
@SoftMadHatter

Description

@SoftMadHatter
SoftMadHatter
opened on Jan 12, 2026

Hello,

I currently encounter an issue with the Principal check in TransportHandlingSockJsService (Spring Boot 3.5.9 / spring-websocket 6.2.15).
in my case the Principal is a org.springframework.security.kerberos.authentication.KerberosServiceRequestToken instance and then is never equals with the one used to create the session.

It's exactly what has been fixed in #35753, but the fix is only for Spring 7.
Could you please backport this change to Spring 6 ?

Metadata

Metadata

Assignees

Labels

in: webIssues in web modules (web, webmvc, webflux, websocket)type: backportAn issue that is a backport of another issue to a maintenance branchtype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions