CODEWITHSUNDEEP
javaspringapachewebsocket
aymeba
aymeba

Reputation: 934

Apache reverse proxy for wss protocol

My application uses SockJS with Spring Framework. I have a reverse proxy on my server to redirect https requests to tomcat container. Configuration : 

<VirtualHost *:443>
    ProxyPreserveHost On

    ProxyPass /boot http://127.0.0.1:8080/boot/
    ProxyPassReverse /boot http://127.0.0.1:8080/boot/

        ServerName MY_DOMAIN.com

        SSLEngine on
        SSLProtocol all
        SSLCertificateFile /etc/apache2/ssl/muhamo.crt
        SSLCertificateKeyFile /etc/apache2/ssl/muhamo.key
        SSLCACertificateFile /etc/apache2/ssl/bundl.crt
</VirtualHost>

How can I configure my virtual host to forward wss requests to my application? I get the error messages like : 

Opening Web Socket...
sockjs.js:1213 WebSocket connection to 'wss://MY_DOMAIN.com/boot/tracking/557/jcf7btih/websocket' failed: Error during WebSocket handshake: Unexpected response code: 403

sockjs.js:807 POST https://MY_DOMAIN.com/boot/tracking/557/7cl9qov2/xhr_streaming 403 (Forbidden)

sockjs.js:807 POST https://MY_DOMAIN.com/boot/tracking/557/cvl8ti6k/xhr 403 (Forbidden)

Upvotes: 8

Views: 8046

Answers (2)

jeninja
jeninja

Reputation: 848

I was able to fix 403 error by allowing all origins on my websocket endpoint using .setAllowedOriginPatterns("*") in my WebSocketConfig

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {

    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        config.enableSimpleBroker("/app");
    }

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {
        registry.addEndpoint("/websocket")
                .setAllowedOriginPatterns("*")
                .withSockJS();
    }

}

Upvotes: 0

Paulo Quintans
Paulo Quintans

Reputation: 101

I do not know if you solved this problem, but I had the same problem. I thought the problem was with the apache server, but it was in the Spring side. The 403 code was the clue.

In my case, in addition to your configuration (with the necessary adaptation), what I did was to add the following:

# Disable forward proxying
ProxyRequests Off
# proxy wss:// to ws://
ProxyPassMatch ^/(.*)/websocket ws://localhost:8080/$1/websocket
# proxy ws fallbacks
ProxyPass /ws http://localhost:8080/ws
ProxyPassReverse /ws http://localhost:8080/ws

Int the Spring (Boot) side:

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        config.enableSimpleBroker("/topic");
    }

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {
        registry.addEndpoint("/ws").setAllowedOrigins("*").withSockJS();
    }

}

setAllowedOrigins("*") was the missing piece to overcome the 403 error.

Cheers

Upvotes: 10

Related Questions