Anass TIssir
Reputation: 240
How to expose WSS 'secure websocket' with Java
I'm setting up a new webSocket server using Java, and want to expose it in WSS because my client side app is in HTTPS. Could you help me please
I've tried to modify my web.xml but dosen't work
<web-app>
<display-name>Archetype Created Web Application</display-name>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected resource</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<!-- https -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
This is my EndPoint Class
@ServerEndpoint(value = "/signalisation/{username}", decoders = MessageDecoder.class, encoders = MessageEncoder.class)
public class ChatEndpoint {
private Session session;
private static final Set<ChatEndpoint> chatEndpoints = new CopyOnWriteArraySet<>();
private static HashMap<String, String> users = new HashMap<>();
@OnOpen
public void onOpen(Session session, @PathParam("username") String username) throws IOException, EncodeException {
System.out.println("connected");
this.session = session;
chatEndpoints.add(this);
users.put(session.getId(), username);
Message message = new Message();
message.setFrom(username);
message.setContent("Connected!");
broadcast(message, message.getTo());
}
@OnMessage
public void onMessage(Session session, Message message) throws IOException, EncodeException {
message.setFrom(users.get(session.getId()));
System.out.println("messaged");
}
@OnClose
public void onClose(Session session) throws IOException, EncodeException {
System.out.println("out");
}
@OnError
public void onError(Session session, Throwable throwable) {
// Do error handling here
}
private static void broadcast(Message message, String id) throws IOException, EncodeException {
chatEndpoints.forEach(endpoint -> {
if (endpoint.session.getId().equals(id)){
synchronized (endpoint) {
try {
endpoint.session.getBasicRemote()
.sendObject(message);
} catch (IOException | EncodeException e) {
e.printStackTrace();
}
}
}
});
}
public String getKeyFromMap(HashMap map, String value){
for (Object o : map.keySet()) {
if (map.get(o).equals(value))
return o.toString();
}
return null;
}
}
My Client Side app
var conn = new WebSocket('ws://<IP_ADRESSE>:8080/<PATH>/signalisation/'+c);
conn.onopen = function () {
console.log("Connected to the server");
};
My actual result is :
client.js:11 Mixed Content: The page at 'https://IP_ADRESSE:PORT/?user=blabla' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://IP_ADRESSE:8080/PATH/signalisation/blabla'. This request has been blocked; this endpoint must be available over WSS.
Upvotes: 2
Views: 1172
Answers (1)
Vincent B.
Reputation: 41
It was some month ago, but hope it helps someone with the same error.
Change ws:// to wss:// on the client side app, just before IP_ADRESSE.
Upvotes: 0
Related Questions
- How to give certificate to Java Websocket?
- Java Secure Websocket - Load SSL context from TLS cert file and connect to WSS URI
- Configure secured websockets using Apache httpd 2.4.6 and Tomcat 8
- Connecting to a secured websocket
- minimal java8 nio secure websocket client (wss)
- Websocket handshake. From ws to wss
- Creating a Secure Websocket (wss) Server in Java
- Websockets on Openshift
- Implementing WebSocket in Java Swing Application
- Use websocket in java web application