configure nginx to work with vaadin and wss

Question

I'm trying to configure nginx to proxy wss for vaadin using tomcat as the server.

Here is my current configuration:

location / {
        #try_files $uri $uri/ =404;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect off;
        proxy_max_temp_file_size 0;
        proxy_pass http://tomcat/mycontext/;
        proxy_read_timeout 300;

        # wss
        proxy_set_header Connection $http_connection;
        proxy_set_header Connection "upgrade";
}

location /mycontext/ {
        #try_files $uri $uri/ =404;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect off;
        proxy_max_temp_file_size 0;
        proxy_pass http://tomcat/mycontext/;
        proxy_read_timeout 300;

        # wss
        proxy_set_header Connection $http_connection;
        proxy_set_header Connection "upgrade";
}

upstream

upstream tomcat {
    server localhost:8080 fail_timeout=0;
}

nginx starts without complaint and works for HTTP without the two lines after the #wss comment.

When I try to connect to vaadin I get the error:

Error in WebSocket connection to wss://myapp.dev/ui/?v-r=push&debug_window

If it makes a difference we are using atmosphere for wss.

Answer 1

So the issue was that the proxy headers were wrong:

I had copied from a site:

       proxy_set_header Connection $http_connection;
       proxy_set_header Connection "upgrade";

Which should have been:

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";

Note that Connection became Upgrade on the first line.

So the full config is.

location / {
        #try_files $uri $uri/ =404;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect off;
        proxy_max_temp_file_size 0;
        proxy_pass http://tomcat/mycontext/;
        proxy_read_timeout 300;

        return 301 $scheme://mysite.dev/mycontext/ui$request_uri;

        # wss
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
}

location /mycontext/ {
        #try_files $uri $uri/ =404;

        #
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect off;
        proxy_max_temp_file_size 0;
        proxy_pass http://tomcat/mycontext/;
        proxy_read_timeout 300;

        # wss
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";

For completeness here is the vaadin servlet.

package dev.myapp.servlets;

import javax.servlet.annotation.WebServlet;

import com.vaadin.flow.server.ServiceException;
import com.vaadin.flow.server.SessionInitEvent;
import com.vaadin.flow.server.SessionInitListener;
import com.vaadin.flow.server.VaadinServlet;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebInitParam;

@WebServlet(urlPatterns =
{ "/ui/*"}, name = "MyApp", asyncSupported = true,  loadOnStartup = 1, initParams =
{
        @WebInitParam(name = "org.atmosphere.cpr.AtmosphereInterceptor", value = "dev.myapp.servlets.AtmosphereFilter"),
        @WebInitParam(name = "closeIdleSessions", value = "true"),

        /// changed this when we release.
        @WebInitParam(name = "productionMode", value = "false")

})
public class Servlet extends VaadinServlet implements SessionInitListener
{

    private static final long serialVersionUID = 1L;

    @Override
    protected void servletInitialized() throws ServletException 
    {
        super.servletInitialized();
        getService().addSessionInitListener(this);
    }

    @Override
    public void sessionInit(SessionInitEvent event) throws ServiceException
    {
        event.getSession().setErrorHandler(new CustomExceptionHandler());
    }
}