Java – Apache reverse proxy for WSS protocol

Java

My application uses sockjs and spring framework I have a reverse proxy on my server to redirect HTTPS requests to the Tomcat container to configure:

<VirtualHost *:443>
    ProxyPreserveHost On

    ProxyPass /boot http://127.0.0.1:8080/boot/
    ProxyPassReverse /boot http://127.0.0.1:8080/boot/

        ServerName MY_DOMAIN.com

        SSLEngine on
        SSLProtocol all
        SSLCertificateFile /etc/apache2/ssl/muhamo.crt
        SSLCertificateKeyFile /etc/apache2/ssl/muhamo.key
        SSLCACertificateFile /etc/apache2/ssl/bundl.crt
</VirtualHost>

How do I configure the virtual host to forward WSS requests to my application? I received the following error message:

opening Web Socket...
sockjs.js:1213 WebSocket connection to 'wss://MY_DOMAIN.com/boot/tracking/557/jcf7btih/websocket' Failed: Error during WebSocket handshake: Unexpected response code: 403

sockjs.js:807 POST https://MY_DOMAIN.com/boot/tracking/557/7cl9qov2/xhr_streaming 403 (Forbidden)

sockjs.js:807 POST https://MY_DOMAIN.com/boot/tracking/557/cvl8ti6k/xhr 403 (Forbidden)

Solution

I don't know if you have solved the problem, but I have the same problem

In my case, in addition to your configuration (necessary adaptation), what I do is to add the following:

# Disable forward proxying
ProxyRequests Off
# proxy wss:// to ws://
ProxyPassMatch ^/(.*)/websocket ws://localhost:8080/$1/websocket
# proxy ws fallbacks
ProxyPass /ws http://localhost:8080/ws
ProxyPassReverse /ws http://localhost:8080/ws

In terms of spring (boot):

@Configuration
@EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
    @Override
    public void configureMessageBroker(MessageBrokerRegistry config) {
        config.enableSimpleBroker("/topic");
    }

    @Override
    public void registerStompEndpoints(StompEndpointRegistry registry) {
        registry.addEndpoint("/ws").setAllowedOrigins("*").withSockJS();
    }

}

Setallowedorigins ("*") is the missing part to overcome the 403 error

Cheers!

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>