0 Replies Latest reply on Jan 3, 2017 5:48 AM by patrykgala

    Websocket Auth on Openshift

    patrykgala

      Hi,

      I have problem with websocket auth on Openshift. I configured my security domain, web.xml, jboss-web.xml. Locally everything works perfectly.

       

      But when I pushed my project to Openshift a auth doesn't work, rest services with the same path are secured. When I invoke:

      rhc port-forward testowy

      the project works. I think that, the problem is related with Openshift websocket proxy.

       

      What should I do?

      Patryk

       

      My web.xml file:

      <web-app version="3.1"
         xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
         metadata-complete="false">
      
      
        <security-constraint>
        <web-resource-collection>
        <web-resource-name>WebSocket Endpoint</web-resource-name>
        <url-pattern>/ws/device</url-pattern>
        <http-method>GET</http-method>
        </web-resource-collection>
        <auth-constraint>
        <role-name>*</role-name>
        </auth-constraint>
      
        </security-constraint>
      
        <login-config>
        <auth-method>BASIC</auth-method>
        </login-config>
      
        <security-role>
        <role-name>*</role-name>
        </security-role>
      </web-app>
      

       

      EDIT:

      In my ServerEndpointConfig.Configurator I don't see my request params when try public url.

      HttpServerExchange{ GET /ws/device2/123 request {Connection=[Upgrade], Sec-WebSocket-Version=[13], Sec-WebSocket-Key=[MTMtMTQ4MzQzNDQ5MDk4OA==], X-Forwarded-For=[109.173.208.115], Upgrade=[websocket], X-Client-IP=[109.173.208.115], user-agent=[undefined], Host=[127.8.38.1:8080]} response {Connection=[Upgrade], X-Powered-By=[Undertow/1], Sec-WebSocket-Location=[ws://127.8.38.1:8080/ws/device2/123], Server=[WildFly/10], Upgrade=[WebSocket], Content-Length=[0], Sec-WebSocket-Accept=[sC4RR4s19AMd8/hdWvdr2uasvBQ=]}}
      

       

      EDIT2:

      I created the pull request: Add authorization header in node-proxy. by PatrykGala · Pull Request #6444 · openshift/origin-server · GitHub