Bind connector to handler - jetty

How to bind Connector to Handler in Jetty server?
Handler A -> url mapping /first -> connector open for port 8282
Handler B -> url mapping /second-> connector open for port 9292
So I can get result like this:
localhost:8282/first -> handler A will process it
localhost:9292/second -> handler B will process it
localhost:8282/second -> error 404
localhost:9292/first -> error 404
Right now, if I just add additional Connector's for Jetty and I can access /first or /second from any port.

Provide a name to the Connector, and use that #name in your Handler's VirtualHost configuration.
See prior answer (and example in it).
https://stackoverflow.com/a/26149232/775715

Related

Cloud run + websockets behind reverse proxy fails

For some time I've been using ambassador/emissary as an API gateway, and I really want to use it as a means to talk to cloud run through custom domains.
My pattern is
(client) -> (ambassador/emissary) -> (cloud run) -> (fastapi)
For ambassador/emissary to talk to cloud run altogether (not just throw a 404), I needed to rewrite the host header (as mentioned here) (host_rewrite option in ambassador/emissary). However, websocket connections doesn't work for some reason. I have successfully made this work with
(client) -> (ambassador/emissary) -> (GKE Autopilot) -> (fastapi)
The client throws a 1006 and it feels like if there is some wrong expectations now which header values the cloud run expects.
The ambassador mapping is here
Does anyone have cloud run working with websocket on custom domains?
Update
Using firebase hosting as a router instead, meaning
(client) -> (firebase hosting rewrite) -> (cloud run) -> (fastapi)
doesn't work either with a websocket setup.

Embedded Jetty - use WebSocketUpgradeFilter together with AsyncProxyServlet

I've got a class that extends AsyncProxyServlet to do proxying with Jetty:
Server httpProxy = new Server();
ServletHolder servletHolder = new ServletHolder(TunnelProxyServlet.class);
HandlerCollection handlers = new HandlerCollection();
httpProxy.setHandler(handlers);
ServletContextHandler contextHandler = new ServletContextHandler(handlers, "/", ServletContextHandler.SESSIONS);
contextHandler.addServlet(servletHolder, "/*");
Now I'd like to add WebSocket support to this.
I tried this:
try {
WebSocketUpgradeFilter.configure(contextHandler);
NativeWebSocketServletContainerInitializer.configure(contextHandler, ((context, container) ->
{
container.addMapping("/*", (req, resp) -> new WebSocketProxy().getWebSocketConnectionListener());
}));
} catch (ServletException ex) {
Logger.getLogger(HttpProxy.class.getName()).log(Level.SEVERE, ex.getMessage());
}
But the code never reaches this point.
How can I do proxying with WebSockets?
WebSocket Proxy is a very large and complicated topic.
First, let me start by saying that WebSocket proxying is possible starting with Jetty 10.
The basic support for WebSocket proxy was added to Jetty 10 in https://github.com/eclipse/jetty.project/pull/3365
Sadly, Jetty 9 has no support for WebSocket Proxy.
Either built into Jetty itself, or with enough core features within Jetty's WebSocket layer to allow you to implement it yourself.
Next, Jetty's AsyncProxyServlet is not capable of handling upgraded connections (like WebSocket). That class can only handle HTTP requests (be it HTTP/1.0, HTTP/1.1, or HTTP/2. With HTTP/3 support in the near future).
Some advice, when you do WebSocket proxying, you'll need to decide how you do it.
Are you going to proxy the frames as-is? (easiest, and most recommended approach).
Are you going to want to read the frame content? (requires complicated extension manipulation, extension preservation, frame preservation, and the ability to read partial messages from the frame level, etc)
Are you going to want to read the whole message (1..n frames) content? (this quadruples your memory requirements for websocket as its : remote websocket client -> websocket proxy server -> your proxy interested in messages -> websocket proxy client -> websocket backend server)

Accessing Sonic MQ registered JNDI objects behind a firewall

I'm trying to connect to Sonic MQ hosted behind a firewall from IBM Web Sphere Message broker message flow . WMB is old v6.01. and it does not have an option to set proxy details.
I'm getting
' There is a configuration problem with the JNDI Administered objects where: Initial Context Factory = 'com.sonicsw.jndi.mfcontext.MFContextFactory'. Location of the bindings = '100.XX.X.XX:2508'. ConnectionFactory Name = 'QCF'. JMS destination = 'XXXXXXXX'.
Are you sure you have the right configuration for your JNDI store.
If it is using the Sonic JNDI store you need to have the domain connection.
Domain Name
Url
login
Both the Jndi store port and broker(s) port must be open on the firewall.
Also the url is usually: tcp://100.XX.X.XX:2508
BR

SOAP request through JMeter with authentication

I'm having trouble sending a JMeter SOAP request through HTTP Request element -
Through SOAPUI I'm sending the request with the following properties:
Authentication via SOAP
But I cannot receive a valid response when I try to add these username password. I've tried to place it in HTTP Header Manager/ in HTTP Authorization Manager, but with no luck. I receive either error:
Response code: 404 Response message: Not Found
when placing this in the HTTP Authorization Manager and
HTTP Error 400. The request has an invalid header name
when placing the username and password in the header manager (with wss password type field, while in HTTP Authorization Manager there is not option like this).
What can I do to have a valid response from the server like I get in SOAPUI?
If you need to replicate SoapUI request I would suggest just to record the request from the SoapUI via JMeter HTTP(S) Test Script Recorder
In JMeter
File -> Template -> Recording -> Create
Workbench -> HTTP(S) Test Script Recorder -> Start
In SoapUI
File -> Preferences -> Proxy Settings
Host: localhost, Port: 8888
Enable proxy in SoapUI
Execute your request
Expand Thread Group -> Recording Controller in JMeter and observe the recorded request.
You may also need to correlate timestamps using __time() function check out Take the Pain out of Load Testing Secure Web Services for details on bypassing different web services security in JMeter tests.

How to use Open SSL lib to encrypt/decrypt my own connection data

My C++ application creates a TCP connection to a remote server.
I need the full control over this connection (creating the connection, receiving data, sending data). However, the remote server expects SSL encryption. How can I get use of Open SSL library to encrypt and decrypt the data stream in both directions (going out and coming in), while my application handling the whole communication?
My app to remote server
(my app data) -> [encrypt by openssl] -> (encrypted data) -> (my app sends data to remote server)
Remote server to my app
(remote server) -> (my app receives encrypted data) -> [decrypt by openssl] -> (text message to my app)
I need to get only those within square brackets above to be done by the open SSL library. Rest will be handled by my code. I can provide my private key and public key to the open SSL library. Please note that I cannot use BIO_read() and BIO_write() functions. When the open SSL lib provides encrypted data, my code will send it to the server, and vice versa.
Also, I would like to know how to do the same, in case if my application is the server, and a remote client connects to me with SSL. I will be having the certificate.
Thanks,
Wishwa.