All handlers in that example work apart from the websockets handler
WebSocketHandler wsHandler = new WebSocketHandler() {
#Override
public void configure(WebSocketServletFactory factory) {
factory.register(WebsocketsService.class);
}
};
HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[] { resource_handler, servletContextHandler, wsHandler, new DefaultHandler() });
server.setHandler(handlers);
it fails with
WebSocket connection to 'ws://localhost:8080/' failed: Error during WebSocket handshake: Unexpected response code: 200
how would be a websockets handler properly configured and added (maybe with a differen Path and Port as the servletContextHandler or could it be added there ?) ?
A few things.
Don't mix ResourceHandler and ServletContextHandler, use the built-in static file serving from ServletContextHandler, its Resource Base, and the DefaultServlet (see prior answer with details)
Don't put anything after your ServletContextHandler (if your ServletContextHandler is on contextPath /). Once a ServletContextHandler is entered (per the contextPath), then it must complete/finish (this is part of the servlet spec), no other handler after that ServletContextHandler will ever run. (see prior answer about this)
Don't mix WebSocketHandler and ServletContextHandler, use the WebSocketUpgradeFilter in your ServletContextHandler and add/manage the websocket endpoints there. (see the embedded-jetty-cookbook and the WebSocketViaFilter example for how to use it)
Related
I am trying to get a .Net Core 3.1 SignalR Web API with an Angular front end to work with websockets.
The code works perfectly fine when ran locally, either from within in the IDE or via docker run. However, once the code gets deployed to an ECS instance in AWS behind an API Gateway the web sockets refuse to connect.
I setup my mappings like so:
app.UsePathBase("/ui");
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
"default",
"{controller}/{action=Index}/{id?}")
.RequireCors(PolicyName);
endpoints.MapHub<SessionHub>("/ws/session");
endpoints.MapHub<SessionsHub>("/ws/sessions");
});
And on the client I connect to the hub like so:
this.sessionsHubConnection = new HubConnectionBuilder()
.withUrl(`${window.origin}/ws/sessions`, {
skipNegotiation: true,
transport: HttpTransportType.WebSockets,
accessTokenFactory: () => this.getAccessToken()
})
.withAutomaticReconnect()
.build();
The following Fiddler trace shows the initial HTTP request to initialize the websocket connection and the error being returned by kestrel.
I tweaked my web socket middleware for handling the access token to also Console.Write some additional debugging statements that I think might prove insightful:
public async Task Invoke(HttpContext httpContext)
{
var request = httpContext.Request;
Console.WriteLine($"Starting connection id: {httpContext.Connection.Id}");
// web sockets cannot pass headers so we must take the access token from query param and
// add it to the header before authentication middleware runs
if (request.Path.StartsWithSegments("/ws", StringComparison.OrdinalIgnoreCase)
&&
request.Query.TryGetValue("access_token", out var accessToken))
{
request.Headers.Add("Authorization", $"Bearer {accessToken}");
}
try
{
var sb = new StringBuilder();
sb.AppendLine($"Connection Id: {httpContext.Connection.Id}");
Console.WriteLine(sb.ToString());
await _next(httpContext);
sb = new StringBuilder();
sb.AppendLine($"Status code {httpContext.Response.StatusCode}"); <-- this line
sb.AppendLine($"Connection Id: {httpContext.Connection.Id}"); <-- and this line
Console.WriteLine(sb.ToString());
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.StackTrace);
throw;
}
}
And in the AWS logs you can see that the connection Id is present but is being ignored by the EndpointMiddleware(?) for some reason.
Any idea what could be causing this? Two ideas I have yet to be able to rule out are:
The HTTP/S termination at our API gateway is confusing Kestrel since the browser client is building the socket request under HTTPS, but as far as Kestrel is concerned everything is communicating over HTTP?
app.UsePathBase("/ui"); is confusing Kestrel and all the web socket paths should actually be /ui/ws/session?
I was running Jetty 9.2 and added an explicit mime type which set the content type for mp4 when sending movies back to the client. This worked fine. I then had to upgrade to Jetty 9.4.6 and set AcceptRanges to true so I could get Safari to play mp4. This also works fine. However since applying the upgrade the content type for mp4 is no longer sent back to the client. Why ?
// Add a handler for statically served content
ResourceHandler resourceHandler = new ResourceHandler();
MimeTypes mimeTypes = new MimeTypes();
mimeTypes.addMimeMapping("mp4", "video/mp4");
resourceHandler.setMimeTypes(mimeTypes);
resourceHandler.setAcceptRanges(true);
resourceHandler.setResourceBase("content");
handlerCollection.addHandler(resourceHandler);
// This handle will deal with unhandled requests in the server. For requests for favicon.ico, the Jetty icon is served.
// For all other requests a normal 404 is served.
handlerCollection.addHandler(new DefaultHandler());
Filed Issue #1823 eclipse/jetty.project
Jetty guys got back with a workaround, bug will be fixed going forward. The following works
// Add a handler for statically served content
ResourceHandler resourceHandler = new ResourceHandler();
resourceHandler.setAcceptRanges(true);
resourceHandler.setResourceBase("content");
// Create a content handler, add the above resource handler and add a mime type for mp4
ContextHandler context = new ContextHandler("/");
context.setHandler(resourceHandler);
MimeTypes mimeTypes = new MimeTypes();
mimeTypes.addMimeMapping("mp4", "video/mp4");
context.setMimeTypes(mimeTypes);
HandlerList handlers = new HandlerList();
handlers.addHandler(context);
// This handle will deal with unhandled requests in the server. For requests for favicon.ico, the Jetty icon is served.
// For all other requests a normal 404 is served.
handlers.addHandler(new DefaultHandler());
I am using RESTEasy Proxy Framework to call my Rest-Services. I would like to use preemptive authentication with the proxy framework.
Thats my current Code:
public void callSomeService() throws Exception {
RegisterBuiltin.register(ResteasyProviderFactory.getInstance());
DefaultHttpClient client = new DefaultHttpClient();
UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(
USERNAME, PASSWORD);
AuthScope authscope = new AuthScope(AuthScope.ANY_HOST,
AuthScope.ANY_PORT, AuthScope.ANY_REALM);
client.getCredentialsProvider().setCredentials(authscope, credentials);
ApacheHttpClient4Executor executer = new ApacheHttpClient4Executor(client);
dummyResource = ProxyFactory.create(DummyResource.class,
"http://localhost:8888/myapp/rest/", executer);
// Do some calls here
}
When I monitor the traffic of my application, the Rest-Service gets called twice:
First the client receives an 401 Error (UNAUTHORIZED)
In the second request there is the Authorization Header added and everything works
fine.
What I actually want to do is that the Authorization Header is already added in the first request! How can I do that?
I am using RESTEasy 2.3.5! I also read the documentation (http://docs.jboss.org/resteasy/docs/2.3.5.Final/userguide/html_single/index.html#transport_layer) where is an example given for preemptive authentication, which actually doesnt work, because of this code:
BasicScheme basicAuth = new BasicScheme();
authCache.put("com.bluemonkeydiamond.sippycups", basicAuth);
You're right, the example in the documentation does not compile. Try replacing the string "com.bluemonkeydiamond.sippycups" with an instance of HttpHost. The HttpHost class has several constructors so be sure to look at the JavaDocs. The simplest constructor takes a string. For example,
BasicScheme basicAuth = new BasicScheme();
authCache.put(new HttpHost("com.bluemonkeydiamond.sippycups"), basicAuth);
im building a little web app that uses jetty 8 as server and websockets.
On client (browser) side: the user opens with his browser my index.html and that opens and establishes a new WebSocket connection with my jetty server.
On server side, i have a WebSocketServlet that listens on incomming WebSocket connection.
#Override
public WebSocket doWebSocketConnect(HttpServletRequest request, String arg1) {
System.out.println("doWebSocketConnect");
System.out.println("WebSocket "+request.getSession().getId());
return new UserWebSocket(request.getSession());
}
UserWebSocket is a class that implements jetty's WebSocket.OnTextMessage interface for receiving and sending messages via websockets.
So far so good, everything works fine so far.
So what i now want to do, is to work with HttpSession to identify the current user, because
the index.html site can also do some ajax calls on other (non WebSocket) Servlets, like submit some simple form data via HTTP POST etc.
For example have a look at my SearchServlet:
public class SearchServlet extends HttpServlet{
...
#Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
System.out.println(request.getSession());
}
...
}
My problem is, that this two servlets (WebSocketServlet and SearchServlet) have two diffrent HttpSession object with two diffrent HttpSession ids:
for exmaple my WebSocketServlet have got the session id = 1dwp0u93ght5w1bcr12cl2l8gp on doWebSocketConnect() and the SearchServlet got the session id = 1sbglzngkivtf738w81a957pp, but the user is still in the same browser and on the same page (index.html) and have not reloaded the page etc. The time between establishing a WebSocket connection and the SearchServlet call is just a few seconds ...
Any suggestions?
EDIT: btw.
Both Servlets are in the same ServletContext:
ServletContextHandler servletContext = new ServletContextHandler(ServletContextHandler.SESSIONS);
servletContext.setContextPath("/servlets");
servletContext.addServlet(new ServletHolder( new MyWebSocketServlet()),"/liveCommunication");
servletContext.addServlet(new ServletHolder( new SearchServlet()),"/search");
There are two possible causes that I can see.
1 - Your server is not correctly configured. Since you haven't provided the details about how you're running Jetty, and how you've configured it, it's certainly possible that you've introduced a problem there.
2 - It's actually a timing issue.
I assume your index.html is static content, so it doesn't create a session on its own.
Within the index.html there is some javascript that will launch two separate requests. One as a WebSocket, the other as an XMLHttpRequest (AJAX). Since the 2 requests are launched simultaneously, they have the same set of cookies - which in this case is none.
In each case, since the request provides no cookies, the server must generate a new HTTP Session. There server does not know that the two requests are from the same client, so 2 separate HTTP sessions are created.
If that's the case, then you could fix it quite simply by putting a filter in front of the index.html, that forces the creation of the session.
In my Spring web application I need to make an HTTP request to a non-RESTful API, and parse the response body back as a String (it's a single-dimension CSV list).
I've used RestTemplate before, but this isn't RESTful and doesn't map nicely on to classes. Whenever I implement something like this 'by hand' (eg using HttpClient) I invariably find out later that Spring has a utility class that makes things much simpler.
Is there anything in Spring that will do this job 'out of the box'?
If you look at the source of RestTemplate you will find that internally it uses
java.net.URL
and
url.openConnection()
that is the standard way in Java to make HTTP calls, so you are safe to use that. If there would be a "HTTP client" utility in spring then the RestTemplate would use that too.
I use the Spring Boot with Spring 4.3 Core inside and found a very simple way to make Http request and read responses by using OkHttpClient. Here is the code
Request request = new Request.Builder().method("PUT", "some your request body")
.url(YOUR_URL)
.build();
OkHttpClient httpClient = new OkHttpClient();
try
{
Response response = httpClient.newBuilder()
.readTimeout(1, TimeUnit.SECONDS)
.build()
.newCall(request)
.execute();
if(response.isSuccessful())
{
// notification about succesful request
}
else
{
// notification about failure request
}
}
catch (IOException e1)
{
// notification about other problems
}