Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Status code 403 Forbidden issue for websocket creation byWSS |
|
| Author |
|
nishant4nishu
Joined: 09 Mar 2017
Posts: 1
Location: India
|
 Posted: Fri 10 Mar '17 10:35 Post subject: Status code 403 Forbidden issue for websocket creation byWSS |
 |
|
Hi,
I am creating a websocket connection to server using "wss" protocol from client. I have configured apache as proxy(mod proxy and mod_proxy_wstunnel.so module is enabled in Apache httpd.conf file) to my tomcat server. In apache VirtualHost for port 443 is created.Attached is Apache httpd.conf file for reference.Tomcat connector for ssl is mentioned below. I am getting response status code 403 Forbidden for websocket request sent from client using "wss" protocol. The same set-up works fine using "ws" protocol websocket connection on port 80 of apache proxied to port 8080 of tomcat.I assume that SSL handshake is failing in this scenario. Please suggest the solution.
Tomcat version:-9.0.0.M13
Apache version:- 2.4.23
======in Tomcat Server.xml connector configuration on port 443======
| Code: | <Connector port="8443" SSLEnabled="true"
scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
SSLCertificateFile="\conf\certificate.pem" SSLCertificateKeyFile="\conf\privkey.pem" /> |
===================sample websocket code for request creation From client ==================
| Code: | this.websocket = new WebSocket("wss://localhost:443/NG/nmsgServletApp/wsHandler/");
this.websocket.onopen = (evt) => {
this.websocket.send("Hello Nishant");
};
//nmsgServletApp:--> is my application name which is deployed in tomcat
//wsHandler:--> is the server side websocket handler mapping name
//NG:--> Proxy token for web-application deployed in Tomcat |
====================Apache virtual port configuration for request proxy to tomcat===================================
| Code: | <VirtualHost *:443>
SSLCertificateFile ../certificate.pem
SSLCertificateKeyFile ../privkey.pem
ServerAdmin abc@localhost.com
ServerName "localhost"
SSLEngine on
SSLProxyEngine on
SecRuleEngine On
ProxyRequests Off
/*Below is Proxy configuration for above web-application deployed in Tomcat */
ProxyPass /NG/nmsgServletApp/wsHandler wss://localhost:8443/nmsgServletApp/wsHandler
ProxyPassReverse /NG/nmsgServletApp/wsHandler wss://localhost:8443/nmsgServletApp/wsHandler
ProxyPass /NG https://localhost:8443/
ProxyPassReverse /NG https://localhost:8443/
/*Below is Proxy configuration for another application deployed in another server*/
ProxyPass / https://localhost:49101/ retry=10
ProxyPassReverse / https://localhost:49101/
<Proxy *>
ProxyPreserveHost Off
Order deny,allow
deny from all
Allow from all
SetOutputFilter DEFLATE
</Proxy>
</VirtualHost> |
==================================================================
Please let me know if some more info is required or my description of the problem is not clear.Please guide..
Thanks,
Nishant |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg
|
| Posted: Tue 14 Mar '17 11:49 Post subject: |
|
|
There is no longer
| Quote: | Order deny,allow
deny from all
Allow from all |
please use the new Apache 2.4 directives require |
|
| Back to top |
|
|
|
|
|
|
