I can see ChannelOption.CONNECT_TIMEOUT_MILLIS can be used in HTTP Server.
https://github.com/reactor/reactor-netty/blob/main/reactor-netty-examples/src/main/java/reactor/netty/examples/documentation/http/server/channeloptions/Application.java
But most document I can find is talking about connect timeout from client side.
https://projectreactor.io/docs/netty/release/reference/index.html#connection-timeout
I wonder what is the use case for CONNECT_TIMEOUT_MILLIS server side. The netty document is not clear about this.
I did some debug. Looks like the option set in server side was never read after set.
BTW: Spring boot also set this value when starting Webflux server. https://github.com/spring-projects/spring-boot/blob/44beb11d3866cb20d890c14f978a4fcfce2151a0/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java#L1340
Related
I have a process that runs in California that wants to talk to a process in New York, using Stomp over Websockets.
Also note that my process is not a web app, but I implemented a stomp over websocket client in C++, in order to connect things up to my backend. Maybe this was or wasn't a good idea. So, I want my client to talk to the server and subscribe, where their client pushed messages.
I was implementing my own server when I saw that ApacheMQ supported Stomp over Websockets. So, I started reading the docs.
It says with the last line under 'configuration' at
http://activemq.apache.org/websockets :
One thing worth noting is that web sockets (just as Ajax) implements ? > the same origin policy, so you can access only brokers running on the > same host as the web application running the client.
it says it again in several related searches such as http://sensatic.net/activemq/activemq-54-stomp-over-web-sockets.html
Is this a limitation of the server or the web client?
With that limitation, if I understand right, the server is not going to accept websocket connections from a client, of any kind, that is not on the same machine?
I am not sure I see the point of that...
If that is indeed its meaning, then how do I get around it in order to implement my scenario?
I've not found that bit of documentation you are referring to but from what I know of the STOMP implementation on the broker this seems incorrect. There shouldn't be any limit to the transport connector accepting connect requests from an outside host by default and I don't think the browser treats the websocket requests the same as it does other things like an Ajax case in terms of the same origin policy.
This probably a case that is best checked by actually trying it to see if it works, I've connected just fine from outside the same host using AMQP over websockets on ActiveMQ so I'd guess the STOMP stack should also work fine.
I am developing an application consisting of RESTful services communicating over HTTP. Spring Boot is providing the underlying support.
As part of my investigations, I am currently working with a known working example of a RESTful client and server that uses HTTPS/SSL/TLS ( https://github.com/indrabasak/spring-tls-example ). I have managed to successfully build, run the example and verify that it works.
Part of the client security configuration code involves setting up basic authorization on a org.springframework.boot.web.client.RestTemplateBuilder.
I am under the impression (perhaps incorrect) that authentication is not required. Am I right or wrong in this assumption?
I have been experimenting with trying to remove the authentication and when I run the example, the server emits output indicating that the action is "Unauthorized". On the client side, I get a 201 response (for a POST), but the JSON data does not contain the data I expect.
there doesn't seem to exist any configuration that enables HTTPS only access to neo4j databases.
I've tried disabling the HTTP connectors but neo4j needs at least one HTTP connector otherwise it wouldn't start the service at all.
I found that commenting out the HTTP connector would let the neo4j service start but triggers an error in all browsers except chrome that wouldn't let you connect to the database.
As far as my research has brought me. There is no neo4j-only solution to this problem at the moment.
From what I've read and found out there might be several possibilities like limiting http access to port 7474 from outside of your network and redirecting http to https.
I was not able to test them personally but it seems that there's no different way to do this.
For now http has to be enabled and configured for https to work.
I am using Spring Boot v1.1.9.RELEASE and I deploy my app to Heroku. I have just added an SSL certificate and it works fine, if I manually change the URL to HTTPS.
The problem is that after login, Spring Security switches back to HTTP. I've read-up on this and found that adding the following forces HTTPS for all requests which sounds like exactly what I want:
.and().requiresChannel().anyRequest().requiresSecure()
However, when I try this, I get a redirect loop error. I don't understand why the server would constantly redirect. I want every request to be HTTPS. So the above code tells the server to redirect to HTTPS if the request is HTTP which seems to work. But then it retries the redirect over and over. Does anyone know why it does this? The logs don't seem to be providing any insight into the behaviour.
Note: I also read somewhere that port-mapping may be the culprit but the suggested solution was to set a port mapping of 80 to 443 which as far as I know is the default setting. I tried it anyway and it made no difference.
The most likely reason is that the HTTPS connection is not terminated at the servlet container and the container is unable to differentiate between connections which are over HTTPS or HTTP.
Check whether the isSecure method on HttpServletRequest returns true when you make a request over HTTPS. If it doesn't then you need to find some way of configuring a Heroku application to allow the container to tell the difference. Most likely the router will set a header such as HTTP_X_FORWARDED_PROTO which the container can be configured to make use of. You can do this in tomcat using the RemoteIpValve but I don't know how much control you have over this in Heroku.
In Spring Boot the usage of the Forwarded-Headers (RFC 7239) can be activated in application.properties:
server.forward-headers-strategy=native
Reference: Spring Boot Documentation
I'm starting with Websockets and I have a problem.
I have a sails.js application that uses sockets to update the client side.
On the client side it makes an API call using socket.get("/api/v1/actor...") to bring all the items of the database. When I see what the WebSocket's traffic on the Chrome console:
As you can see, the connection has been established and the API call has been correctly done through the socket.
The problem is, there is no answer from the server, not even an error.
If I make the same API call using ajax, I get response, but it doesn't work using WebSockets.
Any idea what might be producing this behavior?
EDIT: I add here the code here that processes the request and this one here that sends the request, but the problem is that it never execute this code. I think we we are closer to the find the cause, since we think it has to do with a network problem. We figured there is an F5 reverse-proxy which is not properly set up to handle websockets
The answer didn't make any sense now that I've seen the code that's why I've edited it. I only answered because I could't comment on your question and ask you for the code.
Your calling code seems correct and the server side of things the process of response should be handled automatically by the framework, you only need to return some JSON in the controller method.
I instantiated a copy of the server (just changed the adapters to run it locally) and the server replied to the web socket requests (although I only tested the route '/index').
Normally when the problems are caused by a reverse proxy the socket simply refuses to connect and you can't even send data to server. Does the property "socket.socket.connected" returns true?
The best way to test is to write a small node application with socket.io client and test it in the same machine that the application server is running, then you can exclude network problems.