javawebsocketopenshiftwildfly

wss failed for Wildfly 9 on openshift


I have been following the websocket tutorial here and everything went well: http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/HomeWebsocket/WebsocketHome.html

And I deployed this application to openshift using Wildfly, everything is good. ws is working on port 8000.

Now I am trying to secure the websocket using wss. Here is what I did:

In the web.xml, I added:

<security-constraint>
    <display-name>Secure WebSocket Endpoint</display-name>
    <web-resource-collection>
        <web-resource-name>Secure WebSocket Endpoint</web-resource-name>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

And then in my client, I replaced "ws" with "wss" and changed the port from 8000 to 8443 so it looks like:

wss://fakeappname.rhcloud.com:8443/actions

After deploying the updated app to OpenShift, I noticed the web page was redirected to https, which is good. But the wss simply doesn't work, with no error msg.

I search on the Internet for 2 days and tried a lot of different methods, but none of them worked.

I also tried to add a https-listener in the .openshift/config/standalone.xml:

<https-listener name="default-https" socket-binding="https" security-realm="ApplicationRealm"/>

where "ApplicationRealm" is defined as:

<security-realm name="ApplicationRealm">
                <authentication>
                    <local default-user="$local" allowed-users="*" skip-group-loading="true"/>
                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
                <authorization>
                    <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
                </authorization>
            </security-realm>

But it didn't work either. I have no idea why it worked in http but it doesn't when security is enforced.

Please help! Any hints will be appreciated!


Solution

  • After days of research, it turns out that the url-pattern should be /jsf-pages/*, then the wss works.