I have been following the websocket tutorial here and everything went well: http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/HomeWebsocket/WebsocketHome.html
And I deployed this application to openshift using Wildfly, everything is good. ws is working on port 8000.
Now I am trying to secure the websocket using wss. Here is what I did:
In the web.xml, I added:
<security-constraint>
<display-name>Secure WebSocket Endpoint</display-name>
<web-resource-collection>
<web-resource-name>Secure WebSocket Endpoint</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
And then in my client, I replaced "ws" with "wss" and changed the port from 8000 to 8443 so it looks like:
wss://fakeappname.rhcloud.com:8443/actions
After deploying the updated app to OpenShift, I noticed the web page was redirected to https, which is good. But the wss simply doesn't work, with no error msg.
I search on the Internet for 2 days and tried a lot of different methods, but none of them worked.
I also tried to add a https-listener
in the .openshift/config/standalone.xml
:
<https-listener name="default-https" socket-binding="https" security-realm="ApplicationRealm"/>
where "ApplicationRealm" is defined as:
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
But it didn't work either. I have no idea why it worked in http but it doesn't when security is enforced.
Please help! Any hints will be appreciated!
After days of research, it turns out that the url-pattern
should be /jsf-pages/*
, then the wss works.