websocket was blocked by Nginx server

Jason Yu used Ask the Experts™

on 2016-08-19

I have a nginx server sitting before a java application server. The java application uses some websocket to connect to the clients.

I followed this article to update the nginx configurations. However, the application still not working properly. After I log into the application for a few seconds, i was kicked out from the web application. Any idea of this?

thanks.

https://chrislea.com/2013/02/23/proxying-websockets-with-nginx/

server {
listen 80 default_server;
listen [::]:80 default_server;
# server_name localhost;
# root /usr/share/nginx/html;

server_name localhost;
#root /usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
proxy_pass http://10.104.0.104;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}

I am not sure which log file you need, do you need nginx server's log file or java application log file?

I have java file as below:

08-21-2016 00:00:04 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:04 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:09 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:09 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:14 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:14 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://rt_messages expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - rt_messages toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 0, dequeueCount: 0
08-21-2016 00:00:18 DEBUG Queue:835 - queue://rt_messages expiring messages done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://rt_messages expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - rt_messages toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 0, dequeueCount: 0
08-21-2016 00:00:18 DEBUG Queue:835 - queue://rt_messages expiring messages done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://endOfDay expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - endOfDay toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 2, dequeueCount: 2
08-21-2016 00:00:18 DEBUG Queue:835 - queue://endOfDay expiring messages done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://endOfDay expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - endOfDay toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 2, dequeueCount: 2
08-21-2016 00:00:18 DEBUG Queue:835 - queue://endOfDay expiring messages done.
08-21-2016 00:00:19 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:19 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/css/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/js/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/images/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/**/favicon.ico'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/error'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/magento/**'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
08-21-2016 00:00:24 DEBUG HttpSessionSecurityContextRepository:140 - No HttpSession currently exists
08-21-2016 00:00:24 DEBUG HttpSessionSecurityContextRepository:91 - No SecurityContext was available from the HttpSession: null. A new one will be created.
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 4 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/logout'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 5 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:127 - Request 'GET /styles/main.css' doesn't match 'POST /login
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 6 of 13 in additional filter chain; firing Filter: 'ConcurrentSessionFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 7 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 8 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 9 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
08-21-2016 00:00:24 DEBUG AnonymousAuthenticationFilter:102 - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90556c3e: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1de6: RemoteIpAddress: 10.104.10.4; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 10 of 13 in additional filter chain; firing Filter: 'CorsFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/pressop'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/finisinghop'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/shippingop'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/login'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/#/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/bower_components/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/styles/**'
08-21-2016 00:00:24 DEBUG FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL: /styles/main.css; Attributes: [permitAll]
"averyRoll.log" 139399L, 17090915C

View Solution Only

gheist

Top Expert 2015

Commented: 2016-08-20

Probably backend sends own hostname in other parameter than host header....

Jason Yu

Author

could you explain a little bit more, I couldn't understand what you said.

thanks.

Commented: 2016-08-21

Can you post relevant log lines to prove that you will be able to understand if I detail more?

Commented: 2016-08-22

It is NOT nginx access/error log.

Commented: 2016-09-06

Dear esteem experts, I got it resolved by adding the following four lines. Although I resolved it by adding these four lines, but I still don't understand the reason why it created this issue. Could anyone explain this to me? The issue was we was able to log into the java web application, but after logged in, we were kicked out right away. By adding the following four lines, we resolved the problem.

thank you.

proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;

[root@nginxserver jyu]# vi /etc/nginx/nginx.conf

access_log /var/log/nginx/access.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;

include /etc/nginx/mime.types;
default_type application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;

index index.html index.htm;

server {
listen 80 default_server;
listen [::]:80 default_server;
# server_name localhost;
# root /usr/share/nginx/html;

server_name localhost;
#root /usr/share/nginx/html;

# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;

location / {
proxy_pass http://10.104.0.104;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;

# added by jason for Ufuk
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}

# redirect server error pages to the static page /40x.html
#
error_page 404 /404.html;
location = /40x.html {
}

Commented: 2016-09-10

Incomplete input incomplete answer.

websocket was blocked by Nginx server

Premium Content

Premium Content

Explore our Suite of Services