Solved

websocket was blocked by Nginx server

Posted on 2016-08-19
7
25 Views
Last Modified: 2016-09-10
I have a nginx server sitting before a java application server.  The java application uses some websocket to connect to the clients.

I followed this article to update the nginx configurations. However, the application still not working properly. After I log into the application for a few seconds, i was kicked out from the web application. Any idea of this?

thanks.

https://chrislea.com/2013/02/23/proxying-websockets-with-nginx/



server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        # server_name  localhost;
        # root         /usr/share/nginx/html;

        server_name  localhost;
        #root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        proxy_pass http://10.104.0.104;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        }
0
Comment
Question by:Jason Yu
  • 4
  • 3
7 Comments
 
LVL 61

Accepted Solution

by:
gheist earned 500 total points (awarded by participants)
ID: 41763778
Probably backend sends own hostname in other parameter than host header....
0
 

Author Comment

by:Jason Yu
ID: 41764080
could you explain a little bit more, I couldn't understand what you said.

thanks.
0
 
LVL 61

Expert Comment

by:gheist
ID: 41764671
Can you post relevant log lines to prove that you will be able to understand if I detail more?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:Jason Yu
ID: 41764706
I am not sure which log file you need, do you need nginx server's log file or java application log file?

I have java file as below:

08-21-2016 00:00:04 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:04 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:09 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:09 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:14 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:14 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://rt_messages expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - rt_messages toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 0, dequeueCount: 0
08-21-2016 00:00:18 DEBUG Queue:835 - queue://rt_messages expiring messages done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://rt_messages expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - rt_messages toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 0, dequeueCount: 0
08-21-2016 00:00:18 DEBUG Queue:835 - queue://rt_messages expiring messages done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://endOfDay expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - endOfDay toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 2, dequeueCount: 2
08-21-2016 00:00:18 DEBUG Queue:835 - queue://endOfDay expiring messages done.
08-21-2016 00:00:18 DEBUG Queue:827 - queue://endOfDay expiring messages ..
08-21-2016 00:00:18 DEBUG Queue:1740 - endOfDay toPageIn: 0, Inflight: 0, pagedInMessages.size 0, enqueueCount: 2, dequeueCount: 2
08-21-2016 00:00:18 DEBUG Queue:835 - queue://endOfDay expiring messages done.
08-21-2016 00:00:19 DEBUG MessageDatabase:1304 - Checkpoint started.
08-21-2016 00:00:19 DEBUG MessageDatabase:1439 - Checkpoint done.
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/css/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/js/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/images/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/**/favicon.ico'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/error'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/magento/**'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
08-21-2016 00:00:24 DEBUG HttpSessionSecurityContextRepository:140 - No HttpSession currently exists
08-21-2016 00:00:24 DEBUG HttpSessionSecurityContextRepository:91 - No SecurityContext was available from the HttpSession: null. A new one will be created.
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 4 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/logout'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 5 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:127 - Request 'GET /styles/main.css' doesn't match 'POST /login
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 6 of 13 in additional filter chain; firing Filter: 'ConcurrentSessionFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 7 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 8 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 9 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
08-21-2016 00:00:24 DEBUG AnonymousAuthenticationFilter:102 - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90556c3e: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@1de6: RemoteIpAddress: 10.104.10.4; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 10 of 13 in additional filter chain; firing Filter: 'CorsFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
08-21-2016 00:00:24 DEBUG FilterChainProxy:337 - /styles/main.css at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/pressop'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/finisinghop'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/shippingop'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/login'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/#/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/bower_components/**'
08-21-2016 00:00:24 DEBUG AntPathRequestMatcher:145 - Checking match of request : '/styles/main.css'; against '/styles/**'
08-21-2016 00:00:24 DEBUG FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL: /styles/main.css; Attributes: [permitAll]
"averyRoll.log" 139399L, 17090915C
0
 
LVL 61

Expert Comment

by:gheist
ID: 41765668
It is NOT nginx access/error log.
0
 

Author Comment

by:Jason Yu
ID: 41786526
Dear esteem experts, I got it resolved by adding the following four lines.  Although I resolved it by adding these four lines, but I still don't understand the reason why it created this issue. Could anyone explain this to me? The issue was we was able to log into the java web application, but after logged in, we were kicked out right away. By adding the following four lines, we resolved the problem.

thank you.

        proxy_connect_timeout 300;
        proxy_send_timeout 300;
        proxy_read_timeout 300;
        send_timeout 300;


[root@nginxserver jyu]# vi /etc/nginx/nginx.conf

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    index   index.html index.htm;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        # server_name  localhost;
        # root         /usr/share/nginx/html;

        server_name  localhost;
        #root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        proxy_pass http://10.104.0.104;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;

        # added by jason for Ufuk
        proxy_connect_timeout 300;
        proxy_send_timeout 300;
        proxy_read_timeout 300;
        send_timeout 300;
        }

        # redirect server error pages to the static page /40x.html
        #
        error_page 404 /404.html;
            location = /40x.html {
        }
0
 
LVL 61

Expert Comment

by:gheist
ID: 41792480
Incomplete input incomplete answer.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
topping3 challenge 14 49
wordlen challenge 3 46
JAVA part two 5 40
get weblogic logged in user in java 2 40
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now