Skip to content
Snippets Groups Projects
Commit b36e6ad7 authored by Daniel Gerhardt's avatar Daniel Gerhardt
Browse files

Merge branch 'ws-proxy-support' into 'master'

Add proxy support for WebSocket connections

Configuration for Socket.IO has been refactored to support proxies and
replace ambiguous property names:
* Added API property `socketioPath` to `/configuration/`
* Added property `socketio.proxy-path`
* Removed property `security.ssl`
* Renamed properties:
  * `socketio.ip` -> `socketio.bind-address`
  * `security.keystore` -> `socketio.ssl.jks-file`
  * `security.storepass` -> `socketio.ssl.jks-password`

The default port to bind to has been changed from 10443 to 8090 since
SSL is not enabled by default. There is enough room (8081-8089) for
additional severs (e.g. `grunt run`) in development environments.

See merge request !27
parents 7a1265ea c056ae19
Branches
Tags
1 merge request!27Add proxy support for WebSocket connections
Pipeline #3343 passed with stages
in 3 minutes and 50 seconds
...@@ -59,11 +59,10 @@ public class ExtraConfig extends WebMvcConfigurerAdapter { ...@@ -59,11 +59,10 @@ public class ExtraConfig extends WebMvcConfigurerAdapter {
@Value(value = "${connector.username}") private String connectorUsername; @Value(value = "${connector.username}") private String connectorUsername;
@Value(value = "${connector.password}") private String connectorPassword; @Value(value = "${connector.password}") private String connectorPassword;
@Value(value = "${socketio.ip}") private String socketIp; @Value(value = "${socketio.bind-address}") private String socketAddress;
@Value(value = "${socketio.port}") private int socketPort; @Value(value = "${socketio.port}") private int socketPort;
@Value(value = "${security.ssl}") private boolean socketUseSll; @Value(value = "${socketio.ssl.jks-file:}") private String socketKeystore;
@Value(value = "${security.keystore}") private String socketKeystore; @Value(value = "${socketio.ssl.jks-password:}") private String socketKeystorePassword;
@Value(value = "${security.storepass}") private String socketStorepass;
@Value(value = "${security.cors.origins:}") private String[] corsOrigins; @Value(value = "${security.cors.origins:}") private String[] corsOrigins;
private static int testPortOffset = 0; private static int testPortOffset = 0;
...@@ -110,11 +109,11 @@ public class ExtraConfig extends WebMvcConfigurerAdapter { ...@@ -110,11 +109,11 @@ public class ExtraConfig extends WebMvcConfigurerAdapter {
@Bean(name = "socketServer", initMethod = "startServer", destroyMethod = "stopServer") @Bean(name = "socketServer", initMethod = "startServer", destroyMethod = "stopServer")
public ARSnovaSocket socketServer() { public ARSnovaSocket socketServer() {
final ARSnovaSocketIOServer socketServer = new ARSnovaSocketIOServer(); final ARSnovaSocketIOServer socketServer = new ARSnovaSocketIOServer();
socketServer.setHostIp(socketIp); socketServer.setHostIp(socketAddress);
socketServer.setPortNumber(socketPort); socketServer.setPortNumber(socketPort);
socketServer.setUseSSL(socketUseSll); socketServer.setUseSSL(!socketKeystore.isEmpty());
socketServer.setKeystore(socketKeystore); socketServer.setKeystore(socketKeystore);
socketServer.setStorepass(socketStorepass); socketServer.setStorepass(socketKeystorePassword);
return socketServer; return socketServer;
} }
...@@ -123,11 +122,11 @@ public class ExtraConfig extends WebMvcConfigurerAdapter { ...@@ -123,11 +122,11 @@ public class ExtraConfig extends WebMvcConfigurerAdapter {
public ARSnovaSocket socketTestServer() { public ARSnovaSocket socketTestServer() {
final int testSocketPort = 1234 + testPortOffset++ % 10; final int testSocketPort = 1234 + testPortOffset++ % 10;
final ARSnovaSocketIOServer socketServer = new ARSnovaSocketIOServer(); final ARSnovaSocketIOServer socketServer = new ARSnovaSocketIOServer();
socketServer.setHostIp(socketIp); socketServer.setHostIp(socketAddress);
socketServer.setPortNumber(socketPort + testSocketPort); socketServer.setPortNumber(socketPort + testSocketPort);
socketServer.setUseSSL(socketUseSll); socketServer.setUseSSL(!socketKeystore.isEmpty());
socketServer.setKeystore(socketKeystore); socketServer.setKeystore(socketKeystore);
socketServer.setStorepass(socketStorepass); socketServer.setStorepass(socketKeystorePassword);
return socketServer; return socketServer;
} }
......
...@@ -42,6 +42,9 @@ public class ConfigurationController extends AbstractController { ...@@ -42,6 +42,9 @@ public class ConfigurationController extends AbstractController {
@Value("${api.path:}") @Value("${api.path:}")
private String apiPath; private String apiPath;
@Value("${socketio.proxy-path:}")
private String socketioPath;
@Value("${customization.path}") @Value("${customization.path}")
private String customizationPath; private String customizationPath;
...@@ -167,6 +170,10 @@ public class ConfigurationController extends AbstractController { ...@@ -167,6 +170,10 @@ public class ConfigurationController extends AbstractController {
} }
config.put("apiPath", apiPath); config.put("apiPath", apiPath);
if (!"".equals(socketioPath)) {
config.put("socketioPath", socketioPath);
}
if (!"".equals(customizationPath)) { if (!"".equals(customizationPath)) {
config.put("customizationPath", customizationPath); config.put("customizationPath", customizationPath);
} }
......
...@@ -15,14 +15,17 @@ customization.path=/customization ...@@ -15,14 +15,17 @@ customization.path=/customization
mobile.path=/mobile mobile.path=/mobile
presenter.path=/presenter presenter.path=/presenter
# SSL configuration
security.ssl=false
security.keystore=/etc/arsnova/arsnova.jks
security.storepass=arsnova
# WebSockets server # WebSockets server
socketio.ip=0.0.0.0 socketio.bind-address=localhost
socketio.port=10443 socketio.port=8090
# SSL/TLS configuration
# To enable SSL for Socket.IO you have to import your key and certificate files into a Java Key Store. If you tunnel
# WebSocket connections through a proxy server, you can skip this configuration.
# See https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html
#
#socketio.ssl.jks-file=/etc/arsnova/arsnova.jks
#socketio.ssl.jks-password=arsnova
#socketio.proxy-path=/socket.io
# Admin accounts # Admin accounts
# Usernames of the accounts which are allowed to manage global messages of the # Usernames of the accounts which are allowed to manage global messages of the
......
...@@ -15,14 +15,17 @@ customization.path=/customization ...@@ -15,14 +15,17 @@ customization.path=/customization
mobile.path=/mobile mobile.path=/mobile
presenter.path=/presenter presenter.path=/presenter
# SSL configuration
security.ssl=false
security.keystore=/etc/arsnova/arsnova.jks
security.storepass=arsnova
# WebSockets server # WebSockets server
socketio.ip=0.0.0.0 socketio.bind-address=localhost
socketio.port=10443 socketio.port=8090
# SSL/TLS configuration
# To enable SSL for Socket.IO you have to import your key and certificate files into a Java Key Store. If you tunnel
# WebSocket connections through a proxy server, you can skip this configuration.
# See https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html
#
#socketio.ssl.jks-file=/etc/arsnova/arsnova.jks
#socketio.ssl.jks-password=arsnova
#socketio.proxy-path=/socket.io
# Admin accounts # Admin accounts
# Usernames of the accounts which are allowed to manage global messages of the # Usernames of the accounts which are allowed to manage global messages of the
......
...@@ -6,6 +6,6 @@ ...@@ -6,6 +6,6 @@
<bean id="socketServer" class="de.thm.arsnova.socket.ARSnovaSocketIOServer" <bean id="socketServer" class="de.thm.arsnova.socket.ARSnovaSocketIOServer"
init-method="startServer" destroy-method="stopServer" scope="singleton" init-method="startServer" destroy-method="stopServer" scope="singleton"
p:portNumber="11443" p:hostIp="${socketio.ip}" p:useSSL="${security.ssl}" p:keystore="${security.keystore}" p:portNumber="11443" p:hostIp="localhost" p:useSSL="false" p:keystore=""
p:storepass="${security.storepass}" /> p:storepass="" />
</beans> </beans>
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment