Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BDD8DF4EE for ; Mon, 1 Apr 2013 23:33:55 +0000 (UTC) Received: (qmail 33189 invoked by uid 500); 1 Apr 2013 23:33:55 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 33116 invoked by uid 500); 1 Apr 2013 23:33:54 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 33103 invoked by uid 99); 1 Apr 2013 23:33:54 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Apr 2013 23:33:54 +0000 X-ASF-Spam-Status: No, hits=1.8 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,HTML_MESSAGE,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jej2003@gmail.com designates 209.85.219.50 as permitted sender) Received: from [209.85.219.50] (HELO mail-oa0-f50.google.com) (209.85.219.50) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Apr 2013 23:33:49 +0000 Received: by mail-oa0-f50.google.com with SMTP id n1so2447272oag.37 for ; Mon, 01 Apr 2013 16:33:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=3WB2ZiOlJhi7sZDTwOBWn5eWAetrWPxLDVOLkpo6G5k=; b=H36F7HghI/LiLN64itMriusJmlPEgPHIhWorXyXds4Ehkoh5NFHdEVCEXjS7Sm/aSm ETgB49W9z0J+G0qj+wgbEnBpoMJ8c2t5woEKpn4bIotVnByJ9C+h5FfGi2F2GoK/I85C HtGSM5ReSfaM53y2WhTfEQzsJNBi1VB9L8gFiYRKFnKo+79SbKIZ2DupsNV3DQAmnwpS 4In7nFlgBoc5Nw8+1xbLOTcf4/EtH9ODteASpW2cCWildfnQoRYMJprHSUxBVBWU1xB9 KZ3WuPVlWNnaR1xRjIOhr146ukVhf2XCYAEedW5J79PTb4AWkrH/pfKbJiIrjC2NgoRj zSLg== MIME-Version: 1.0 X-Received: by 10.60.98.209 with SMTP id ek17mr4588834oeb.132.1364859208374; Mon, 01 Apr 2013 16:33:28 -0700 (PDT) Received: by 10.76.22.233 with HTTP; Mon, 1 Apr 2013 16:33:28 -0700 (PDT) Date: Mon, 1 Apr 2013 19:33:28 -0400 Message-ID: Subject: SSL Proxy Tunnel to Tomcat SSL WebSocket From: Jamie Johnson To: dev@httpd.apache.org Content-Type: multipart/alternative; boundary=089e0115fac648a01304d9550cb8 X-Virus-Checked: Checked by ClamAV on apache.org --089e0115fac648a01304d9550cb8 Content-Type: text/plain; charset=ISO-8859-1 Instead of jumping on an old thread I decided to repost as a separate question. Should proxying requests from wss:// to an apache tomcat server using wss:// work? From the logs (included below) it appears that the ws proxy tunnel is picking up and making the connection, but then it disconnects. I've tried to add some logging to tomcat, but I am not seeing the request hit the tomcat server, should this work or is there something else that needs to be done config wise (also included below)? [Fri Mar 29 17:23:20.386068 2013] [ssl:info] [pid 29972:tid 47105066768704] [client 10.81.1.12:64038] AH01964: Connection to child 2 established (server hostname:443) [Fri Mar 29 17:23:20.401204 2013] [ssl:debug] [pid 29972:tid 47105066768704] ssl_engine_kernel.c(1899): [client 10.81.1.12:64038] AH02041: Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits) [Fri Mar 29 17:23:20.418721 2013] [ssl:debug] [pid 29972:tid 47105066768704] ssl_engine_kernel.c(216): [client 10.81.1.12:64038] AH02034: Initial (No.1) HTTPS request received for child 2 (server hostname:443) [Fri Mar 29 17:23:20.418762 2013] [authz_core:debug] [pid 29972:tid 47105066768704] mod_authz_core.c(799): [client 10.81.1.12:64038] AH01626: authorization result of Require all granted: granted [Fri Mar 29 17:23:20.418773 2013] [authz_core:debug] [pid 29972:tid 47105066768704] mod_authz_core.c(799): [client 10.81.1.12:64038] AH01626: authorization result of : granted [Fri Mar 29 17:23:20.418821 2013] [proxy:debug] [pid 29972:tid 47105066768704] mod_proxy.c(1081): [client 10.81.1.12:64038] AH01143: Running scheme wss handler (attempt 0) [Fri Mar 29 17:23:20.418833 2013] [proxy_http:debug] [pid 29972:tid 47105066768704] mod_proxy_http.c(1909): [client 10.81.1.12:64038] AH01113: HTTP: declining URL wss://hostname:8443/alert/event [Fri Mar 29 17:23:20.418841 2013] [proxy_wstunnel:debug] [pid 29972:tid 47105066768704] mod_proxy_wstunnel.c(331): [client 10.81.1.12:64038] AH02451: serving URL wss://hostname:8443/alert/event [Fri Mar 29 17:23:20.418850 2013] [proxy:debug] [pid 29972:tid 47105066768704] proxy_util.c(2011): AH00942: WSS: has acquired connection for (hostname) [Fri Mar 29 17:23:20.418859 2013] [proxy:debug] [pid 29972:tid 47105066768704] proxy_util.c(2089): [client 10.81.1.12:64038] AH00944: connecting wss://hostname:8443/alert/event to hostname:8443 [Fri Mar 29 17:23:20.418869 2013] [proxy:debug] [pid 29972:tid 47105066768704] proxy_util.c(2218): [client 10.81.1.12:64038] AH00947: connected /alert/event to hostname:8443 [Fri Mar 29 17:23:20.418914 2013] [proxy:debug] [pid 29972:tid 47105066768704] proxy_util.c(2453): AH00951: WSS: backend socket is disconnected. ErrorLog "/usr/local/apache2/logs/error_log" TransferLog "/usr/local/apache2/logs/access_log" SSLEngine on SSLProxyEngine on ProxyPreserveHost on ProxyRequests off ProxyPass /event wss://hostname:8443/alert/event ProxyPassReverse /event wss://hostname:8443/alert/event ... --089e0115fac648a01304d9550cb8 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Instead of jumping on an old thread I decided to repost as= a separate question. =A0

Should proxying requests from= wss:// to an apache tomcat server using wss:// work? =A0From the logs (inc= luded below) it appears that the ws proxy tunnel is picking up and making t= he connection, but then it disconnects. =A0I've tried to add some loggi= ng to tomcat, but I am not seeing the request hit the tomcat server, should= this work or is there something else that needs to be done config wise (al= so included below)?

[Fri Mar 29 17:23:20.386068 2013] [ssl:info] [pid 29972:tid = 47105066768704] [client=A010.81.1.12:64038] AH01964: Connection to child 2 established (ser= ver hostname:443)
[Fri Mar 29 17:23:20.401204 2013] [ssl:debug] [pid 29972:tid 471050667= 68704] ssl_engine_kernel.c(1899): [client=A010.81.1.12:64038] AH02041: Protocol: TLSv1, Cip= her: DHE-RSA-AES256-SHA (256/256 bits)
[Fri Mar 29 17:23:20.418721 2013] [ssl:debug] [pid 29972:tid 471050667= 68704] ssl_engine_kernel.c(216): [client=A010.81.1.12:64038] AH02034: Initial (No.1) HTTPS = request received for child 2 (server hostname:443)
[Fri Mar 29 17:23:20.418762 2013] [authz_core:debug] [pid 29972:tid 47= 105066768704] mod_authz_core.c(799): [client=A010.81.1.12:64038] AH01626: authorization res= ult of Require all granted: granted
[Fri Mar 29 17:23:20.418773 2013] [authz_core:debug] [pid 29972:tid 47= 105066768704] mod_authz_core.c(799): [client=A010.81.1.12:64038] AH01626: authorization res= ult of <RequireAny>: granted
[Fri Mar 29 17:23:20.418821 2013] [proxy:debug] [pid 29972:tid 4710506= 6768704] mod_proxy.c(1081): [client=A010.81.1.12:64038] AH01143: Running scheme wss handler= (attempt 0)
[Fri Mar 29 17:23:20.418833 2013] [proxy_http:debug] [pid 29972:tid 47= 105066768704] mod_proxy_http.c(1909): [client=A010.81.1.12:64038] AH01113: HTTP: declining = URL wss://hostname:8443/alert/event
[Fri Mar 29 17:23:20.418841 2013] [proxy_wstunnel:debug] [pid 29972:ti= d 47105066768704] mod_proxy_wstunnel.c(331): [client=A010.81.1.12:64038] AH02451: serving U= RL wss://hostname:8443/alert/event
[Fri Mar 29 17:23:20.418850 2013] [proxy:debug] [pid 29972:tid 4710506= 6768704] proxy_util.c(2011): AH00942: WSS: has acquired connection for (hos= tname)
[Fri Mar 29 17:23:20.418859 2013] [proxy:debug] [pid 29972= :tid 47105066768704] proxy_util.c(2089): [client=A010.81.1.12:64038] AH00944: connecting ws= s://hostname:8443/alert/event to hostname:8443
[Fri Mar 29 17:23:20.418869 2013] [proxy:debug] [pid 29972:tid 4710506= 6768704] proxy_util.c(2218): [client=A010.81.1.12:64038] AH00947: connected /alert/event to= hostname:8443
[Fri Mar 29 17:23:20.418914 2013] [proxy:debug] [pid 29972:tid 4710506= 6768704] proxy_util.c(2453): AH00951: WSS: backend socket is disconnected.<= /div>


<VirtualHost _default_:443>

=A0 ErrorLog "/usr/local/apache2/logs/error_log"
=A0 TransferLog "/usr/local/apache2/logs/access_log"

=A0 SSLEngine on
=A0 SSLProxyEngine on
<= div>
=A0 ProxyPreserveHost on
=A0 ProxyRequests off

=A0 ProxyPass /event wss://hostname:8443/alert/event<= br>
=A0 ProxyPassReverse /event wss://hostname:8443/alert/event
=A0 ...
</VirtualHost>
--089e0115fac648a01304d9550cb8--