Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Spring WebSocket Connecting with SockJS to a different domain

WebSockets in Spring is a rather new topic that I;m tiring to find a bit more.

My problem is with connecting to a service from a different domain, I'm working on with Lineman building the front-end side and Spring Boot when doing the back-end side, with that I have these apps on two different ports : 8000 and 8080 on localhost.

I had issues with the 'Access-Control-Allow-Origin' header but I have resolved it by adding a filter on the server side which added the allowed origin to the header. After this I started to get the following error on connection:

GET http://localhost:8080/socket/info 403 (Forbidden) AbstractXHRObject._start @ sockjs-0.3.4.js:807 (anonymous function) @sockjs-0.3.4.js:841 

I don't have Spring Security in the project so this is not an authorization issue, the error points to sockJS : that.xhr.send(payload); - where payload is never defined.I tried but couldn't find the root of the call where is may began.

I was thinking if I need to add some additional information to either SockJS and Stomp when setting the connection, but there is not much of examples and notes in both wiki pages of this tools.

Bellow you will find the connection JS code.

var socket = new SockJS("http://localhost:8080/socket"); client = Stomp.over(socket);  client.connect({'login': BoatsGame.userName,                     'passcode': 'guest'},             function (frame) { ....  The Server Side has a MessageBroker configured :       @Configuration @EnableWebSocketMessageBroker public class MessageBrokerConfig extends AbstractWebSocketMessageBrokerConfigurer {  @Bean public ServletServerContainerFactoryBean createWebSocketContainer() {      ServletServerContainerFactoryBean container = new ServletServerContainerFactoryBean();      container.setMaxTextMessageBufferSize(8192);      container.setMaxBinaryMessageBufferSize(8192);      return container; }  @Override public void configureMessageBroker(MessageBrokerRegistry config) {      //config.enableStompBrokerRelay("/queue", "/topic");      config.enableSimpleBroker("/queue", "/topic","/user");      config.setApplicationDestinationPrefixes("/BoatBattleGame"); }  @Override public void registerStompEndpoints(StompEndpointRegistry stompEndpointRegistry) {     stompEndpointRegistry.addEndpoint("/socket").withSockJS(); } } 

I Also tried setting up a MessageHandler as it has the option to set OriginAllowe when configuring, but I'm not sure how it is connected to the broker.

Last think, this setup works correctly when running on one port.

like image 840
Sniady Avatar asked May 28 '15 09:05

Sniady


People also ask

Is SockJS WebSocket?

SockJS is a browser JavaScript library that provides a WebSocket-like object. SockJS gives you a coherent, cross-browser, Javascript API which creates a low latency, full duplex, cross-domain communication channel between the browser and the web server. Under the hood SockJS tries to use native WebSockets first.

What is SockJS fallback?

Over the public Internet, restrictive proxies outside your control may preclude WebSocket interactions, either because they are not configured to pass on the Upgrade header or because they close long-lived connections that appear to be idle.

Is STOMP deprecated?

This project is no longer maintained. If you encounter bugs with it or need enhancements, you can fork it and modify it as the project is under the Apache License 2.0.


2 Answers

Jax's anwesr was correct :)

The registerStompEndpoints method gives us the opportunity to set the Allowed Origins. We need to add it before the "withSockJs()" option.

    @Override     public void registerStompEndpoints(StompEndpointRegistry stompEndpointRegistry) {         stompEndpointRegistry.addEndpoint("/BO/socket").setAllowedOrigins("*").withSockJS();     } 
like image 189
Sniady Avatar answered Oct 07 '22 21:10

Sniady


To anyone getting to this ticket because of the 403 Forbidden answer when trying to connect through a SockJsClient to a different domain:

The problem arises when trying to make a GET to the /info Url, as part of the handshaking. The response actually returns a 200 via WGET as well as via browser. Only through SockJsClient it doesn't work.

After trying different solutions, the only one that really fixed the issue is to write a class that implements Transport and InfoReceiver. In this way the developer can directly handle this part of the handshake. Basically you make the work in the executeInfoRequest() method:

@Override public String executeInfoRequest(URI infoUrl, HttpHeaders headers) {     HttpGet getRequest = new HttpGet(infoUrl); // eventually add headers here     HttpClient client = HttpClients.createDefault();      try {         HttpResponse response = client.execute(getRequest);         List<String> responseOutput = IOUtils.readLines(response.getEntity().getContent());          return responseOutput.get(0);     } catch (IOException ioe) {         ...     } } 

I defined TransportType.XHR as transport type.

like image 37
Mauro Avatar answered Oct 07 '22 19:10

Mauro