The code on the tomcat page does not have examples for wss. But I will look into his ngnix is configured
Thanks On Mar 29, 2017 1:15 PM, "Mark Eggers" <its_toas...@yahoo.com.invalid> wrote: > Sharat, > > On 3/29/2017 9:23 AM, Sharat Jagannath wrote: > > I get a 404 error when I call my server endpoint with wss. > > I'm using tomcat 9 which sits behind ngnix. Does that make a difference? > > here's how my server.xml looks like- > > > > > > <?xml version='1.0' encoding='utf-8'?> > > <!-- > > Licensed to the Apache Software Foundation (ASF) under one or more > > contributor license agreements. See the NOTICE file distributed with > > this work for additional information regarding copyright ownership. > > The ASF licenses this file to You under the Apache License, Version 2.0 > > (the "License"); you may not use this file except in compliance with > > the License. You may obtain a copy of the License at > > > > http://www.apache.org/licenses/LICENSE-2.0 > > > > Unless required by applicable law or agreed to in writing, software > > distributed under the License is distributed on an "AS IS" BASIS, > > WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > > See the License for the specific language governing permissions and > > limitations under the License. > > --> > > <!-- Note: A "Server" is not itself a "Container", so you may not > > define subcomponents such as "Valves" at this level. > > Documentation at /docs/config/server.html > > --> > > <Server port="8005" shutdown="SHUTDOWN"> > > <Listener className="org.apache.catalina.startup.VersionLoggerListener" > /> > > <!-- Security listener. Documentation at /docs/config/listeners.html > > <Listener className="org.apache.catalina.security.SecurityListener" /> > > --> > > <!--APR library loader. Documentation at /docs/apr.html --> > > <Listener className="org.apache.catalina.core.AprLifecycleListener" > > SSLEngine="on" /> > > <!-- Prevent memory leaks due to use of particular java/javax APIs--> > > <Listener > > className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> > > <Listener > > className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" > /> > > <Listener > > className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" > /> > > > > > > <!-- Global JNDI resources > > Documentation at /docs/jndi-resources-howto.html > > --> > > <GlobalNamingResources> > > <!-- Editable user database that can also be used by > > UserDatabaseRealm to authenticate users > > --> > > <Resource name="UserDatabase" auth="Container" > > type="org.apache.catalina.UserDatabase" > > description="User database that can be updated and saved" > > factory="org.apache.catalina.users. > MemoryUserDatabaseFactory" > > pathname="conf/tomcat-users.xml" /> > > </GlobalNamingResources> > > > > <!-- A "Service" is a collection of one or more "Connectors" that share > > a single "Container" Note: A "Service" is not itself a > "Container", > > so you may not define subcomponents such as "Valves" at this > level. > > Documentation at /docs/config/service.html > > --> > > <Service name="Catalina"> > > > > <!--The connectors can use a shared executor, you can define one or > > more named thread pools--> > > <!-- > > <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" > > maxThreads="150" minSpareThreads="4"/> > > --> > > > > > > <!-- A "Connector" represents an endpoint by which requests are > received > > and responses are returned. Documentation at : > > Java HTTP Connector: /docs/config/http.html > > Java AJP Connector: /docs/config/ajp.html > > APR (HTTP/AJP) Connector: /docs/apr.html > > Define a non-SSL/TLS HTTP/1.1 Connector on port 80 > > --> > > > > > > <Connector port="80" protocol="HTTP/1.1" > > connectionTimeout="20000" > > redirectPort="8443" URIEncoding="UTF-8" > > useBodyEncodingForURI="true" compression="on" compressionMinSize="2048" > > noCompressionUserAgents="gozilla, traviata" > > compressableMimeType="text/html,text/xml,text/plain,text/ > css,text/javascript" > > /> > > > > > > <!-- A "Connector" using the shared thread pool--> > > <!-- > > <Connector executor="tomcatThreadPool" > > port="8080" protocol="HTTP/1.1" > > connectionTimeout="20000" > > redirectPort="8443" /> > > --> > > <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 > > This connector uses the NIO implementation with the JSSE engine. > > When > > using the JSSE engine, the JSSE configuration attributes must be > > used. > > --> > > <!-- > > <Connector port="8443" > > protocol="org.apache.coyote.http11.Http11NioProtocol" > > maxThreads="150" SSLEnabled="true"> > > <SSLHostConfig> > > <Certificate certificateKeystoreFile="conf/keystore-rsa.pem" > > type="RSA" /> > > </SSLHostConfig> > > </Connector> > > --> > > <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2 > > This connector uses the APR/native implementation. When using > the > > APR/native implementation or the OpenSSL engine with NIO or NIO2 > > then > > the OpenSSL configuration attributes must be used. > > --> > > <!-- > > <Connector port="8443" > > protocol="org.apache.coyote.http11.Http11AprProtocol" > > maxThreads="150" SSLEnabled="true" > > > <UpgradeProtocol className="org.apache.coyote. > http2.Http2Protocol" > > /> > > <SSLHostConfig honorCipherOrder="false" > > > <Certificate certificateKeyFile="conf/localhost-rsa-key.pem" > > certificateFile="conf/localhost-rsa-cert.pem" > > certificateChainFile="conf/ > localhost-rsa-chain.pem" > > type="RSA" /> > > </SSLHostConfig> > > </Connector> > > --> > > > > <!-- Define an AJP 1.3 Connector on port 8009 --> > > <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> > > > > > > <!-- An Engine represents the entry point (within Catalina) that > > processes > > every request. The Engine implementation for Tomcat stand alone > > analyzes the HTTP headers included with the request, and passes > > them > > on to the appropriate Host (virtual host). > > Documentation at /docs/config/engine.html --> > > > > <!-- You should set jvmRoute to support load-balancing via AJP ie : > > <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> > > --> > > <Engine name="Catalina" defaultHost="localhost" jvmRoute="dev02"> > > > > > > <!--For clustering, please take a look at documentation at: > > /docs/cluster-howto.html (simple how to) > > /docs/config/cluster.html (reference documentation) --> > > <!-- > > <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> > > --> > > > > <!-- Use the LockOutRealm to prevent attempts to guess user > passwords > > via a brute-force attack --> > > <Realm className="org.apache.catalina.realm.LockOutRealm"> > > <!-- This Realm uses the UserDatabase configured in the global > JNDI > > resources under the key "UserDatabase". Any edits > > that are performed against this UserDatabase are immediately > > available for use by the Realm. --> > > <Realm className="org.apache.catalina.realm.UserDatabaseRealm" > > resourceName="UserDatabase"/> > > </Realm> > > > > <Host name="localhost" appBase="webapps" > > unpackWARs="true" autoDeploy="true"> > > > > <!-- SingleSignOn valve, share authentication between web > > applications > > Documentation at: /docs/config/valve.html --> > > <!-- > > <Valve className="org.apache.catalina.authenticator.SingleSignOn" > /> > > --> > > > > <!-- Access log processes all example. > > Documentation at: /docs/config/valve.html > > Note: The pattern used is equivalent to using > pattern="common" > > --> > > <Valve className="org.apache.catalina.valves.AccessLogValve" > > directory="logs" > > prefix="localHost_access_log" suffix=".txt" > > pattern="%h %l %u %t "%r" %s %b" /> > > > > </Host> > > </Engine> > > </Service> > > </Server> > > > > > > > > On Mar 29, 2017 6:24 AM, "calder" <calder....@gmail.com> wrote: > > > >> On Tuesday, March 28, 2017, Sharat Jagannath <sharsm...@gmail.com> > wrote: > >> > >>> how do i setup websocket on server side for using wss with tomcat > config? > >>> is there any config i need to do with tomcat? any certification to > setup? > >> > >> > >>> > >> > >> Read up using the How-to: > >> > >> https://tomcat.apache.org/tomcat-8.0-doc/web-socket-howto.html > >> > >> > >> http://tomcat-configure.blogspot.com/2014/05/tomcat-websock > >> et-example.html > >> > > > > Two things to try: > > 1. Have you tried to connect without using NGINX as a front end proxy? > > 2. Have you configured your NGINX server appropriately? > > See the following for configuring NGINX to act as a websocket proxy: > > http://nginx.org/en/docs/http/websocket.html > https://www.nginx.com/blog/websocket-nginx/ > > Also, see the following: > > http://tomcat.apache.org/tomcat-9.0-doc/web-socket-howto.html > > and follow the links to look at both the server and client side code. > > Please note that I've not done any of this, since I have Tomcat sitting > behind Apache HTTPD 2.2. I have not ported the proxy_wstunnel module > from Apache HTTPD 2.4 to 2.2. > > . . . just my two cents > /mde/ > > Please note that I've not done any of this. > > >