如何在 Play!Framework WebSockets (“wss://") 中使用 TLS [英] How to use TLS in Play!Framework WebSockets ("wss://")

问题描述

我无法在使用 Play!Framework 2.2 创建的简单 WebSocket 应用程序中使用 wss://.它回显消息.端点是这样的

I cannot use wss:// in my simple WebSocket app created with Play!Framework 2.2. It echoes the message back. The endpoint is like this

def indexWS2 = WebSocket.using[String] {
  request => {
    println("got connection to indexWS2")

    var channel: Option[Concurrent.Channel[String]] = None
    val outEnumerator: Enumerator[String] = Concurrent.unicast(c => channel = Some(c))

    // Log events to the console
    val myIteratee: Iteratee[String, Unit] = Iteratee.foreach[String] {gotString => {
      println("received: " + gotString)

      // send string back
      channel.foreach(_.push("echoing back "" + gotString + """))
    }}

    (myIteratee, outEnumerator)
  }
}

并且路线被描述为

GET     /ws2                        controllers.Application.indexWS2

我从这样的 JS 客户端创建连接

I create a connection from a JS client like this

myWebSocket = new WebSocket("ws://localhost:9000/ws2");

一切正常.但是，如果我将 ws:// 更改为 wss:// 以使用 TLS，它会失败并且我收到以下 Netty 异常:

and everything works fine. But if I change ws:// into wss:// in order to use TLS, it fails and I get the following Netty exception:

[error] p.nettyException - Exception caught in Netty
java.lang.IllegalArgumentException: empty text

我怎样才能做到这一点?谢谢.

How can I make this work? Thanks.

推荐答案

我真的很想为您解决这个问题！但我不喜欢这个答案.似乎还没有对 websockets 的 SSL 的 Play 支持.在这里看到它的提及并且没有任何进展的迹象，因为:http://grokbase.com/t/gg/play-framework/12cd53wst9/2-1-https-and-wss-secure-websocket-clarifications-and-documentation

I really wanted to figure this out for you! But I didn't like the answer. It appears there's no Play support yet for SSL for websockets. Saw mention of it here and no sign of progress since: http://grokbase.com/t/gg/play-framework/12cd53wst9/2-1-https-and-wss-secure-websocket-clarifications-and-documentation

然而，还有希望！您可以使用 nginx 作为安全的 websocket (wss) 端点，以转发到具有不安全 websocket 端点的内部播放应用程序:

However, there's hope! You can use nginx as a secure websocket (wss) endpoint, to forward to a internal play app with a insecure websocket endpoint:

页面http://siriux.net/2013/06/nginx-and-websockets/ 为 nginx 提供了此解释和示例代理配置:

The page http://siriux.net/2013/06/nginx-and-websockets/ provided this explanation and sample proxy config for nginx:

目标:WSS SSL 端点:将 wss|https://ws.example.com 转发到 ws|http://ws1.example.com:10080

Goal: WSS SSL Endpoint: forwards wss|https://ws.example.com to ws|http://ws1.example.com:10080

代理也是 WSS 和 HTTPS 连接的 SSL 端点.因此客户端可以使用 wss://连接(例如来自通过 HTTPS 提供服务的页面)，这在代理服务器损坏等情况下效果更好."

"The proxy is also an SSL endpoint for WSS and HTTPS connections. So the clients can use wss:// connections (e.g. from pages served via HTTPS) which work better with broken proxy servers, etc."

server {
    listen       443;
    server_name  ws.example.com;

    ssl on;
    ssl_certificate ws.example.com.bundle.crt;
    ssl_certificate_key ws.example.com.key;
    ssl_session_timeout 5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    location / {

        # like above

    }
}

Nginx 是如此轻量级和有趣.会毫不犹豫地选择这个选项.

Nginx is so lightweight and fun. Would not hesitate to go with this option.

这篇关于如何在 Play!Framework WebSockets (“wss://") 中使用 TLS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！