Configuring the load balancer for WebSockets

WebSockets enable efficient real-time data exchange between the client and the server. However by default, the WebSocket connection is blocked by the Apache load balancer. If your Apache server is running an N4 load balancer, follow the instructions below to enable the WebSocket:

To configure the load balancer for WebSockets:

1. In the machine running the load balancer, locate the Apache HTTP Server configuration file under C:\Apache24\conf\httpd.conf.

2. Uncomment the following line:

LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

3. Add the following segment before the sparcn4 load balancer definition.

<IfModule proxy_wstunnel_module>

      <Proxy "balancer://sparcsn4ws">

       BalancerMember "ws://<hostname>:<port>" route=worker1

      </Proxy>

       ProxyPass /apex/navisWebSocketEntryPoint "balancer://sparcsn4ws/apex/navisWebSocketEntryPoint"

       </IfModule>

Below is a snippet from the httpd.conf file with the changes highlighted.

4. If the cross-origin resource sharing has been enabled, on the load balancer, you can update the domain. Make sure you have enabled CORS for Apache load balancer (on page 1).

1. In the httpd.conf configuration file, update the line with the fully qualified domain names or IP addresses:

Header always set Access-Control-Allow-Origin "https://load-balancer-fqdn-1,https://load-balancer-fqdn-2, https://load-balancer-fqdn-3"

• Replace https://load-balancer-fqdn with the load balancer’s fully qualified domain name or IP address. Use a comma-separated list for multiple domain names. Using the asterisk (*) as the allowed origin would allow CORS requests from any origin.

• If the load balancer does not have SSL enabled, then the allowed origin should be specified using HTTP protocol instead of HTTPS (eg. http://load-balancer-fqdn)

5. Restart the load balancer.

If you are not using a load balancer, you can update CORS in the N4 web.xml configuration file if you need to add domains. You should have already enabled CORS for Tomcat (on page 1).

1. Modify the web.xml file in the N4 Cluster Node machine as follows to enable cross-origin resource sharing (CORS). For example, to allow CORS access from https://xyz.com and http://10.10.xx.xx, define the web.xml file as follows:

<filter>

    <filter-name>CorsFilter</filter-name>

    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>

    <async-supported>true</async-supported>

    <init-param>

        <param-name>cors.allowed.origins</param-name>

        <param-value>https://xyz.com, http://10.10.xx.xx</param-value>

    </init-param>

Below is an excerpt with the changes in the web.xml file:

2. Restart the N4 service.

Enable CORS for Tomcat

If you are not using a load balancer, then you should the enable cross-origin resource sharing (CORS) security filter on the N4 Tomcat servers.

If you are using a load balancer, you do not need to do the following steps. Instead, you should enable CORS on the load balancer (on page 1).

To enable CORS in Tomcat:

1. On the N4 node, locate the web.xml configuration file and edit the file.

• For Windows, the default location is C:\Program Files\Navis\sparcsn4\webapps\apex\WEB-INF\.

• For Linux, the default location is /opt/navis/application/sparcsn4/webapps/apex/WEB-INF\.

2. Add the following configuration:

<!-- Cors Filter -->

<filter>

  <filter-name>CorsFilter</filter-name>

  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>

  <init-param>

    <param-name>cors.allowed.origins</param-name>

    <param-value>https://allowed-origin-fqdn</param-value>

    <!-- For N4, cors.allowed.origins value can be empty when load balancer is not used, but when LB is used it is recommend to use the LB configuration to enable CORS, if for some reason LB configuration is not used for enabling CORS and if web.xml is used to enable CORS then this value must at least contain the load balancer's fully qualified domain name -->

  </init-param>

  <init-param>

    <param-name>cors.allowed.methods</param-name>

    <param-value>GET,POST,PUT,DELETE,HEAD,OPTIONS</param-value>

  </init-param>

  <init-param>

    <param-name>cors.allowed.headers</param-name>

    <param-value>Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>

  </init-param>

  <init-param>

    <param-name>cors.exposed.headers</param-name>

    <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>

  </init-param>

  <async-supported>true</async-supported>

</filter>

<filter-mapping>

  <filter-name>CorsFilter</filter-name>

  <url-pattern>/*</url-pattern>

</filter-mapping>

<!-- Cors Filter -->

• Replace https://load-balancer-fqdn with the load balancer’s fully qualified domain name or IP address. Use a comma-separated list for multiple domain names.

• Using the asterisk (*) as the allowed origin would allow CORS requests from any origin.

• If the load balancer does not have SSL enabled, then the allowed origin should be specified using HTTP protocol instead of HTTPS (eg. http://load-balancer-fqdn)

3. Restart the N4 service.

4. Repeat these steps for each N4 node and restart N4 service.