Skip to content
Snippets Groups Projects
Commit 67c55002 authored by Paul Gregoire's avatar Paul Gregoire
Browse files

Minor logic update; doc updates

parent 0f3eafb1
Branches
No related tags found
No related merge requests found
{
"java.configuration.updateBuildConfiguration": "automatic"
}
\ No newline at end of file
{
"folders": [
{
"path": "."
}
],
"settings": {
"java.configuration.updateBuildConfiguration": "automatic"
}
}
\ No newline at end of file
Error:
Cannot support TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 with currently installed providers
Fix:
Install the JSSE unlimited strength ciphers
Error:
javax.net.ssl.SSLProtocolException: Handshake message sequence violation, 1
Fix:
Turn off useClientMode on the rtmpsMinaIoHandler bean in red5-core.xml (off by default)
http://ir5rtc.red5.org/demos/publisher.html
rtmp://ir5rtc.red5.org/webrtc
rtmps://ir5rtc.red5.org:8443/webrtc
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_13172, data:
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:15:08:68:74:74:70:2f:31:2e:31:08:73:70:64:79:2f:33:2e:31:02:68:32
Unsupported extension type_30032, data:
http://www.sans.org/reading-room/whitepapers/authentication/ssl-tls-whats-hood-34297
http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html
http://stackoverflow.com/questions/26633349/disable-ssl-as-a-protocol-in-httpsurlconnection?rq=1
http://stackoverflow.com/questions/28293068/java-7-ssl-changes-with-java-6
...@@ -21,7 +21,7 @@ The IP addresses and ports identified for `ws` and `wss` in the `conf/jee-contai ...@@ -21,7 +21,7 @@ The IP addresses and ports identified for `ws` and `wss` in the `conf/jee-contai
### Building for JDK8 ### Building for JDK8
Use this command to build for JDK8 since we are currently moving over to JDK11 builds: `mvn clean install -Djava.release.level=8 -Dmaven.compiler.source=1.8 -Dmaven.compiler.target=1.8` Use this command to build for JDK8 since we've moved to JDK11: `mvn clean install -Djava.release.level=8 -Dmaven.compiler.source=1.8 -Dmaven.compiler.target=1.8`
## Tomcat Server ## Tomcat Server
...@@ -34,8 +34,6 @@ Websocket plug-in is integrated into the Tomcat plugin as of this latest release ...@@ -34,8 +34,6 @@ Websocket plug-in is integrated into the Tomcat plugin as of this latest release
This plugin is meant to provide websocket functionality for applications running in red5. The code is constructed to comply with [rfc6455](http://tools.ietf.org/html/rfc6455) and [JSR365](https://www.oracle.com/technetwork/articles/java/jsr356-1937161.html). This plugin is meant to provide websocket functionality for applications running in red5. The code is constructed to comply with [rfc6455](http://tools.ietf.org/html/rfc6455) and [JSR365](https://www.oracle.com/technetwork/articles/java/jsr356-1937161.html).
The previous Red5 WebSocket plugin was developed with assistence from Takahiko Toda and Dhruv Chopra. The previous Red5 WebSocket plugin was developed with assistence from Takahiko Toda and Dhruv Chopra.
## Configuration ## Configuration
...@@ -148,11 +146,11 @@ To bind to more than one IP address / port, add additional `httpConnector` or `h ...@@ -148,11 +146,11 @@ To bind to more than one IP address / port, add additional `httpConnector` or `h
</list> </list>
</property> </property>
``` ```
*Note* *Note*
If you are not using unlimited strength JCE (ex. you are outside the USA), your cipher suite selections will fail if any containing `AES_256` are specified. If you are not using unlimited strength JCE (ex. you are outside the USA), your cipher suite selections will fail if any containing `AES_256` are specified.
Adding WebSocket to an Application Adding WebSocket to an Application
------------------------ ------------------------
...@@ -162,13 +160,16 @@ To enable websocket support in your application, add this to your appStart() met ...@@ -162,13 +160,16 @@ To enable websocket support in your application, add this to your appStart() met
WebSocketScopeManager manager = ((WebSocketPlugin) PluginRegistry.getPlugin(WebSocketPlugin.NAME)).getManager(scope); WebSocketScopeManager manager = ((WebSocketPlugin) PluginRegistry.getPlugin(WebSocketPlugin.NAME)).getManager(scope);
manager.setApplication(this); manager.setApplication(this);
``` ```
For clean-up add this to appStop(): For clean-up add this to appStop():
``` ```
WebSocketScopeManager manager = ((WebSocketPlugin) PluginRegistry.getPlugin(WebSocketPlugin.NAME)).getManager(scope); WebSocketScopeManager manager = ((WebSocketPlugin) PluginRegistry.getPlugin(WebSocketPlugin.NAME)).getManager(scope);
manager.stop(); manager.stop();
``` ```
Lastly, the websocket filter must be added to each web application that will act as a websocket end point. In the webapp descriptor `webapps/myapp/WEB-INF/web.xml` add this entry alongside any other filters or servlets. Lastly, the websocket filter must be added to each web application that will act as a websocket end point. In the webapp descriptor `webapps/myapp/WEB-INF/web.xml` add this entry alongside any other filters or servlets.
```xml ```xml
<!-- WebSocket filter --> <!-- WebSocket filter -->
<filter> <filter>
...@@ -183,7 +184,9 @@ Lastly, the websocket filter must be added to each web application that will act ...@@ -183,7 +184,9 @@ Lastly, the websocket filter must be added to each web application that will act
<dispatcher>FORWARD</dispatcher> <dispatcher>FORWARD</dispatcher>
</filter-mapping> </filter-mapping>
``` ```
To support subprotocols, add them as a comma-delimited string in the `web.xml`: To support subprotocols, add them as a comma-delimited string in the `web.xml`:
```xml ```xml
<!-- WebSocket subprotocols --> <!-- WebSocket subprotocols -->
<context-param> <context-param>
...@@ -191,24 +194,26 @@ To support subprotocols, add them as a comma-delimited string in the `web.xml`: ...@@ -191,24 +194,26 @@ To support subprotocols, add them as a comma-delimited string in the `web.xml`:
<param-value>chat,json</param-value> <param-value>chat,json</param-value>
</context-param> </context-param>
``` ```
The plugin will default to allowing any requested subprotocol if none are specified.
The plugin will default to allowing any requested subprotocol if none are specified.
Extending the WebSocket Endpoint Extending the WebSocket Endpoint
--------------------------- ---------------------------
Implementers may extend the default websocket endpoint class provided by this plugin `org.red5.net.websocket.server.DefaultWebSocketEndpoint`. The first step is to become familiar with the class and then `extend` it in your application; once that is complete, your class must be placed in the `lib` directory of your Red5 server, not the `webapps/yourapp/WEB-INF/lib` directory. Lastly, in your webapp descriptor `webapps/yourapp/WEB-INF/web.xml` file, an entry named `wsEndpointClass` will need to be made for your class: Implementers may extend the default websocket endpoint class provided by this plugin `org.red5.net.websocket.server.DefaultWebSocketEndpoint`. The first step is to become familiar with the class and then `extend` it in your application; once that is complete, your class must be placed in the `lib` directory of your Red5 server, not the `webapps/yourapp/WEB-INF/lib` directory. Lastly, in your webapp descriptor `webapps/yourapp/WEB-INF/web.xml` file, an entry named `wsEndpointClass` will need to be made for your class:
```xml ```xml
<context-param> <context-param>
<param-name>wsEndpointClass</param-name> <param-name>wsEndpointClass</param-name>
<param-value>com.mydomain.websocket.MyWebSocketEndpoint</param-value> <param-value>com.mydomain.websocket.MyWebSocketEndpoint</param-value>
</context-param> </context-param>
``` ```
One reason to extend the endpoint for your own use is because the default endpoint implementation only handles text data.
One reason to extend the endpoint for your own use is because the default endpoint implementation only handles text data.
Security Features Security Features
------------------- -------------------
Since WebSockets don't implement Same Origin Policy (SOP) nor Cross-Origin Resource Sharing (CORS), we've implemented a means to restrict access via configuration using SOP / CORS logic. To configure the security features, edit your `conf/jee-container.xml` file and locate the bean displayed below: Since WebSockets don't implement Same Origin Policy (SOP) nor Cross-Origin Resource Sharing (CORS), we've implemented a means to restrict access via configuration using SOP / CORS logic. To configure the security features, edit your `conf/jee-container.xml` file and locate the bean displayed below:
```xml ```xml
<bean id="tomcat.server" class="org.red5.server.tomcat.TomcatLoader" depends-on="context.loader" lazy-init="true"> <bean id="tomcat.server" class="org.red5.server.tomcat.TomcatLoader" depends-on="context.loader" lazy-init="true">
<property name="websocketEnabled" value="true" /> <property name="websocketEnabled" value="true" />
...@@ -221,19 +226,19 @@ Since WebSockets don't implement Same Origin Policy (SOP) nor Cross-Origin Resou ...@@ -221,19 +226,19 @@ Since WebSockets don't implement Same Origin Policy (SOP) nor Cross-Origin Resou
</array> </array>
</property> </property>
``` ```
Properties: Properties:
* [sameOriginPolicy](https://www.w3.org/Security/wiki/Same_Origin_Policy) - Enables or disables SOP. The logic differs from standard web SOP by *NOT* enforcing protocol and port. * [sameOriginPolicy](https://www.w3.org/Security/wiki/Same_Origin_Policy) - Enables or disables SOP. The logic differs from standard web SOP by *NOT* enforcing protocol and port.
* [crossOriginPolicy](https://www.w3.org/Security/wiki/CORS) - Enables or disables CORS. This option pairs with the `allowedOrigins` array. * [crossOriginPolicy](https://www.w3.org/Security/wiki/CORS) - Enables or disables CORS. This option pairs with the `allowedOrigins` array.
* allowedOrigins - The list or host names or fqdn which are to be permitted access. The default if none are specified is `*` which equates to any or all. * allowedOrigins - The list or host names or fqdn which are to be permitted access. The default if none are specified is `*` which equates to any or all.
Test Page Test Page
------------------- -------------------
Replace the wsUri variable with your applications path. Replace the wsUri variable with your applications path.
``` ```xml
<!DOCTYPE html> <!DOCTYPE html>
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>WebSocket Test</title> <title>WebSocket Test</title>
...@@ -250,4 +255,3 @@ https://github.com/Red5/red5-websocket-chat ...@@ -250,4 +255,3 @@ https://github.com/Red5/red5-websocket-chat
Pre-compiled JAR Pre-compiled JAR
---------------- ----------------
You can find [compiled artifacts via Maven](https://mvnrepository.com/artifact/org.red5/tomcatplugin) You can find [compiled artifacts via Maven](https://mvnrepository.com/artifact/org.red5/tomcatplugin)
...@@ -299,10 +299,9 @@ public class WebSocketScopeManager { ...@@ -299,10 +299,9 @@ public class WebSocketScopeManager {
*/ */
public void makeScope(String path) { public void makeScope(String path) {
log.debug("makeScope: {}", path); log.debug("makeScope: {}", path);
WebSocketScope wsScope = null;
if (!scopes.containsKey(path)) { if (!scopes.containsKey(path)) {
// new websocket scope // new websocket scope
wsScope = new WebSocketScope(); WebSocketScope wsScope = new WebSocketScope();
wsScope.setPath(path); wsScope.setPath(path);
notifyListeners(WebSocketEvent.SCOPE_CREATED, wsScope, null); notifyListeners(WebSocketEvent.SCOPE_CREATED, wsScope, null);
addWebSocketScope(wsScope); addWebSocketScope(wsScope);
...@@ -320,12 +319,11 @@ public class WebSocketScopeManager { ...@@ -320,12 +319,11 @@ public class WebSocketScopeManager {
public void makeScope(IScope scope) { public void makeScope(IScope scope) {
log.debug("makeScope: {}", scope); log.debug("makeScope: {}", scope);
String path = scope.getContextPath(); String path = scope.getContextPath();
WebSocketScope wsScope = null;
if (!scopes.containsKey(path)) { if (!scopes.containsKey(path)) {
// add the name to the collection (no '/' prefix) // add the name to the collection (no '/' prefix)
activeRooms.add(scope.getName()); activeRooms.add(scope.getName());
// new websocket scope for the server scope // new websocket scope for the server scope
wsScope = new WebSocketScope(); WebSocketScope wsScope = new WebSocketScope();
wsScope.setPath(path); wsScope.setPath(path);
wsScope.setScope(scope); wsScope.setScope(scope);
notifyListeners(WebSocketEvent.SCOPE_CREATED, wsScope, null); notifyListeners(WebSocketEvent.SCOPE_CREATED, wsScope, null);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment