Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Hi Jon,

No this is the first time we try web sockets and we have 9.0.5.x installed so i don't know if it has been working before this release. 

Regards



------------------------------
Mikael
------------------------------

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael
------------------------------

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support
------------------------------

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Thanks, i have made a pmr.

After som more digging i found the rfc : RFC 6455 - The WebSocket Protocol 

On page 17:
2. The method of the request MUST be GET, and the HTTP version MUST
be at least 1.1.

So that why it fails in my case it sends a http/1.0 to my server and it does not support it.

Regards

------------------------------
Mikael
------------------------------

Original Message:
Sent: 08-23-2018 19:43
From: Nick Lloyd
Subject: WebSocket

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Hey Nick and Jon,

We just upgraded to FP5 and the strangest thing is, websocket isn't working on iPAD and Iphone devices.

WE get this in the trace logs:

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason phrase: 'Connection closed: Read failed.  Possible end of stream encountered. '

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason code: 'UNEXPECTED_CONDITION'

So even the simple native template page of specifying the PolicyID=policyid&username=username
Then a push notification happens -> fingerprint is done successfully.. But the browser both Chrome and Safari in iPads and iPhones are not getting success from the websocket. 

Any ideas?

------------------------------
Pierre Passin
------------------------------

Original Message:
Sent: 08-23-2018 19:43
From: Nick Lloyd
Subject: WebSocket

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Pierre,

What is FP5?  Do you mean SAM 9.0.5.0?

If you DO mean 9.0.5.0 then I suggest you open  a support case because I'm not sure what would cause web socket to fail on an upgrade and not aware of any configuration you could modify to fix.

I just tried authenticating to our demo site (https://verify.securitypoc.com) using IBM Verify with a browser on my iPhone.  It worked fine for me.  Maybe try that on your iOS devices too to verify device side?

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------

Original Message:
Sent: 09-17-2018 02:55
From: Pierre Passin
Subject: WebSocket

Hey Nick and Jon,

We just upgraded to FP5 and the strangest thing is, websocket isn't working on iPAD and Iphone devices.

WE get this in the trace logs:

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason phrase: 'Connection closed: Read failed.  Possible end of stream encountered. '

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason code: 'UNEXPECTED_CONDITION'

So even the simple native template page of specifying the PolicyID=policyid&username=username
Then a push notification happens -> fingerprint is done successfully.. But the browser both Chrome and Safari in iPads and iPhones are not getting success from the websocket. 

Any ideas?

------------------------------
Pierre Passin

Original Message:
Sent: 08-23-2018 19:43
From: Nick Lloyd
Subject: WebSocket

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Yes, FP 5 I meant FP5 of ISAM 9.0.

We've opened a case TS001374326 2 days ago. And yes, we've tested the same iPhones and iPads on verify.securitypoc.com which worked. We figured that verify.securitypoc.com either is not on 9.0.5 or it is but is beefed up with different kinds of fixes.


------------------------------
Pierre Passin
------------------------------

Original Message:
Sent: 09-18-2018 06:58
From: Jon Harry
Subject: WebSocket

Pierre,

What is FP5?  Do you mean SAM 9.0.5.0?

If you DO mean 9.0.5.0 then I suggest you open  a support case because I'm not sure what would cause web socket to fail on an upgrade and not aware of any configuration you could modify to fix.

I just tried authenticating to our demo site (https://verify.securitypoc.com) using IBM Verify with a browser on my iPhone.  It worked fine for me.  Maybe try that on your iOS devices too to verify device side?

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 09-17-2018 02:55
From: Pierre Passin
Subject: WebSocket

Hey Nick and Jon,

We just upgraded to FP5 and the strangest thing is, websocket isn't working on iPAD and Iphone devices.

WE get this in the trace logs:

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason phrase: 'Connection closed: Read failed.  Possible end of stream encountered. '

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason code: 'UNEXPECTED_CONDITION'

So even the simple native template page of specifying the PolicyID=policyid&username=username
Then a push notification happens -> fingerprint is done successfully.. But the browser both Chrome and Safari in iPads and iPhones are not getting success from the websocket. 

Any ideas?

------------------------------
Pierre Passin

Original Message:
Sent: 08-23-2018 19:43
From: Nick Lloyd
Subject: WebSocket

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Hi Pierre,

I was intrigued by your problem so I did some additional testing.  I found that I got the same (failure) results in my original 9.0.4.0 environment when using iOS.  This made me think the issue might not be related to 9.0.5.0 upgrade.

Reviewing the WebSEAL request.log I can see that no web socket request is ever received from iOS.  I added a tracepoint to the login_wait.html page could see that the web socket open is immediately calling the error event.  Sadly, no information is available from this.

In the end I found an article which says that on iOS Web Sockets are not permitted to sites that have untrusted certificates.  In my case I have a self-signed certificate in my test environment.  I wondered if maybe in you upgrade test environment you are also using an untrusted certificate?

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------

Original Message:
Sent: 09-18-2018 23:14
From: Pierre Passin
Subject: WebSocket

Yes, FP 5 I meant FP5 of ISAM 9.0.

We've opened a case TS001374326 2 days ago. And yes, we've tested the same iPhones and iPads on verify.securitypoc.com which worked. We figured that verify.securitypoc.com either is not on 9.0.5 or it is but is beefed up with different kinds of fixes.


------------------------------
Pierre Passin

Original Message:
Sent: 09-18-2018 06:58
From: Jon Harry
Subject: WebSocket

Pierre,

What is FP5?  Do you mean SAM 9.0.5.0?

If you DO mean 9.0.5.0 then I suggest you open  a support case because I'm not sure what would cause web socket to fail on an upgrade and not aware of any configuration you could modify to fix.

I just tried authenticating to our demo site (https://verify.securitypoc.com) using IBM Verify with a browser on my iPhone.  It worked fine for me.  Maybe try that on your iOS devices too to verify device side?

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 09-17-2018 02:55
From: Pierre Passin
Subject: WebSocket

Hey Nick and Jon,

We just upgraded to FP5 and the strangest thing is, websocket isn't working on iPAD and Iphone devices.

WE get this in the trace logs:

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason phrase: 'Connection closed: Read failed.  Possible end of stream encountered. '

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason code: 'UNEXPECTED_CONDITION'

So even the simple native template page of specifying the PolicyID=policyid&username=username
Then a push notification happens -> fingerprint is done successfully.. But the browser both Chrome and Safari in iPads and iPhones are not getting success from the websocket. 

Any ideas?

------------------------------
Pierre Passin

Original Message:
Sent: 08-23-2018 19:43
From: Nick Lloyd
Subject: WebSocket

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------

Interesting. However, we're using completely trusted certificates. Checked our devices and root certificate is there. 

Also we can see that the web socket connection reaches webseal from request.log and pdweb.debug and even reaches AAC.

thread(44) trace.pdweb.debug:2 /home/webseal/20180530-2309/src/pdweb/webseald/ras/trace/debug_log.cpp:176: ----------------- Browser ===> PD -----------------
Thread 44; fd 257; local 202.4.7.60:444; remote 175.158.193.90:55631
GET /mga/websock/mmfa-wss/82fba9bc-1f81-43f5-8d39-53f6ff245c16 HTTP/1.1
connection: Upgrade
host: mfa.adb.org
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_3 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A551 Safari/602.1
upgrade: websocket
origin: https://federationad.adb.org
sec-websocket-key: SDURu45uawmhwdqoDFQ3+w==
cache-control: no-cache
pragma: no-cache
sec-websocket-extensions: x-webkit-deflate-frame
sec-websocket-version: 13
Cookie: AMWEBJCT!%2Fmga!JSESSIONID=0000z3A2XtgFHXODl8yKbSuIBqx:3ea19088-1720-458d-b1bb-fb416ead7f71; AMWEBJCT!%2Fmga!BIGipServerapisamfed_pool_443=740628396.47873.0000; PD_STATEFUL_2c517fbe-295a-11e7-8d4b-0050568fe9a3=%2Fmga; PD-S-SESSION-ID=1_qO6M1wQMLZAW/RdOEbmjMRsacC0dS6Kd69okuwQkAVuTxdiut7w=_AAAAAAA=_yfLZSONKjWFDTrGkNmDVXdQKfuo=; WT_FPC=id=dfbf103f-9b4b-4c53-b940-eab7a0dae452:lv=1537173038128:ss=1537172316666

---------------------------------------------------


 thread(44) trace.pdweb.debug:2 /home/webseal/20180530-2309/src/pdweb/webseald/ras/trace/debug_log.cpp:176: ----------------- PD ===> BackEnd -----------------
Thread 44; fd 258; local 202.4.7.51:60636; remote 172.23.36.44:443
GET /websock/mmfa-wss/82fba9bc-1f81-43f5-8d39-53f6ff245c16 HTTP/1.1
connection: Upgrade
host: 172.23.36.44
iv-creds: Version=1, BAKs3DCCAnUMADCCAm8wggJrAgIJBQIBADCCAmAwggJcMIGuDBVBWk5fQ1JFRF9CUk9XU0VSX0lORk8wgZQwgZECAQQMgYlNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDEwXzBfMyBsaWtlIE1hYyBPUyBYKSBBcHBsZVdlYktpdC82MDIuMS41MCAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vMTAuMCBNb2JpbGUvMTRBNTUxIFNhZmFyaS82MDIuMQQAMCYMEkFaTl9DUkVEX0lQX0ZBTUlMWTAQMA4CAQQMB0FGX0lORVQEADArDBBBWk5fQ1JFRF9NRUNIX0lEMBcwFQIBBAwOSVZfVU5BVVRIX1YzLjAEADAzDBxBWk5fQ1JFRF9ORVRXT1JLX0FERFJFU1NfQklOMBMwEQIBBAwKMHhhZjllYzE1YQQAMDcMHEFaTl9DUkVEX05FVFdPUktfQUREUkVTU19TVFIwFzAVAgEEDA4xNzUuMTU4LjE5My45MAQAMCkMGUFaTl9DUkVEX1BSSU5DSVBBTF9ET01BSU4wDDAKAgEEDANhZGIEADAzDBdBWk5fQ1JFRF9QUklOQ0lQQUxfTkFNRTAYMBYCAQQMD3VuYXV0aGVudGljYXRlZAQAMC0MEUFaTl9DUkVEX1FPUF9JTkZPMBgwFgIBBAwPU1NLOiBUTFNWMTI6IDlDBAAwLgwSQVpOX0NSRURfVVNFUl9JTkZPMBgwFgIBBAwPdW5hdXRoZW50aWNhdGVkBAAwJwwQQVpOX0NSRURfVkVSU0lPTjATMBECAQQMCjB4MDAwMDA5MDUEAA==
iv-groups: Unauthenticated
iv-remote-address: 175.158.193.90
iv-user: Unauthenticated
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 10_0_3 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A551 Safari/602.1
via: HTTP/1.1 apsealdmz.adb.org:444
upgrade: websocket
origin: https://federationad.adb.org
sec-websocket-key: SDURu45uawmhwdqoDFQ3+w==
cache-control: no-cache
iv_server_name: mobile-adb.org-webseald-apsealdmz01
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: x-webkit-deflate-frame
Cookie: JSESSIONID=0000z3A2XtgFHXODl8yKbSuIBqx:3ea19088-1720-458d-b1bb-fb416ead7f71; BIGipServerapisamfed_pool_443=740628396.47873.0000; WT_FPC=id=dfbf103f-9b4b-4c53-b940-eab7a0dae452:lv=1537173038128:ss=1537172316666

---------------------------------------------------


thread(44) trace.pdweb.debug:2 /home/webseal/20180530-2309/src/pdweb/webseald/ras/trace/debug_log.cpp:220: ----------------- PD <=== BackEnd -----------------
Thread 44; fd 258; local 202.4.7.51:60636; remote 172.23.36.44:443
HTTP/1.1 101 Switching Protocols
connection: Upgrade
content-language: en-US
content-length: 0
date: Tue, 18 Sep 2018 02:51:34 GMT
upgrade: websocket
sec-websocket-accept: wZDXUt0xNw70k5sDtiwR1wwe5KA=

---------------------------------------------------

Then we see this chunk of logs from AAC, suggesting that the web socket connection got dropped.
[9/15/18 20:09:39:113 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint > MmfaWebSocketEndpoint.ctor() ENTRY
[9/15/18 20:09:39:113 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint < MmfaWebSocketEndpoint.ctor() RETURN
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint > onOpen ENTRY 271f4b87-b462-4e87-b4ab-41ca6e21d033
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint > sendTransactionStatusUpdate ENTRY 271f4b87-b462-4e87-b4ab-41ca6e21d033 pending
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 sendTransactionStatusUpdate Attempting to send status (sync), blocking until complete.
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint > toJson ENTRY 271f4b87-b462-4e87-b4ab-41ca6e21d033 pending
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint < toJson RETURN
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 sendTransactionStatusUpdate Closing session: false
[9/15/18 20:09:39:114 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint < sendTransactionStatusUpdate RETURN
[9/15/18 20:09:39:115 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint < onOpen RETURN
[9/15/18 20:09:39:264 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint > onClose ENTRY 271f4b87-b462-4e87-b4ab-41ca6e21d033
[9/15/18 20:09:39:264 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason phrase: 'Connection closed: Read failed. Possible end of stream encountered. '
[9/15/18 20:09:39:264 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason code: 'UNEXPECTED_CONDITION'
[9/15/18 20:09:39:265 MYT] 000001d3 id= ivoli.am.fim.mmfa.transaction.observer.MmfaTrxnPubSubFactory > unsubscribe(String) ENTRY 271f4b87-b462-4e87-b4ab-41ca6e21d033
[9/15/18 20:09:39:265 MYT] 000001d3 id= ivoli.am.fim.mmfa.transaction.observer.MmfaTrxnPubSubFactory < unsubscribe(String) RETURN
[9/15/18 20:09:39:265 MYT] 000001d3 id= i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint < onClose RETURN

------------------------------
Pierre Passin
------------------------------

Original Message:
Sent: 09-19-2018 05:07
From: Jon Harry
Subject: WebSocket

Hi Pierre,

I was intrigued by your problem so I did some additional testing.  I found that I got the same (failure) results in my original 9.0.4.0 environment when using iOS.  This made me think the issue might not be related to 9.0.5.0 upgrade.

Reviewing the WebSEAL request.log I can see that no web socket request is ever received from iOS.  I added a tracepoint to the login_wait.html page could see that the web socket open is immediately calling the error event.  Sadly, no information is available from this.

In the end I found an article which says that on iOS Web Sockets are not permitted to sites that have untrusted certificates.  In my case I have a self-signed certificate in my test environment.  I wondered if maybe in you upgrade test environment you are also using an untrusted certificate?

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 09-18-2018 23:14
From: Pierre Passin
Subject: WebSocket

Yes, FP 5 I meant FP5 of ISAM 9.0.

We've opened a case TS001374326 2 days ago. And yes, we've tested the same iPhones and iPads on verify.securitypoc.com which worked. We figured that verify.securitypoc.com either is not on 9.0.5 or it is but is beefed up with different kinds of fixes.


------------------------------
Pierre Passin

Original Message:
Sent: 09-18-2018 06:58
From: Jon Harry
Subject: WebSocket

Pierre,

What is FP5?  Do you mean SAM 9.0.5.0?

If you DO mean 9.0.5.0 then I suggest you open  a support case because I'm not sure what would cause web socket to fail on an upgrade and not aware of any configuration you could modify to fix.

I just tried authenticating to our demo site (https://verify.securitypoc.com) using IBM Verify with a browser on my iPhone.  It worked fine for me.  Maybe try that on your iOS devices too to verify device side?

Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 09-17-2018 02:55
From: Pierre Passin
Subject: WebSocket

Hey Nick and Jon,

We just upgraded to FP5 and the strangest thing is, websocket isn't working on iPAD and Iphone devices.

WE get this in the trace logs:

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason phrase: 'Connection closed: Read failed.  Possible end of stream encountered. '

[9/17/18 9:13:40:395 MYT] 00005718 id=         i.am.fim.war.runtime.liberty.websocket.MmfaWebSocketEndpoint 1 onClose Reason code: 'UNEXPECTED_CONDITION'

So even the simple native template page of specifying the PolicyID=policyid&username=username
Then a push notification happens -> fingerprint is done successfully.. But the browser both Chrome and Safari in iPads and iPhones are not getting success from the websocket. 

Any ideas?

------------------------------
Pierre Passin

Original Message:
Sent: 08-23-2018 19:43
From: Nick Lloyd
Subject: WebSocket

Hi,

My test program works fine with 9.0.5.0.
Best to get a Support Case open.

------------------------------
Nick Lloyd
ISAM Level II Support

Original Message:
Sent: 08-23-2018 08:26
From: Mikael Lindblad
Subject: WebSocket

Hi Jon.

I see that webseal changes the http header from 1.1 to 1.0 so I guess that is a bug,
The python code want's a HTTP/1.1. I have googled a bit but cannot find anyone using 1.0 when doing web sockets. This is the same in 9.0.4 and 9.0.5, I did a quick install to compare the versions.

Can you confirm my findings that they are right or wrong.? If it's a bug I will raise a pmr.

This is from a tcpdump.

GET / HTTP/1.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: en-US,en;q=0.5
connection: keep-alive, Upgrade
host: 1.2.3.4:8080
iv-groups: Unauthenticated
iv-remote-address: 1.2.3.4
iv-user: Unauthenticated
user-agent: Mozilla/5.0
via: HTTP/1.1 unconfigured.appliance:80
upgrade: websocket
origin: moz-extension://e5451a0b-4a48-984a-b5df-76bb9e0838d1
sec-websocket-key: S7XzaOQkxtFXthkt8npgKQ==
cache-control: no-cache
iv_server_name: default-webseald-unconfigured.appliance
pragma: no-cache
sec-websocket-version: 13
sec-websocket-extensions: permessage-deflate

HTTP/1.1 400 Bad Request
Date: Thu, 23 Aug 2018 10:50:25 GMT
Server: Python/3.6 websockets/6.0
Content-Length: 23
Content-Type: text/plain
Connection: close

Malformed HTTP message

------------------------------
Mikael

Original Message:
Sent: 08-23-2018 03:17
From: Jon Harry
Subject: WebSocket

Mikael,

Is this something that is failing since an upgrade to 9.0.5.0 or this is the first time you're tried it?   I know that Web Sockets work fine in 9.0.4.0 but have not explicitly tested on 9.0.5.0 myself yet.

Cheers... Jon.

------------------------------
Jon Harry
Consulting IT Security Specialist
IBM

Original Message:
Sent: 08-22-2018 07:56
From: Mikael Lindblad
Subject: WebSocket

Hi,

Is anyone using websockets in isam 9.0.5.x i have tried to set it up but it does not upgrade the connection to ws.

https://www.ibm.com/support/knowledgecenter/en/SSPREK_9.0.5/com.ibm.isam.doc/wrp_config/task/con_websocket_adv_jct.html

Ibm		remove preview
View this on Ibm >

What i've done.

In the webseal configuration.

[websocket]
max-worker-threads = 10

Added a tcp junction pointing to the server that hosts the websocket.

The websocket server code looks like this. (python3)

#!/usr/bin/env python

import asyncio
import websockets

async def echo(websocket, path):
async for message in websocket:
print(message)

print("Starting websockets")
asyncio.get_event_loop().run_until_complete(websockets.serve(echo, '1,2,3,4', 8080))
asyncio.get_event_loop().run_forever()

I use the mozilla firefox as browser and use the "WebSocket Client plugin"
and the endpoint looks like this -> ws://1.2.3.4/ws/

If i connect locally without ISAM it works but not via ISAM.

Have i missed something?

Regards

------------------------------
Mikael
------------------------------