Apache
[SetupServers]

RemoteViz and Apache proxy

Summary

RemoteViz uses WebSocket protocol to make possible the communication between the client and the service. Without any web servers between the client and the RemoteViz service, a WebSocket connection can be established smoothly. However, in real environments, the web pages are handled by a web server and only the web server port is open from the outside (port 80 by default). To use the same port and domain for the HTTP requests and the Websocket requests, the websocket traffic has to be routed through the web server. This document explains how to configure Apache server to handle normal page requests and websocket traffic over the same port and domain.

Compatibility

Apache server supports the module "mod_proxy_wstunnel" from the version 2.4.10. This module requires the service of "mod_proxy". It provides support for the tunneling of web socket connections to a backend websockets server.

Apache Installation

Please refer to the Apache official documentation to install Apache HTTP Server:

For Microsoft Windows: http://httpd.apache.org/docs/current/platform/windows.html

For Unix systems: http://httpd.apache.org/docs/current/install.html

Apache Configuration

In the next section, we consider that the Apache web server is bound to the public port 80 (non-SSL) or 443 (SSL) and the RemoteViz service is bound to the private port 8080 (behind a firewall). The "httpd.conf" file is used to configure Apache server. To proxy Websocket requests from your server, you have to enable the modules "mod_proxy_wstunnel" and "mod_proxy". To do this, add or uncomment the following lines:

   LoadModule proxy_module modules/mod_proxy.so

   LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
 

Then inside a "VirtualHost" block, add a "Location" block. This block describes how Websocket requests are handled. Here is an example of the configuration that is used to handle the WebSocket requests directed at "/RemoteViz".

Without Secure Sockets Layer (SSL) encryption:

    <VirtualHost *:80>
     # Replace "yourdomain" by your public domain name server (DNS)
     ServerName yourdomain
     DocumentRoot "${path}"
     # Route websocket to the RemoteViz Service
     <Location /RemoteViz>
       # Replace "remoteviz_service_ip" by the RemoteViz service IP address
       ProxyPass ws://remoteviz_service_ip:8080
       ProxyPassReverse ws://remoteviz_service_ip:8080
     </Location>
    </VirtualHost>
 

With Secure Sockets Layer (SSL) encryption:

    <VirtualHost *:443>
     SSLEngine on
     SSLProxyEngine on
     # Set the path to the public certificate file
     SSLCertificateFile "conf/ssl/ssl-cert.crt"
     # Set the path to the private key file
     SSLCertificateKeyFile "conf/ssl/ssl-private.key"
     # Set the path to the Intermediate Certificate
     SSLCertificateChainFile "conf/ssl/CA_Bundle.pem"
     # Replace "yourdomain" by your public domain name server (DNS)
     ServerName yourdomain
     DocumentRoot "${path}"
     # Route secure websocket to the RemoteViz Service
     <Location /RemoteViz>
       # Replace "remoteviz_service_ip" by the RemoteViz service IP address
       ProxyPass wss://remoteviz_service_ip:8080
       ProxyPassReverse wss://remoteviz_service_ip:8080
     </Location>
    </VirtualHost>
 

The apache websocket proxy module is based on URI. Each HTTP requests containing "/RemoteViz" in the URI will be considered as a Websocket connection and will be redirected to port 8080.

HTML Client Configuration

The last step is the modification of the websocket connection address in the HTML client file. In the file index.html, replace the line:

    theRenderArea.connectTo("ws://127.0.0.1:8080/RenderAreaName");
 

by the line for using non-SSL:

    theRenderArea.connectTo("ws://yourdomain/RemoteViz/RenderAreaName");
 

or by the line for using SSL:

    theRenderArea.connectTo("wss://yourdomain/RemoteViz/RenderAreaName");