Skip to content

Latest commit

 

History

History
160 lines (133 loc) · 6.81 KB

README.md

File metadata and controls

160 lines (133 loc) · 6.81 KB

red5-websocket

Websocket plug-in for Red5

This plugin is meant to provide websocket functionality for applications running in red5. The code is constructed to comply with rfc6455.

http://tools.ietf.org/html/rfc6455

Special thanks to Takahiko Toda and Dhruv Chopra for the initial ideas and source.

Configuration

Add the WebSocket transport to the jee-container.xml or red5.xml. If placing it in the red5.xml, ensure the bean comes after the plugin launcher entry.

To bind to one or many IP addresses and ports:

<bean id="webSocketTransport" class="org.red5.net.websocket.WebSocketTransport">
        <property name="addresses">
            <list>
            	<value>192.168.1.174</value>
            	<value>192.168.1.174:8080</value>
            	<value>192.168.1.174:10080</value>
            </list>
        </property>
</bean>

If you don't want to specify the IP:

<bean id="webSocketTransport" class="org.red5.net.websocket.WebSocketTransport">
	<property name="port" value="8080"/>
</bean>

To support secure communication (wss) add this:

    <bean id="webSocketTransportSecure" class="org.red5.net.websocket.WebSocketTransport">
        <property name="secureConfig">
            <bean id="webSocketSecureConfig" class="org.red5.net.websocket.SecureWebSocketConfiguration">
                <property name="keystoreFile" value="conf/keystore"/>
                <property name="keystorePassword" value="password"/>
                <property name="truststoreFile" value="conf/truststore"/>
                <property name="truststorePassword" value="password"/>
            </bean>
        </property>
        <property name="addresses">
            <list>
                <value>192.168.1.174:10081</value>
            </list>
        </property>
    </bean>

If you are not using unlimited strength JCE (you are outside the US), you may have to specify the cipher suites as shown below:

    <bean id="webSocketTransportSecure" class="org.red5.net.websocket.WebSocketTransport">
        <property name="secureConfig">
            <bean id="webSocketSecureConfig" class="org.red5.net.websocket.SecureWebSocketConfiguration">
                <property name="keystoreFile" value="conf/keystore"/>
                <property name="keystorePassword" value="password"/>
                <property name="truststoreFile" value="conf/truststore"/>
                <property name="truststorePassword" value="password"/>
                <property name="cipherSuites">
                    <array>
                        <value>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</value>
                        <value>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</value>
                        <value>TLS_ECDHE_RSA_WITH_RC4_128_SHA</value>
                        <value>TLS_RSA_WITH_AES_128_CBC_SHA256</value>
                        <value>TLS_RSA_WITH_AES_128_CBC_SHA</value>
                        <value>SSL_RSA_WITH_RC4_128_SHA</value>
                    </array>
                </property>
                <property name="protocols">
                    <array>
                        <value>TLSv1</value>
                        <value>TLSv1.1</value>
                        <value>TLSv1.2</value>
                    </array>
                </property>
            </bean>
        </property>
        <property name="addresses">
            <list>
                <value>192.168.1.174:10081</value>
            </list>
        </property>
    </bean>

Adding WebSocket to an Application

To enable websocket support in your application, add this to your appStart() method:

  WebSocketScopeManager manager = ((WebSocketPlugin) PluginRegistry.getPlugin("WebSocketPlugin")).getManager(scope);
  manager.setApplication(this);

For clean-up add this to appStop():

  WebSocketScopeManager manager = ((WebSocketPlugin) PluginRegistry.getPlugin("WebSocketPlugin")).getManager(scope);
  manager.stop();

Security Features

Since WebSockets don't implement Same Origin Policy (SOP) nor Cross-Origin Resource Sharing (CORS), we've implemented a means to restrict access via configuration using SOP / CORS logic. To configure the security features, edit your conf/jee-container.xml file and locate the bean displayed below:

    <bean id="webSocketTransport" class="org.red5.net.websocket.WebSocketTransport">
        <property name="addresses">
            <list>
                <value>${ws.host}:${ws.port}</value>
            </list>
        </property>
        <property name="sameOriginPolicy" value="false" />
        <property name="crossOriginPolicy" value="true" />
        <property name="allowedOrigins">
            <array>
                <value>localhost</value>
                <value>red5.org</value>
            </array>
        </property>
    </bean>

Properties:

  • sameOriginPolicy - Enables or disables SOP. The logic differs from standard web SOP by NOT enforcing protocol and port.
  • crossOriginPolicy - Enables or disables CORS. This option pairs with the allowedOrigins array.
  • allowedOrigins - The list or host names or fqdn which are to be permitted access. The default if none are specified is * which equates to any or all.

Test Page

Replace the wsUri variable with your applications path.

<!DOCTYPE html>  
<meta charset="utf-8" />  
<title>WebSocket Test</title>  
<script language="javascript" type="text/javascript">  
var wsUri = "ws://192.168.1.174:10080/myapp"; 
var output;  function init() { output = document.getElementById("output"); testWebSocket(); }  function testWebSocket() { websocket = new WebSocket(wsUri); websocket.onopen = function(evt) { onOpen(evt) }; websocket.onclose = function(evt) { onClose(evt) }; websocket.onmessage = function(evt) { onMessage(evt) }; websocket.onerror = function(evt) { onError(evt) }; }  function onOpen(evt) { writeToScreen("CONNECTED"); doSend("WebSocket rocks"); }  function onClose(evt) { writeToScreen("DISCONNECTED"); }  function onMessage(evt) { writeToScreen('<span style="color: blue;">RESPONSE: ' + evt.data+'</span>'); websocket.close(); }  function onError(evt) { writeToScreen('<span style="color: red;">ERROR:</span> ' + evt.data); }  function doSend(message) { writeToScreen("SENT: " + message);  websocket.send(message); }  function writeToScreen(message) { var pre = document.createElement("p"); pre.style.wordWrap = "break-word"; pre.innerHTML = message; output.appendChild(pre); }  window.addEventListener("load", init, false);  </script>  <h2>WebSocket Test</h2> <div id="output"></div>

Demo application project

https://github.com/Red5/red5-websocket-chat

Pre-compiled JAR

You can find compiled artifacts via Maven