0

I have a Java Servlet that is a web application firewall. It forwards all legitimate traffic to the backend application it protects in a very simple way:

for (int length = 0; (length = input.read(byteBuffer)) > 0;) {
  output.write(byteBuffer, 0, length);
}

Here input and output are the servlet streams.

This works fine as long as requests are HTTP only (POST can be forwarded other way around) but WebSocket protocol cannot be forwarded this way.

Is it possible to forward WebSocket traffic between the two Java Streams in one or another way? I could check the path to know in advance there it will be WebSocket traffic.

Audrius Meškauskas
  • 20,936
  • 12
  • 75
  • 93
  • I am trying to figure out your scenario. Do you have a javax.servlet.Filter implementation where you execute your proxy logic and then parse the ServletRequest instance? edit: ok nevermind, guess it is just a HttpServlet instance – ben_wea Oct 22 '19 at 10:40
  • There is a Filter also but the application under protection is not a Java application. Because of that, after the Filter does its job, I still need to relay the request to another, remote server, and get the answer from there. The posted code in part of the Servlet, not part of the Filter. – Audrius Meškauskas Oct 22 '19 at 10:54
  • OK. And what do you mean the Websocket cannot be forwarded like that? What error do you get? – ben_wea Oct 22 '19 at 11:06
  • java.io.IOException: Server returned HTTP response code: 400 – Audrius Meškauskas Oct 22 '19 at 11:56

0 Answers0