-
Bug
-
Resolution: Done
-
Major
-
7.24.0.Final, 7.25.0.Final, 7.28.0.Final
-
None
-
-
NEW
-
NEW
We're upgrading our business-central server from 7.23.0 to 7.28.0. We're noticing that our kie-servers can no longer connect via websocket to business-central:
Server logs:
Oct 28 12:56:43 business-central-1 business-central[18870]: #033[0m#033[0m12:56:43,962 INFO [org.kie.server.controller.websocket.notification.WebSocketNotificationService] (Thread-123) WebSocket notify on updated :: Updated server template{serverTemplate=ServerTemplateKey
Unknown macro: {id='host.subdomain.x.com', name='host.subdomain.x.com'}, resetBeforeUpdate=false}
Oct 28 12:56:43 business-central-1 business-central[18870]: #033[0m#033[0m12:56:43,963 INFO [org.kie.server.controller.websocket.notification.WebSocketNotificationService] (Thread-123) WebSocket notify on instance disconnected :: ServerInstanceDisconnectedUnknown macro: {serverInstanceId='host.subdomain.x.com@host.subdomain.x.com}
Client logs:
Oct 28 20:21:53 host kie-server[1375]: #033[0m#033[33m20:21:53,090 WARN [org.kie.server.common.KeyStoreHelperUtil] (KieServer-ControllerConnect) Unable to load key store. Using password from configuration
Oct 28 20:21:53 host kie-server[1375]: #033[0m#033[33m20:21:53,146 WARN [org.kie.server.controller.websocket.client.WebSocketKieServerControllerImpl] (KieServer-ControllerConnect) Exception encountered while syncing with controller at wss://business-central-1.x.com/business-central/websocket/controller/host.subdomain.x.com error Invalid response code 403
The actual break occurred between 7.23.0 and 7.24.0, as 7.24.0 produces the same error message: Invalid response code 403.
The user that kie-server is connecting to business-central with has kie-server as a group, but that doesn't seem to help. We're running business-central on Wildfly 14.0.1.
I'm looking through the commits for a web.xml change for filtering web reources but can't seem to find anything. Actually, I'm not even sure which github project I should be looking in: https://github.com/kiegroup
tcpdump from 7.24.0+ versions(none worked):
GET /business-central/websocket/controller/apps-3-staging HTTP/1.1
Authorization: Basic <base64-stuff-here>
Sec-WebSocket-Key: YZ5r8liCJKut6VJ2YG7sPQ==
Connection: upgrade
Sec-WebSocket-Version: 13
Upgrade: websocket
Host: localhost:8080HTTP/1.1 403 Forbidden
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-Powered-By: JSP/2.3
Set-Cookie: JSESSIONID=cBz0q1sK09Fq2jtXA8Mad1FHPKxvQ38akKGNMP9R.business-central-1; path=/business-central; HttpOnly; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:00 GMT
Pragma: no-cache
Date: Mon, 28 Oct 2019 18:23:21 GMT
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Content-Length: 1102
Content-Language: en-
tcpdump from 7.23.0 version(which works):
GET /business-central/websocket/controller/apps-3-staging HTTP/1.1
Authorization: Basic <base64-stuff-here>
Sec-WebSocket-Key: yhykxYXh0z+KF0Zv/8P76g==
Connection: upgrade
Sec-WebSocket-Version: 13
Host: localhost:8080
Upgrade: websocketHTTP/1.1 101 Switching Protocols
Connection: Upgrade
Set-Cookie: JSESSIONID=UCZsXbdV1ZUjTBTOcbP9j-ppd3y2NH0mzOqPQcjP.business-central; path=/business-central; HttpOnly
Sec-WebSocket-Location: wss://business-central-1/business-central/websocket/controller/apps-3-staging
X-XSS-Protection: 1; mode=block
Upgrade: WebSocket
X-FRAME-OPTIONS: SAMEORIGIN
Sec-WebSocket-Accept: 6qSH/TZNvoukpIE+ZJYulWzGge0=
Date: Mon, 28 Oct 2019 17:21:57 GMT
