Question

We have Node-RED application server, which defines end points for both HTTP and Web socket connections.

IOS and NAO robot are the clients who connect to Node-RED. Clients can connect to bluemix by using both WS and WSS.

How to stop WS connections and allow only WSS in bluemix ?
Regarding the webSocket authentication, web socket protocol does not define header details. What are the possible ways in Node-RED ?
Token based security is the alternative to resolve this issue. I have added node-red-contrib-auth npm to Node-RED and with that able to use the JsonWebToken node. JsonWebToken response provides token. Please let me know how to use token validation in Node-RED. (I only know the Node.js sample, http://iostreamer.me/ws/node.js/jwt/2016/05/08/websockets_authentication.html ) . Note : Think about the IOS and NAO-robot client is able to support.

Answer 1

Answer by Chunlong Liang (263) | Jan 17, 2017 at 09:27 AM

For your question 3, Liberty can be configured to accept JsonWebToken (JWT) as authentication token, see http://www.ibm.com/support/knowledgecenter/SSD28V_9.0.0/com.ibm.websphere.wlp.core.doc/ae/twlp_sec_config_oidc_jwt.html

0 Show 5 Share

RuchiraKariyawasam (3) Jan 18, 2017 at 06:41 AM 0

Share

With question 3. Yes. Java and Node.js clients can set headers.

In node.js client,

 var options = {headers : { "token": "12"} };
 ws = new WebSocket('wss://BluemixHost/wsTest1', options);

My issue is that headers are not visible in Node-RED web socket in node. How to view those headers and validate those in Node-RED ?

Ralph Earle (1262) Jan 18, 2017 at 10:37 AM 0

Share

@RuchiraKariyawasam, in case you do not get any further responses, consider asking your question again, based on what you now know. When a subject-matter expert sees that a question has been answered, they are less likely to give it attention.

Ralph Earle (1262) Jan 18, 2017 at 12:58 PM 0

Share

Follow-up question posted on Stack Overflow: http://stackoverflow.com/questions/41720123/disable-unsecure-websocket-calls-for-node-red-on-ibm-bluemix

RuchiraKariyawasam (3) Ralph Earle (1262) Jan 18, 2017 at 10:28 PM 0

Share

Yes. you have shared the stackoverflow question raised by me. I will ask rest of questions one by one as you said. Thank you.

RuchiraKariyawasam (3) Ralph Earle (1262) Jan 18, 2017 at 10:47 PM 0

Share

@RalphEarle : Anyway is that the approach we need to follow on IBM developer forum. It is opposite of stackoverflow since it is duplicate questions.

Criteria	Usage
Questions with keyword1 or keyword2	keyword1 keyword2
Questions with a mandatory word, e.g. keyword2	keyword1 +keyword2
Questions excluding a word, e.g. keyword2	keyword1 -keyword2
Questions with keyword(s) and a specific tag	keyword1 [tag1]
Questions with keyword(s) and either of two or more specific tags	keyword1 [tag1] [tag2]
To search for all posts by a user or all posts with a specific tag, start typing and choose from the suggestion list. Do not use a plus or minus sign with a tag, e.g., +[tag1].

WebSocket authentication/Security in Node-RED on Bluemix

1 reply

Follow this question

WebSocket authentication/Security in Node-RED on Bluemix

1 reply

Follow this question

Related questions