By Michael Schumann on Sunday, 26 May 2024
Posted in General
Replies 4
Likes 0
Views 637
Votes 0
I am working on a gateway that offers a rest interface against the consumer side and a websockets server against a target data server. The reason for this setup is that I cannot open a port on the target server for security reasons, so the target machine must initiate the connection and the gateway must be able to make requests against the target server. This I want to acchieve by using websockets. Apart from the fact that I cannot open ports on the target server to the internet I have the feeling that the gateway adds an extra layer of security to this setup as the target server contains confidential scientific data.

I plan to use TMS Sparkle for the REST side, which I already used a lot an find very stable and easy to use. For the other side I aquired a SGCWebsockets license. Having played around with it I really love that library. Also easy to use and very stable.

This is my current approach is this:

Usually every REST call creates a thread that could open a websockets connection to the target server, forward and receive the result and die again. But as I reversed client and server on the websockets side, I only have the websockets server that can talk to the client (Database server) through one connection. And I believe I cannot just use ws.send() in the threads of the REST server due to order of requests/reply and also thread safety.

So I decided to create a pool of websockets connections by the target server that are maintained in the gateway. In the worker thread of the REST server I aquire one connection from the pool, test if its still online, mark it as "in use" and use it for the current request. I would pack this mechanism into a critical section what should make sure that no race condtitions can occur.

For transferring the REST data I am planning on using a self made sub protocol that sends a JWT with every websockets request from the ws server to the ws client (the target server) and return raw data. As for the time of usage the reply is clearly bound to the request, I can immediately return the result in the rest thread and mark the ws connection as free again, of course also in a critical section.

I know that this all creates a lot of overhead and will cause performance issues on heavy load. As this gateway ist only used for a very special case and will not face heavy load, I am sure the performance hit is not relevant.

I hope I was able to explain this approach and the unusual use case because of the

I am curious if there is a much easier way to achieve what I need perhaps overseeing some killer feature of SGCWebsockets. So any suggestions are very welcome except ones that require openeing any inbound port on the target server what can definitively not happen.

Thanks in advance!

Michael from Germany
I did not complete this sentence:

I hope I was able to explain this approach and the unusual use case because of the security constraints.
·
6 months ago
·
0 Likes
·
0 Votes
·
0 Comments
·
Hello Michael,

I am afraid there is not a feature that will help to achieve your needs, anyway I'll think if there is something that can help you and get back to you.

Kind Regards,
Sergio
·
6 months ago
·
0 Likes
·
0 Votes
·
0 Comments
·
Hello,

I just want to note that I managed to set up this "reversed" Websockets-Connector with sgcWebSockets and it works good, using a pool of 25 websocket-clients on the (real) server side that connect to the websockets-server on the gateway. An Indy HTTP server on the gateway requests a websocket connection in the request, does the neccessary communication with the (real) server and gives the websocket back to the pool. This is much more responsive than a polling solution what would have been the alternative.

Tahnks for that great library, its really worth the money!
·
5 months ago
·
0 Likes
·
0 Votes
·
0 Comments
·
Hello,

Thanks for the update!

Kind Regards,
Sergio
·
5 months ago
·
0 Likes
·
0 Votes
·
0 Comments
·
View Full Post