Are secure websockets supported?

[Sandared]

Hi,

firs of allt: awesome work what you did here 👍

I tried the graph explorer with a janusgraph db on my machine (localhost) and everything worked fine.

However, when I tried to do the same setup with a remote janusgraph the app is not able to connect to the remote gremlin server.

Steps I made:

• spun up a new Digital Ocean droplet with docker installed
• installed janusgraph via docker run -it -p 8182:8182 --name janusgraph janusgraph/janusgraph:0.4.1
• opened your app on heroku (https://graph-explorer.herokuapp.com/)
• tried to connect via websocket: ws://<my_ip>:8182/gremlin -> this was not working at all because my browser forbid to connect to non-secured websocket
• tried to connect via websocket secure: wss://<my_ip>:8182/gremlin -> according to debug console the websocket handshake timed out

Should i do anything different for a remote janusgraph?

Any advice is highly appreciated :)

Kind regards, Thomas

[github-actions[bot]]

Thanks for being part of our design, develop and feedback loop. You are awesome!

[rrmerugu]

@Sandared can you post the screenshot of the errors from the console.

[rrmerugu]

@Sandared Just to add , if secure web-sockets are supported by your browser and as long you opened the port 8182 to public. Safari does seem to support wss especially for ones with invalid certificate. Are you attempting to visualise in safari.

[Sandared]

Hey sorry for the long wait. I tried some different combinations: 1) Your app on Heroku + Janusgraph on DO trying to connect via ws://:8182/gremlin (this one was expected) 2) Your app on Heroku + Janusgrpah on DO trying to connect via wss://:8182/gremlin (here I don't know if Janusgraph would handle ssl with a self-signed certificate or not. I don't have a proxy installed for this) 3) Graph explorer installed on same DO server as Janusgraph and connecting via ws://:8182/gremlin -> works if I map your port 88888 to 80, i.e., I use docker run -d -p 80:8888 ... When I map it to port 8888 as described in your documentation I just get a blank screen :/

Another thing I noticed: In case 2) your app becomes unusable, as from the failed connection attempt onwards it only shows a dark screen and no possibility to enter another url to connect to.

I hope that helps :)

Kind regards, Thomas

[rrmerugu]

Hey thanks for observations.

Screenshot 1 tells me you are access https://graph-explorer.herokuapp.com and tried to use ws://gremlin-url. This error can be fixed with just accessing http://graph-explorer.herokuapp.com. But that still doesnt solve the problem

From Screenshot 2 & 3, it appears that the port is accessible out of the VPC or your server instance. If you can open the port 8182 on the server where you are running janusgraph docker. The port will be accessible and websockets would connect to the gremlin server. If you want to check whether the port number not being exposed to the internet server is the issue or not. Go to https://www.websocket.org/echo.html and give your gremlin url ws://xyz and see if that is able to connect. If it is not able to connect, then your digital ocean deployment needs to expose the port 8182, or need to tweet needful security settings.

Thanks for pointing the issue not able to switch to new connection URL #44 I have included this to be part of milestone alpha-release. So should be fixed soon.

[rrmerugu]

Hey @Sandared

I have deployed fix for the issues - switching gremlin server #44 . I have covered use case for scenarios 1) when it is reconnecting and 2) from with in the app when already connected to a server. Thanks for the suggestion.

Regarding the last issue, Were you able to check if the port 8182 is open to public ? I'm guessing that's the reason http://graph-explorer.herokuapp.com is not able to connect to the server.

Let me know if that worked. Again, Thanks for improving the product with your inputs.

[Sandared]

Hi @rrmerugu

awesome work :)

The port was open (when I deployed your app on the same machine and then directed it to the address with the same port, but with ws:// instead of wss:// it worked flawlessly), but I assume that Janusgraph does not handle ssl with a self signed certificate and I would need to set up a proxy that does the ssl stuff.

Kind regards, Thomas

[rrmerugu]

Great! in that case I'm closing this issue for now. I appreciate the inputs :) .