HOOPS Communicator HTTPS server with reverse proxy

Introduction

Although HOOPS Communicator SC server can be configured with HTTPS server like this article: HOOPS Communicator server with HTTPS (SSL) , there is a non-standard port: 11182 that is open to the internet, posing a security risk. We’ll need to close it by restricting the non-standard port to the private environment. It’s important the user minimizes exposure to the public zone.

This article explains another way to configure SC server with HTTPS server using reverse proxy of nginx.

If you haven’t created HTTPS server, please refer this article: How to setup HTTPS server with AWS

Instruction

HOOPS Communicator server installation

Place the folders and files required for the HC server from the SDK.
Here is an illustration of how to configure the server:

+ var
  + www
    + html
      + src
      + sample.html
    + server
    + 3rd_party
    + sc_models
  1. Transfer the tar.gz file of HOOPS Communicator for Linux to the /tmp folder of the virtual server via SCP
  2. Extract the tar.gz file
cd /tmp
tar -zxvf HOOPS_Communicator_202x_SPx_Linux.tar.gz
  1. Allocate the necessary folders in a root folder of nginx
cd HOOPS_Communicator_202x_SPx/
sudo cp -r 3rd_party/ server/ /var/www/
sudo cp -r quick_start/converted_models/standard/sc_models/ /var/www/
sudo cp -r web_viewer/src /var/www/html/

HOOPS Communicator server setup

  1. Open Config.js for HOOPS Communicator Stream Cache Server
sudo vi /var/www/server/node/Config.js
  1. Set model search directory
    modelDirs: [
        "./sc_models",
    ],
  1. Save and quit::wq

Note that it is not necessary to set SSL settings of Config.js if reverse proxy is used. WSS requests are routed through and handled as WS requests by reverse proxy of nginx before it reaches the SC server.

Edit inbound rules

  1. Edit the inbound rules of the virtual server so that HTTP (80), HTTPS (443) and SSH (22) ports are opened to the internet (Delete 11182 port)

Setting reverse proxy

  1. Open the nginx setting file
sudo vi /etc/nginx/sites-enabled/default
  1. Add the following location under existing location / {…}
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }
        location /wsproxy/ {
            rewrite /wsproxy/([^/]+) / break;
            proxy_pass http://127.0.0.1:$1;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
  1. Save and quit: :wq
  2. Reload nginx
sudo service nginx reload

Minimal sample viewer creation

Configure a proxy connection using a minimal HTML sample.

  1. Create a sample HTML and open
sudo touch /var/www/html/sample.html
sudo vi /var/www/html/sample.html
  1. Implement the following HTML
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8"/>
        <title>Simple</title>
         <style>
            #container {
                width:600px;
                height:480px;
                position:relative;
                border: thin solid #000000;
            }
        </style>	
       
        <script type="text/javascript" src="src/js/hoops_web_viewer.js"></script>
        
        <script type="text/javascript">
            let viewer;
            window.onload = function () {
                const endpoint = "wss://" + window.location.hostname + "/wsproxy/11182";
                viewer = new Communicator.WebViewer({
                    containerId: "container",
                    model: "microengine",
                    endpointUri: endpoint,
                });
                viewer.start();
            };
        </script>
    </head>
    <body>
        <div id="container"></div>
    </body>
</html>

Note that 11180 port is specified with /wsproxy/ location. This /wsproxy/ location will be rewritten as ws://YOUR_DOMAIN_NAME:11182 by reverse proxy of nginx.

  1. Save and quit: :wq
  2. Start the HOOPS Communicator server
sudo sh /var/www/server/node/start_server.sh
  1. Open https://YOUR_DOMAIN_NAME/sample.html using your web browser to verify you have configured the proxy connections correctly

Edit sample viewer

If you want to use hoops_web_viewer.html with reverse proxy, it is necessary to edit sample.js code.

  1. Open sample.js
sudo vi /var/www/html/src/js/sample.js
  1. Edit : to /wsproxy/ at the end of the file

  2. Save and quit: :wq

  3. Open https://YOUR_DOMAIN_NAME/src/hoops_web_viewer_sample.html?viewer=csr&model=arboleda&wsPort=11182 using your web browser

1 Like