How-To: Set up a reverse proxy with HOOPS Communicator and IIS

Instructions

EC2 instance inbound rules

If you are using an EC2 instance on AWS, it is necessary to add the following ports as inbound rules:

  • 80
  • 11182
  • 11000 - 11031

screenshot

One networking port is required for each Stream Cache Server that is spawned. The port is used for WebSocket communication between the Stream Cache Server and the browser running the HOOPS Web Viewer. In the case above, we have provided 32 ports to instantiate concurrent viewing sessions on ports 11000 - 11031.

IIS Installation

  1. Start the server manager from the Start menu
  2. Select Dashboard in the Server Manager and click Add roles and features
  3. Click Next in the “Before you begin” page of the Add Roles and Feature Wizard
  4. Select Role-based or feature-based installation in the Select installation type page, and click Next
  5. Choose to Select a server from the server pool in the “Select destination server” page, select a server and click Next
  6. Select Web Server (IIS) in the “Select server roles” page, and click Next
  7. Click Next in the “Select features” page
  8. Click Next
  9. Select WebSocket Protocol of the Application Development in the “Select role service” page

screenshot_1

  1. Click Next
  2. Click Install
  3. Click Close when the installation is completed

Enabling IE

  1. Select Local Server in the Server Manager
  2. Click On for IE Enhanced Security Configuration in the PROPERTIES
  3. Select off for Administrators:

screenshot_2

  1. Click OK
  2. Open the Control Panel from the Start menu
  3. Click Network and Internet
  4. Click Internet Options
  5. Select the Programs tab
  6. Select Open Internet Explorer tiles on the desktop

screenshot_3

  1. Click OK
  2. Open http://localhost using IE verify whether default page appears properly:

screenshot_4

Adding WebAssembly file type (.wasm) to MIME types in IIS

  1. Open the Windows Control Panel
  2. Click System and Security
  3. Click Administrative Tools
  4. Double-click Internet Information Service (IIS) Manager
  5. Select Default Web Site in the left-hand tree:

screenshot_5 (1)

  1. Double-click MIME Type
  2. Click Add… in the right panel
  3. Type “.wasm” for File name extension and “application/wasm” as MIME type, and click OK:

screenshot_6

Install a supported browser (optional)

If you don’t have at least IE 11 installed on your machine, you’ll need to install a supported browser to view models on your server machine. This is not a step you’ll likely do on a production server

Here is the list of Supported Platforms for the WebViewer.

Install HOOPS Communicator

  1. Download the latest version of HOOPS Communicator and your license key from the Tech Soft 3D Developer Zone.
  2. Create a folder named “HC” in the wwwroot folder of the web server (C:\inetpub\wwwroot).
  3. Run the HOOPS Communicator and install wherever you’d prefer.
  4. Copy all the files from \web_viewer\src into C:\inetpub\wwwroot\HC.
  5. Launch Communicator, by navigating to \quick_start and running start_server.bat
  6. Open http://localhost/HC/hoops_web_viewer_sample.html?wsPort=11182&instance=microengine using a supported browser to verify you have installed and configured HOOPS Communicator correctly:

screenshot_7

  1. Stop Communicator by closing the cmd window it opened up in.

Add a new inbound rule

  1. Open the Windows Control Panel
  2. Click System and Security
  3. Click Windows Firewall
  4. Click Advanced settings
  5. Select Inbound Rules and click New Rule…
  6. Select Port in the “Rule Type” page of the New Inbound Rule Wizard, and click Next
  7. Add “11182, 11000-11031” to the Specific local ports:

ports

  1. Click Next
  2. Select Allow the condition, and click Next
  3. Select Public, and click Next
  4. Input “HC” as the rule name, and click Finish

HOOPS Communicator Configuration for external access

  1. Open the file \server\node\Config.js
  2. Edit the publicHostName variable to point to the public IP address for your machine:
  3. Run <HOOPS Communicator install Dir\server\node\start_server.bat
  4. Open http://<YourPublicIPAddress/HC/hoops_web_viewer_sample.html? wsPort=11182&instance=microengine using a web browser on an external machine and verify the HOOPS Web Viewer appears properly
  5. Close the cmd window where you launched start_server.bat

Application Request routing (ARR) installation

  1. Go to the Microsoft Web Platform Installer website:
    https://www.microsoft.com/web/downloads/platform.aspx
  2. Click Install this extension and run the installer
  3. Install the Web Platform Installer
  4. Start Web Platform Installer after installation
  5. Search for ARR and click Add of Application Request Routing 3.0
  6. Click Install
  7. Click I Accept
  8. Click Finish when the installation is complete

Reverse proxy URL rewriting

  1. Open the Windows Control Panel
  2. Click System and Security
  3. Click Administrative Tools
  4. Double-click Internet Information Service (IIS) Manager
  5. Select Default Web Site in the left hand tree:

screenshot_5 (1)

  1. Double-click URL Rewrite
  2. Click Add Rule(s)… in the right panel:

screenshot_8

  1. Select Reverse Proxy and click OK
  2. Click OK to enable proxy functionality

screenshot_9

  1. Click Cancel
  2. Open the web.config file in root folder of current web site (C:\inetpub\wwwroot) and add the following rewrite rules:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer><staticContent>
<mimeMap fileExtension=".wasm" mimeType="application/wasm" />
</staticContent>
<rewrite>
<rules>
<rule name="Rewrite to httpproxy" enabled="true">
<match url="^httpproxy/([0-9]+)/([_0-9a-z-]+)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{CACHE_URL}" pattern="^(.+)://([.0-9]+)" />
</conditions>
<action type="Rewrite" url="{C:1}://172.31.27.239:{R:1}/{R:2}" />
</rule>
<rule name="Rewrite to wsproxy" enabled="true">
<match url="^wsproxy/([0-9]+)" negate="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{CACHE_URL}" pattern="^(.+)://([.0-9]+)" />
</conditions>
<action type="Rewrite" url="{C:1}://172.31.27.239:{R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
  1. Edit line 223 of \HC\js\sample.js (the root folder is usually C:\inetpub\wwwroot):
var brokerUri = window.location.protocol + "//" + window.location.hostname + ":" + brokerPort;

if (Sample._getProxy())
  brokerUri=window.location.protocol+"//"+window.location.hostname+"/httpproxy/"+brokerPort;
  1. Run \server\node\start_server.bat
  2. Open http://xxx.xxx.xxx.xxx/HC/hoops_web_viewer_sample.html?broker=true&proxy=true&instance=microengine using a web browser on an external machine and verify that the HOOPS Web Viewer is appearing as expected
  3. Close the server cmd window (shutting the server down)

Inbound rule modification

The reverse proxy has now been configured, but there are still some non-standard ports
that are open to the internet, posing a security risk. We’ll need to close them by restricting the non-standard ports to the private environment. It’s important the user minimizes exposure to the public zone.

Here is an illustration of what the system looks like after above configuration:

before

And after the modification:

after

Configuring the private environment:

  1. Open Advanced settings of Windows Firewall
  2. Double-click HC from Inbound Rules
  3. Click Advanced tab and select Private only in the Profiles:

screenshot_10

  1. Click OK
  2. Now, HOOPS Web Viewer cannot be opened from external machine.
  3. If you are using EC2 instance of AWS, it is also necessary to edit the Inbound
    rules:

screenshot_11

URL Rewrite rule modification

Edit the \web.config file and replace the Rewrite rules with your private address:

<?xml version="1.0" encoding="UTF-8"?>
...
<rewrite>
<rules>
<rule name="Rewrite to httpproxy" enabled="true">
<match url="^httpproxy/([0-9]+)/([_0-9a-z-]+)" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{CACHE_URL}" pattern="^(.+)://([.0-9]+)" />
</conditions>
<action type="Rewrite" url="{C:1}://yyy.yyy.yyy.yyy:{R:1}/{R:2}" />
</rule>
<rule name="Rewrite to wsproxy" enabled="true"><match url="^wsproxy/([0-9]+)" negate="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{CACHE_URL}" pattern="^(.+)://([.0-9]+)" />
</conditions>
<action type="Rewrite" url="{C:1}://yyy.yyy.yyy.yyy:{R:1}" />
</rule>
</rules>
</rewrite>
...

yyy.yyy.yyy.yyy is your private IP address.

Test the HOOPS Web Viewer

  1. Launch \server\node\start_server.bat
  2. Open http://xxx.xxx.xxx.xxx/HC/hoops_web_viewer_sample.html?broker=true&proxy=true&instance=microengine using a web browser on an external machine and verify whether HOOPS Web Viewer appears properly