Add WebSocket based application

HTTP and WebSocket both are communication protocols used in client-server communication. HTTP is unidirectional where the client sends the request and a server responds. WebSockets, on the other hand, is bidirectional and a full-duplex protocol that is used between the client and server.

Access Gateway supports WebSocket based applications by adding a policy directives to those URIs associated with WebSocket end points. The following pages describe the tasks required to define a header based application and then create policy for each web socket based URI.

Typical Access Gateway header based application architecture showing a high availability cluster protecting an application with web socket based URIs and using custom policy to convert HTTP request to web socket requests.

Before you begin

Ensure you have available:

  • An appropriate DNS entries for both the web socket application and the external exposed new URL exist.
    For example:
    https://external.domain.comExternal application. The URL clients use
    https://internal.domain.comProtected application URL.
  • A list of any required application header attributes exists along with their expected content.
  • A list of all Web Socket based URIs exist, so that each can be tagged as a web sockets using policy directives.

Typical workflow



All tasks in this workflow are typically handed by the Access Gateway administrator.



Create a containing group
  • Best practice and common task: Create an optional group to be assigned to the application.
Create header application
  • Create a header application, configured to protect the application which will include appropriate web socket policy.
Assign Certificate
  • Optionally, assign a certificate to the application.
Add additional attributes
  • Optionally, add additional attributes to the application.
Add required access policy
  • Add required policy for all WebSocket serviced URIs.
Test the application
  • Test the application, ensuring coverage of all URIs, especially those associated with WebSockets.
  • When required troubleshoot the integration.