I'm testing the VPL module & have installed the latest Moodle module (3) and created a jail server using 2.0.1.
Testing with a python script in the editor some clients will run the script no problem, but others will bring up an error dialog box (after 10 seconds or so) with the message "connection fail". the OK test page can be accessed from both clients.
Hi Juan Carlos,
Interestingly I tried in on one of our standard network (Windows 7 on a local domain) stations and found it worked fine in Internet Explorer (version 10) but not in Chrome (current version).
I will investigate on a few different setups and other stations and see if there is any sort of consistent issue.
Regards,
Paul.
Hi,
Testing on a variety of clients (all on the local network) ...
My PCs
Windows 7
Firefox 20:
runs (but only as admin type user)
Internet explorer 11: runs
Chrome 35: runs
Windows 8
Firefox
29: runs
Chrome
35: connection fail
Internet Explorer 11: runs
Ubuntu
Firefox 30: runs
Chromium 34: runs
Student PC (Windows 7)
Chrome 35
(default browser): connection fail
Internet Explorer 10:
runs
The biggest issue is Chrome on the student machines as this is the default browser.
On a Separate Note: There also appears to be a compatibility issue with the full screen editor and the new 'dockable' clean theme in the latest 2.6.3+ The toolbar isn't visible so the user can't go back to normal view & save any changes.
Regards,
Paul.
Hi Paul,
Thanks for your report. I have tried to reproduce your problem without succeed. I guess you are using VPL 3.0.1 and vpl jail server 2.0.1. It's odd for me that the problem appears or not with different role or OS. I need more information. You can help me to see the problem if you send a screenshot. May be that we are trying to spot a different problem.
The issue about the full/regular screen is known and soon it will be resolved with the release of VPL 3.1 and jail 2.0.2.
Best regards.
Hi,
Yes, it's the latest module and jail server. This is a screenshot from a general network PC running Google Chrome:
It appears shortly after the Run/Connecting dialog box.
On the same PC running Internet Explorer 10:
Thanks,
Paul.
Apologies. This appears to be an issue with our setup..
For the moment (testing) our jail server is set to an internal address. Chrome isn't seeing the calling page as on the same network (intranet) as the jail server. The host resolves to an internal address for the other browsers and to an external one for Chrome (I think).
Thanks,
Paul.
If you get the OK from http://demojail.dis.ulpgc.es/OK there is no common reason to it don't work. May be that your network is using a proxy or web cache that is incompatible with WebSocket?
To get more information you can activate the debug mode in the jail server with:
service vpl-jail-service start -d 8
See the output in /var/log/syslog
I give the connection requisites detailed:
1) Moodle server can reach (http/https) the jailservers, you can test it with the appropiate menu option.
2) The client browser can reach (http/https) the Moodle server (This is obvious)
3) The client browser can reach (ws/wss) jail server. The ws/wss protocol is basicaly a http/https connection (renegotiated) permanent.
Best regards.
In regard to using your test jail server http://demojail.dis.ulpgc.es/
Pass all 3 requisites above but get ,,,
Connecting (3-4 seconds)
Connected (20-30 seconds)
Connection Fail
This is also by-passing any local proxy servers but going through our Untangle firewall (fairly 'standard' sort of setup).
I'll try our local jail server in debug mode next (although I think I've worked out what the problem with this is now - see my previous post). However, when we do make it a puclic ip/address, the above issue may be important.
I'll also try it from home tonight set to your test jail server.
Regards,
Paul.
Hi Paul,
I am very interested in finding the problem you have. I think that the problem is located in the browser connection with the execution server. This connection uses the WebSocket protocol. Try using a secure connection to your Moodle server to get that the WebSocket protocol also use a secure connection. The secure connection is much more probable that it can run smoothly even in the presence of transparent proxy.
Best regards
Hi Paul,
If you find the problem with your school network, please, let us know it.
Beware that, the VPL module configuration set to use https://... only affect the connection from Moodle to the execution server, but not the connection from the browser to the execution server. The WebSocket connection from the browser to the execution server is secure (wss: ) if the connection from the browser to the moodle server is secure (https: )
Best regards
Hi Juan Carlos,
I had to set a bypass rule through Untangle (our firewall) to work with your jail server.
We've got a few other issues with certain setups but at least this works.
Thanks,
Paul.
Thanks for sharing your Untangle firewall configuration.
Juan Carlos
Hi All, I had same issue. I was getting the "Connection fail" even with the demo jail server and I was because of a web proxy automatically configured in the internal network of the University.
I am getting something similar. In the inspector of my brower (Chrome 40):
WebSocket connection to 'ws://demojail.dis.ulpgc.es/80453013427374/monitor' failed: Error during WebSocket handshake: Unexpected response code: 404
This seems not to be a networking issue, since the 404 is returned. I use VPL 3.1.1
Hello Ewout,
the message you show is about the connection from your browser to the execution (jail) server. This connection is of type WebSocket. Reviewing the logs of the demojail server I have found that you (your network) are using a proxy (Squid 2.7). This proxy do NOT supports WebSockets. You can try to use https/wss to test if your proxy does not interfere in secure conections.
I have made a change in the server software to try to accept the proxy request, but I have no hope of succeed. Try your test with demojail again.
Other way to check the use of websocket from your network is as follow:
Run, at the console of your browser, this code
new WebSocket("ws://echo.websocket.org/");
If all is correct, your browser don't will give an error.
If you use this command with a vpl execution server, you will get a 500 error code. I will change this behavior in the next release to give a response of connectivity.
I have obtained an important conclusion: the proxys may be a problem for VPL.
Best regards
new WebSocket("wss://echo.websocket.org/");returned without error, so in vpl_submission_CE.class.php I tried to force this protocol using
if($isHTTPS)
$baseURL = 'wss://';
else
$baseURL = 'wss://';
and that gives me (confusing) dialogue to accept the self-signed certificate (although I checked the acceptcertificates option). I figured out, after a while to click on "Server 1", which gives a pop-up, I do the browser "are you sure you want be insecure" dance and then the console came up.
But all this doesn't really work. I must assume some students are behind a proxy. So I need a secure vpl jail, with a valid cert. But this is complicated for me: I have an internal VM and I would have to obtain a domain with my univeristy TI and my SSL certificate (not dificult, but $20 dollar per year out of my own pocket, since in Brazil public universities can't use credit cards... and to buy a cert in Brazil would involve giving an extortionate amount of money to intermediaries).
So there is really no way to use wss:// with a self-signed cert without the confusing user interface?
Another question I have is, did anything change in VPL3.1.1? I could have sworn that I tested everything in november 2014 and everything worked. Maybe something changed in our network, but I am almost sure that we were behind a Squid proxy also at that time.
Sorry for the not so clear message about the self-signed certificates. We are open to other redactions. I don't know if may be better change the word "insecure" by "unencrypted".
I know that the process may be cumbersome, but this process is limited by:
1) Current browsers don't request to users to accept self-signed certificates when starting a "wss:" connection.
2) Popup windows are restricted, JavaScript can't launch popup windows to ask the user to accept the certificates.
3) The VPL module can have multiple execution servers, the dialog must show the list of execution servers available and ask the user to click on every one.
The dialog can be changed, replacing the list of servers by a button to launch multiple popup windows, but I don't know if it will be a clearer solution for users.
Any suggestion to improve the process will be wellcome.
Other way to remove the recurrent "acceptance of self-signed certificates" is install the certificate in the PC as permanent. You can give the certificate to the student and explain how to install it.
Here appear two problems: the proxy and the secure connection with self-signed certificates.
I'll add a new options in the VPL configuration to set the proxy configuration and mitigate the proxy problem from the Moodle server to the execution server. I'll add a new option to force wss connection and mitigate the problem of connecting browsers to execution servers with WebSocket by proxies (this request was made, with fix included, some months before).
But, I don't know how to resolve the self-signed certificates problem. I think that it is about a browser behavior and is out of our control.
Best regards.
hello
I want to connect my moodle with jail server and I need perfect solution how we can bridge moodle with jail server
let me give steps for connection.
