Neo4j 浏览器如何与 Neo4j 服务器交互?
从 Neo4j 3.2 开始,Neo4j 浏览器仅支持通过 Bolt 与 Neo4j 服务器连接。这要求网络允许浏览器与 Neo4j 服务器上指定的 Bolt 端口之间进行套接字通信。要检查网络是否允许 WebSocket,可使用 http://www.websocket.org/echo.html
如果网络不允许 WebSocket,当在 https://:7474 通过 Neo4j 浏览器尝试认证时,会记录以下错误
ServiceUnavailable: WebSocket connection failure. Due to security constraints in your web browser, the reason for the failure is not available to this Neo4j Driver. Please use your browsers development console to determine the root cause of the failure. Common reasons include the database being unavailable, using the wrong connection URL or temporary network problems. If you have enabled encryption, ensure your browser is configured to trust the certificate Neo4j is configured to use. WebSocket `readyState` is: 3
此外,要允许远程浏览器连接,需要将 $NEO4J_HOME/conf/neo4j.conf 配置为以下内容
# To have Bolt accept non-local connections, uncomment this line:
dbms.connector.bolt.address=0.0.0.0:7687下面展示了 Neo4j 浏览器与 Neo4j 服务器之间的通信流程
-
浏览器在启动时会进行一次 HTTP 调用
GET / HTTP/1.1 Host: <server>:7474 Content-Type: application/json
-
此请求仅用于询问 Neo4j Bolt URL 是什么(可在服务器上通过
dbms.connectors.default_advertised_address配置)。该请求完成后,浏览器会尝试在不提供凭据的情况下通过 Bolt 连接到服务器。这有两个原因:-
当响应返回时,我们即可判断是否启用了身份验证
-
如果连接成功,更新应用状态以表明无需凭据即可连接
-
-
如果第一次连接尝试失败,浏览器会检查 Web 浏览器的 localstorage 中是否存有登录凭据。如果有,浏览器会使用这些凭据再次尝试连接
-
如果成功,则一切正常。
-
如果仍然失败,则放弃并提示用户输入连接凭据
-
-
因此,作为示意图大致如下所示:
-
Seq 0
Client === GET ==> Neo4j (HTTP 7474) Ask for Bolt connection URL Client <== Resp === Neo4j (HTTP 7474)
-
Seq 1
Client === Bolt ==> Neo4j (WS 7687) without auth credentials
-
Alternate 1.1
Client <== Resp (success) === Neo4j (WS 7687) (Success, stop)
-
Alternate 1.2
Client <== Resp (no success) === Neo4j (WS 7687) (No success, goto Seq 2)
-
Seq 2
Client === Bolt ==> Neo4j (WS 7687) with auth credentials
-
Alternate 2.1
Client <== Resp (success) === Neo4j (WS 7687) (Success, stop)
-
Alternate 2.2
Client <== Resp (no success) === Neo4j (WS 7687) (No success, prompt user for credentials)
请注意,无论是凭据无效还是无法通过 Bolt 连接,最终都会跳转到同一页面提示输入凭据,因此在无法连接时务必同时检查这两种可能的原因。
此页面有帮助吗?