Jetty 9.2.1 redirects http to https

Question

Jetty 9.2.1 redirects http to https

can someone help migrate the code from berth 8 to 9.2.1.

I need to listen to the pier on port 80 (http) and redirect each request to 443 (https).

this is the code for berth 8, but it does not work on 9.2.1. Version 9 uses the ServerConnector, but I cannot find examples of how to use the setConfidentialPort property .

Server server = new Server();

//Create a connector on port 80 to listen for HTTP requests
SelectChannelConnector httpConnector = new SelectChannelConnector();
httpConnector.setPort(80);
server.addConnector(httpConnector);

//Create a connector on port 443 to listen for HTTPS requests
SslSocketConnector httpsConnector = new SslSocketConnector();
httpsConnector.setPort(443);
httpsConnector.setKeystore("name_of_the_keystore");
httpsConnector.setPassword("password_for_the_keystore");
httpsConnector.setKeyPassword("password_for_the_key");
server.addConnector(httpsConnector);

//Redirect the HTTP requests to HTTPS port
httpConnector.setConfidentialPort(443);

+4

http https jetty

user2505009 Jul 28 '14 at 8:49

source share

2 answers

9.3 SecuredRedirectHandler:

public class Server extends org.eclipse.jetty.server.Server {

    public Server(int httpPort, boolean enableSsl, int httpsPort, String keystorePath, String keystorePassword, String keyManagerPassword, ...) {
        initConnector(httpPort, enableSsl, httpsPort, keystorePath, keystorePassword, keyManagerPassword);
        ...
    }

    private void initConnector(int httpPort, boolean enableSsl, int httpsPort, String keystorePath, String keystorePassword, String keyManagerPassword) {
        if (enableSsl) {
            final HttpConfiguration httpConfig = getHttpConfig(httpsPort);
            final HttpConfiguration httpsConfig = getHttpsConfig(httpConfig);
            final ServerConnector httpConnector = getHttpConnector(httpConfig, httpPort);
            final ServerConnector httpsConnector = getHttpsConnector(httpsConfig, httpsPort, keystorePath, keystorePassword, keyManagerPassword);

            setConnectors(httpConnector, httpsConnector);
            addHandler(new SecuredRedirectHandler());
        } else {
            final ServerConnector serverConnector = new ServerConnector(this);

            serverConnector.setPort(httpPort);

            addConnector(serverConnector);
        }
    }

    private void setConnectors(ServerConnector httpConnector, ServerConnector httpsConnector) {
        setConnectors(new Connector[]{httpConnector, httpsConnector});
    }

    private ServerConnector getHttpsConnector(HttpConfiguration httpsConfig, int httpsPort, String keystorePath, String keystorePassword, String keyManagerPassword) {
        final SslContextFactory sslContextFactory = new SslContextFactory();

        sslContextFactory.setKeyStorePath(keystorePath);
        sslContextFactory.setKeyStorePassword(keystorePassword);
        sslContextFactory.setKeyManagerPassword(keyManagerPassword);
        sslContextFactory.setTrustStorePath(keystorePath);
        sslContextFactory.setTrustStorePassword(keystorePassword);

        final ServerConnector httpsConnector = new ServerConnector(this,
                new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
                new HttpConnectionFactory(httpsConfig));

        httpsConnector.setPort(httpsPort);

        return httpsConnector;
    }

    private ServerConnector getHttpConnector(HttpConfiguration httpConfig, int httpPort) {
        final ServerConnector httpConnector = new ServerConnector(this);

        httpConnector.addConnectionFactory(new HttpConnectionFactory(httpConfig));
        httpConnector.setPort(httpPort);

        return httpConnector;
    }

    private HttpConfiguration getHttpsConfig(HttpConfiguration httpConfig) {
        final HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);

        httpsConfig.addCustomizer(new SecureRequestCustomizer());

        return httpsConfig;
    }

    private HttpConfiguration getHttpConfig(int httpsPort) {
        final HttpConfiguration httpConfig = new HttpConfiguration();

        httpConfig.addCustomizer(new SecureRequestCustomizer());
        httpConfig.setSecureScheme(HttpScheme.HTTPS.asString());
        httpConfig.setSecurePort(httpsPort);

        return httpConfig;
    }

    private void addHandler(Handler handler) {
        final Handler currentHandler = getHandler();
        if (currentHandler == null) {
            setHandler(handler);
        } else {
            if (currentHandler instanceof HandlerList) {
                ((HandlerList) currentHandler).addHandler(handler);
            } else {
                final HandlerList handlerList = new HandlerList();

                handlerList.addHandler(currentHandler);
                handlerList.addHandler(handler);

                setHandler(handlerList);
            }
        }
    }
}

0

PMV 16 . '17 9:50

encrest · Accepted Answer · 2014-09-30T22:28:37+0000

I had a problem with this. I figured this out by converting the example using web.xml found at https://serverfault.com/questions/367660/how-to-have-jetty-redirect-http-to-https to the following:

, ! 403. HTTP- 403 https:

Server server = new Server();

// HTTP Configuration
HttpConfiguration http_config = new HttpConfiguration();
http_config.addCustomizer(new SecureRequestCustomizer());

//these two settings allow !403 errors to be redirected to https
http_config.setSecureScheme("https");
http_config.setSecurePort(443);

//setup the secure config using the original http config + SecureRequestCustomizer
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());

// SSL Context Factory - tells how to access certificate info
SslContextFactory sslContextFactory = new SslContextFactory();
 sslContextFactory.setKeyStorePath(EmbeddedJetty.class.getResource("/keystore.jks").toExternalForm());
sslContextFactory.setKeyStorePassword("keystorepassword");
sslContextFactory.setKeyManagerPassword("keymanagerpassword");

//Create a connector on port 80 to listen for HTTP requests (that will get redirected)
ServerConnector httpConnector = new ServerConnector(server);
httpConnector.addConnectionFactory(new HttpConnectionFactory(http_config));
httpConnector.setPort(80);

//Connector on port 443 for HTTPS requests
ServerConnector sslConnector = new ServerConnector(server,
        new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.toString()),
        new HttpConnectionFactory(https_config));
sslConnector.setPort(443);

//setup the constraint that causes all http requests to return a !403 error
ConstraintSecurityHandler security = new ConstraintSecurityHandler();        

Constraint constraint = new Constraint();
constraint.setDataConstraint(Constraint.DC_CONFIDENTIAL);

//makes the constraint apply to all uri paths        
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec( "/*" );
mapping.setConstraint( constraint );

security.addConstraintMapping(mapping);

//in my case I also define a ServletContextHandler for managing SpringMVC beans
//that I daisy-chain into the security handler like so:
//security.setHandler(servletContextHandler);

server.setHandler(security);
server.setConnectors(new Connector[] { httpConnector, sslConnector });

server.start();
server.join();

Jetty 9.2.1 redirects http to https

9.3 SecuredRedirectHandler:

More articles: