Enhancement for Jetty SslSocket

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Enhancement for Jetty SslSocket

Jiang, Tony

Hello,

 

To compare with Tomcat, Jetty doesn’t support cipher suites through the configuration file of Jetty.xml.

 

I enhanced the source code of org.mortbay.http.SslListener in our project. But I don’t know how to contribute back to the community. It is a minor enhancement. After the enhancement, you can set the cipher suites thru the configuration file and force the SslListener to use the specific cipher suites to level the higher standard of security.

 

Hereunder is an example of the configuration file snippet.  

 

My question is how I can contribute back the enhancement to the community. The procedure on the website or Readme is not so clear.

 

Thanks,

 

Tony Jiang

Software Developer, Avocent Mobile Solutions

Direct: 403.355.2598

Company: 403.269.2540

TOLL FREE: 866.602.2002

Email:  [hidden email]

Address: Avocent Corp. 202-110, 12th Avenue S.W., Calgary Alberta, Canada T2R 0G7

 

 

  <!-- =============================================================== -->

  <!-- Configure the Request Listeners                                 -->

  <!-- =============================================================== -->

  <Call name="addListener">

    <Arg>

      <New class="org.mortbay.http.SslListener ">

        <Set name="Port">443</Set>

        <Set name="PoolName">P1</Set>

        <Set name="MinThreads">20</Set>

        <Set name="MaxThreads">200</Set>

        <Set name="MaxIdleTimeMs">60000</Set>

        <Set name="lowResources">30</Set>

        <Set name="LowResourcePersistTimeMs">2000</Set>

 

        <Set name="Keystore"><SystemProperty name="jetty.home" default="."/>/config/demokeystore</Set>

        <Set name="Password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>

        <Set name="KeyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g</Set>

 

        <Set name="HttpHandler">

           <New class="org.mortbay.http.handler.MsieSslHandler">

            <Set name="UserAgentSubString">MSIE 5</Set>

            </New>

       </Set>

       

       <Set name="CipherSuites">

         <Array type ="java.lang.String">       

             <Item>TLS_RSA_WITH_AES_256_CBC_SHA</Item>

             <Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</Item>

             <Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</Item>

         </Array>

       </Set>

      </New>

    </Arg>

  </Call>

 

Reply | Threaded
Open this post in threaded view
|

Interrupting an HTTP request

Tony Seebregts

Hi,

 

I suspect the answer is no … but just in case – is there any way of interrupting an HTTP request other than closing the InputStream ?

 

The problem I’m trying to solve is an HTTP request with a significantly large content that the server might wish to abort in the middle to send a response. But at the moment it looks like the server has to read the whole request before it can send a response.

 

Regards

 

Tony Seebregts

 

Reply | Threaded
Open this post in threaded view
|

Re: Interrupting an HTTP request

Greg Wilkins-5

Closing the connection is the way to do it.

Simple and allows data to be cleanly thrown away even if in buffers
of proxies etc.

Making a new connection is expensive, but probably less so than trying
to hand shake with the client to work out if/when/how/where a request
has been stopped and then continuing with the next request.

cheers


Tony Seebregts wrote:

> Hi,
>
>  
>
> I suspect the answer is no … but just in case – is there any way of
> interrupting an HTTP request other than closing the InputStream ?
>
>  
>
> The problem I’m trying to solve is an HTTP request with a significantly
> large content that the server might wish to abort in the middle to send
> a response. But at the moment it looks like the server has to read the
> whole request before it can send a response.
>
>  
>
> Regards
>
>  
>
> Tony Seebregts
>
>  
>



-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Jetty-support mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/jetty-support