Issue with upgrading to Jetty 9.4.11

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Issue with upgrading to Jetty 9.4.11

Eze Ikonne

Hi all,

 

I just would like to report that I am making some progress on upgrading Jetty 7 to Jetty 9.4.11, I will share the things that I have learned once the effort is completed. However, I am now stuck because, for some reason, Jetty 9.4.11 is returning a non-secure uri when it supposed to return secure uri back to the browsers. My question is this, how do I indicate to Jetty 9.4.11 to return a secure redirection uri instead of non-secure? Or, how does Jetty 9.4.11 determine how to redirect to secure instead of non secure uri? Please see the debug information generated by my jetty 9.4.11 below. I am almost there towards the completion of this effort. As you can see, it is returning a non secure uri for the location header attribute. My embedded Jetty 7 correctly returns secure uri for the location header attribute.

 

Thanks,

 

Ike

 

 

 

2018-10-10 12:28:36,691 [qtp958678400-48] DEBUG HttpChannel - sendResponse info=null content=HeapByteBuffer@5639ad7d[p=0,l=0,c=0,r=0]={<<<>>>} complete=true committing=true callback=Blocker@2afcfd94{null}

2018-10-10 12:28:36,691 [qtp958678400-48] DEBUG HttpChannel - COMMIT for /SSPDashboard/faces/logon.jsp;jsessionid=ycrx3afb3zghqc1kn4la5oc2g3v0itdceogh1seg5lll8p9gg.node0 on HttpChannelOverHttp@4420504a{r=1,c=true,a=DISPATCHED,uri=//10.xxx.xxx.xxx:7777/SSPDashboard/faces/logon.jsp;jsessionid=ycrx3afb3zghqc1kn4la5oc2g3v0itdceogh1seg5lll8p9gg.node0,age=771}

302 null HTTP/1.1

X-Frame-Options: SAMEORIGIN

cache-control: no-store, no-cache, must-revalidate

pragma: no-cache

X-Content-Type-Options: nosniff

X-XSS-Protection: 1

Strict-Transport-Security: max-age=31536000

Set-Cookie: JSESSIONID=jzf3myxmxspuzsjnqj1mhn99stt66j3ref0162afecyid5ux.node0;Path=/SSPDashboard;Secure;HttpOnly

Expires: Thu, 01 Jan 1970 00:00:00 GMT

Location: http://10.xxx.xxx.xxx:7777/SSPDashboard/faces/configuration.jsp

=====================================================
Please refer to http://www.aricent.com/email-disclaimer
for important disclosures regarding this electronic communication.
=====================================================

_______________________________________________
jetty-users mailing list
[hidden email]
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: Issue with upgrading to Jetty 9.4.11

Simone Bordet-3
Hi,

On Wed, Oct 10, 2018 at 7:36 PM Eze Ikonne <[hidden email]> wrote:
>
> Hi all,
>
>
>
> I just would like to report that I am making some progress on upgrading Jetty 7 to Jetty 9.4.11, I will share the things that I have learned once the effort is completed. However, I am now stuck because, for some reason, Jetty 9.4.11 is returning a non-secure uri when it supposed to return secure uri back to the browsers. My question is this, how do I indicate to Jetty 9.4.11 to return a secure redirection uri instead of non-secure? Or, how does Jetty 9.4.11 determine how to redirect to secure instead of non secure uri? Please see the debug information generated by my jetty 9.4.11 below. I am almost there towards the completion of this effort. As you can see, it is returning a non secure uri for the location header attribute. My embedded Jetty 7 correctly returns secure uri for the location header attribute.
>

This is done with a SecureRequestCustomizer on the HttpConfiguration.
Are you using it?

--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
_______________________________________________
jetty-users mailing list
[hidden email]
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: Issue with upgrading to Jetty 9.4.11

Eze Ikonne
Hi all,

Thanks Simone, that is exactly what my problem had been. I believe that this mechanism was introduced in either jetty 8 or jetty 9. Once I added it, everything started working. I think it should be highlighted in the sample examples posted on Jetty website, at the moment there is really no mention of this in most of the examples on jetty website, but it turns out to be a big deal. All this while, it turns out to be new SecureRequestCustomizer() injected into the httpConfiuration. I would like to thank the entire jetty group for their support, Jan and the rest, thanks to you.

Ike

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of Simone Bordet
Sent: Thursday, October 11, 2018 5:14 AM
To: JETTY user mailing list <[hidden email]>
Subject: Re: [jetty-users] Issue with upgrading to Jetty 9.4.11

** This mail has been sent from an external source **


Hi,

On Wed, Oct 10, 2018 at 7:36 PM Eze Ikonne <[hidden email]> wrote:
>
> Hi all,
>
>
>
> I just would like to report that I am making some progress on upgrading Jetty 7 to Jetty 9.4.11, I will share the things that I have learned once the effort is completed. However, I am now stuck because, for some reason, Jetty 9.4.11 is returning a non-secure uri when it supposed to return secure uri back to the browsers. My question is this, how do I indicate to Jetty 9.4.11 to return a secure redirection uri instead of non-secure? Or, how does Jetty 9.4.11 determine how to redirect to secure instead of non secure uri? Please see the debug information generated by my jetty 9.4.11 below. I am almost there towards the completion of this effort. As you can see, it is returning a non secure uri for the location header attribute. My embedded Jetty 7 correctly returns secure uri for the location header attribute.
>

This is done with a SecureRequestCustomizer on the HttpConfiguration.
Are you using it?

--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support from the Jetty & CometD experts.
_______________________________________________
jetty-users mailing list
[hidden email]
To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
=====================================================
Please refer to http://www.aricent.com/email-disclaimer
for important disclosures regarding this electronic communication.
=====================================================
_______________________________________________
jetty-users mailing list
[hidden email]
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: Issue with upgrading to Jetty 9.4.11

Simone Bordet-3
Hi,

On Thu, Oct 11, 2018 at 5:34 PM Eze Ikonne <[hidden email]> wrote:
>
> Hi all,
>
> Thanks Simone, that is exactly what my problem had been. I believe that this mechanism was introduced in either jetty 8 or jetty 9. Once I added it, everything started working. I think it should be highlighted in the sample examples posted on Jetty website, at the moment there is really no mention of this in most of the examples on jetty website, but it turns out to be a big deal. All this while, it turns out to be new SecureRequestCustomizer() injected into the httpConfiuration. I would like to thank the entire jetty group for their support, Jan and the rest, thanks to you.
>

Please open an issue about this lack of documentation.
There is a reference to SecureRequestCustomizer at
https://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html#jetty-connectors,
but it may be expanded.
Consider to propose a pull request with the updated documentation, we
will appreciate it.
Thanks!

--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
_______________________________________________
jetty-users mailing list
[hidden email]
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users