[jetty-users] Jetty and Http 1.1 upgrade header

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

[jetty-users] Jetty and Http 1.1 upgrade header

Manfred
Hi there.

We use Jetty 8.1.5 in our current development.
Does anyone know whether Jetty supports the Http 1.1 upgrade header to upgrade from an unencrypted connection to an encrypted connection?
See http://en.wikipedia.org/wiki/HTTP/1.1_Upgrade_header


Regards,
Manfred

_______________________________________________
jetty-users mailing list
[hidden email]
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: [jetty-users] Jetty and Http 1.1 upgrade header

Simone Bordet-2
Hi,

On Mon, Sep 24, 2012 at 10:58 PM, Bergmann Manfred <[hidden email]> wrote:
> Hi there.
>
> We use Jetty 8.1.5 in our current development.
> Does anyone know whether Jetty supports the Http 1.1 upgrade header to upgrade from an unencrypted connection to an encrypted connection?
> See http://en.wikipedia.org/wiki/HTTP/1.1_Upgrade_header

It is not supported directly, but the mechanisms to make it work are
there, since are those used by WebSocket.

The upgrade to SSL never got much traction due to the fact that port
443 is allocated for https, so almost everybody implements the
"upgrade" with a redirect to 443.
Feels awkward to have encrypted HTTP on port 80, but I digress.

Look at WebSocketServlet.service() that calls
WebSocketFactory.acceptWebSocket() that calls
WebSocketFactory.upgrade() and the magic is at the last line, where
you set a special request attribute that tells Jetty to switch the
connection: request.setAttribute("org.eclipse.jetty.io.Connection",
connection);

We may have something more formal in Jetty 9.

Simon
--
http://cometd.org
http://webtide.com
Developer advice, services and support
from the Jetty & CometD experts.
----
Finally, no matter how good the architecture and design are,
to deliver bug-free software with optimal performance and reliability,
the implementation technique must be flawless.   Victoria Livschitz
_______________________________________________
jetty-users mailing list
[hidden email]
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: [jetty-users] Jetty and Http 1.1 upgrade header

Manfred
Thanks Simon.

I've looked through the classes and how possibly the "upgrade" could work.
However I'm not sure this is the right way of doing things.
I would:

- check for "Upgrade" header in Servlet's service() method
- if "Upgrade" create a SslConnection
- send a "101 Switching Protocol" response
- change the connection object via:
request.setAttribute("org.eclipse.jetty.io.Connection", sslConnection)

Would this be a viable route?
Would Jetty handle everything from there on for me?



Regards,
Manfred
Reply | Threaded
Open this post in threaded view
|

Re: [jetty-users] Jetty and Http 1.1 upgrade header

Joakim Erdfelt-9
Interesting, not sure that there are any browsers that support this flow.
The SSL negotiation between the client and server at this point in time would be tricky.
You are definitely in the realm of a custom HTTP client at this point.
Wish you the best of luck, let us know how it goes.

--
Joakim Erdfelt


On Tue, Sep 25, 2012 at 9:55 AM, Manfred <[hidden email]> wrote:
Thanks Simon.

I've looked through the classes and how possibly the "upgrade" could work.
However I'm not sure this is the right way of doing things.
I would:

- check for "Upgrade" header in Servlet's service() method
- if "Upgrade" create a SslConnection
- send a "101 Switching Protocol" response
- change the connection object via:
request.setAttribute("org.eclipse.jetty.io.Connection", sslConnection)

Would this be a viable route?
Would Jetty handle everything from there on for me?



Regards,
Manfred



--
View this message in context: http://jetty.4.n6.nabble.com/jetty-users-Jetty-and-Http-1-1-upgrade-header-tp4959222p4959235.html
Sent from the Jetty User mailing list archive at Nabble.com.
_______________________________________________
jetty-users mailing list
[hidden email]
https://dev.eclipse.org/mailman/listinfo/jetty-users


_______________________________________________
jetty-users mailing list
[hidden email]
https://dev.eclipse.org/mailman/listinfo/jetty-users
Reply | Threaded
Open this post in threaded view
|

Re: [jetty-users] Jetty and Http 1.1 upgrade header

Manfred
Actually it's CUPS doing this if you enable authentication.



Manfred