Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x
This commit is contained in:
commit
7426fbea7c
|
@ -2,6 +2,7 @@ version: 2
|
|||
updates:
|
||||
- package-ecosystem: "maven"
|
||||
directory: "/"
|
||||
open-pull-requests-limit: 20
|
||||
target-branch: "jetty-9.4.x"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
@ -21,9 +22,12 @@ updates:
|
|||
versions: [ ">=2.0.0" ]
|
||||
- dependency-name: "javax.websocket:*"
|
||||
versions: [ ">=1.1.0" ]
|
||||
- dependency-name: "org.infinispan:*"
|
||||
versions: [ ">= 12" ]
|
||||
|
||||
- package-ecosystem: "maven"
|
||||
directory: "/"
|
||||
open-pull-requests-limit: 20
|
||||
target-branch: "jetty-10.0.x"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
@ -41,16 +45,22 @@ updates:
|
|||
versions: [ ">=4.0.0" ]
|
||||
- dependency-name: "jakarta.inject:*"
|
||||
versions: [ ">=2.0.0" ]
|
||||
- dependency-name: "jakarta.interceptor:*"
|
||||
versions: [ ">=2.0.0" ]
|
||||
- dependency-name: "jakarta.websocket:*"
|
||||
versions: [ ">=2.0.0" ]
|
||||
- dependency-name: "jakarta.servlet.jsp.jstl:*"
|
||||
versions: [ ">=2.0.0" ]
|
||||
- dependency-name: "org.jboss.weld.servlet:*"
|
||||
versions: [ ">=4.0.0" ]
|
||||
- dependency-name: "jakarta.enterprise:jakarta.enterprise.cdi-api:*"
|
||||
versions: [ ">=3.0.0" ]
|
||||
- dependency-name: "com.sun.xml.ws:jaxws*"
|
||||
versions: [ ">=3.0.0" ]
|
||||
- dependency-name: "jakarta.transaction:*"
|
||||
versions: [ ">=2.0.0" ]
|
||||
- dependency-name: "org.infinispan:*"
|
||||
versions: [ ">= 12" ]
|
||||
|
||||
# - package-ecosystem: "maven"
|
||||
# directory: "/"
|
||||
|
|
|
@ -33,6 +33,32 @@ import org.eclipse.jetty.util.URIUtil;
|
|||
*/
|
||||
public class SecuredRedirectHandler extends HandlerWrapper
|
||||
{
|
||||
/**
|
||||
* The redirect code to send in response.
|
||||
*/
|
||||
private final int _redirectCode;
|
||||
|
||||
/**
|
||||
* Uses moved temporarily code (302) as the redirect code.
|
||||
*/
|
||||
public SecuredRedirectHandler()
|
||||
{
|
||||
this(HttpServletResponse.SC_MOVED_TEMPORARILY);
|
||||
}
|
||||
|
||||
/**
|
||||
* Use supplied code as the redirect code.
|
||||
*
|
||||
* @param code the redirect code to use in the response
|
||||
* @throws IllegalArgumentException if parameter is an invalid redirect code
|
||||
*/
|
||||
public SecuredRedirectHandler(final int code)
|
||||
{
|
||||
if (!HttpStatus.isRedirection(code))
|
||||
throw new IllegalArgumentException("Not a 3xx redirect code");
|
||||
_redirectCode = code;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
|
||||
{
|
||||
|
@ -59,7 +85,7 @@ public class SecuredRedirectHandler extends HandlerWrapper
|
|||
String secureScheme = httpConfig.getSecureScheme();
|
||||
String url = URIUtil.newURI(secureScheme, baseRequest.getServerName(), securePort, baseRequest.getRequestURI(), baseRequest.getQueryString());
|
||||
response.setContentLength(0);
|
||||
baseRequest.getResponse().sendRedirect(HttpServletResponse.SC_MOVED_TEMPORARILY, url, true);
|
||||
baseRequest.getResponse().sendRedirect(_redirectCode, url, true);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -0,0 +1,177 @@
|
|||
//
|
||||
// ========================================================================
|
||||
// Copyright (c) 1995-2022 Mort Bay Consulting Pty Ltd and others.
|
||||
//
|
||||
// This program and the accompanying materials are made available under the
|
||||
// terms of the Eclipse Public License v. 2.0 which is available at
|
||||
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
|
||||
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
|
||||
//
|
||||
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
|
||||
// ========================================================================
|
||||
//
|
||||
|
||||
package org.eclipse.jetty.server.handler;
|
||||
|
||||
import java.io.File;
|
||||
import java.net.HttpURLConnection;
|
||||
import java.net.URI;
|
||||
import java.net.URL;
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.HttpsURLConnection;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.eclipse.jetty.server.Connector;
|
||||
import org.eclipse.jetty.server.Handler;
|
||||
import org.eclipse.jetty.server.HttpConfiguration;
|
||||
import org.eclipse.jetty.server.HttpConnectionFactory;
|
||||
import org.eclipse.jetty.server.SecureRequestCustomizer;
|
||||
import org.eclipse.jetty.server.Server;
|
||||
import org.eclipse.jetty.server.ServerConnector;
|
||||
import org.eclipse.jetty.server.SslConnectionFactory;
|
||||
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
public class SecuredRedirectHandlerCodeTest
|
||||
{
|
||||
private Server server;
|
||||
private HostnameVerifier origVerifier;
|
||||
private SSLSocketFactory origSsf;
|
||||
private URI serverHttpUri;
|
||||
private URI serverHttpsUri;
|
||||
|
||||
@Test
|
||||
public void testConstructorRedirectRangeValid()
|
||||
{
|
||||
assertDoesNotThrow(() -> new SecuredRedirectHandler(300));
|
||||
assertDoesNotThrow(() -> new SecuredRedirectHandler(399));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testConstructorRedirectRangeInvalid()
|
||||
{
|
||||
assertThrows(IllegalArgumentException.class, () -> new SecuredRedirectHandler(299));
|
||||
assertThrows(IllegalArgumentException.class, () -> new SecuredRedirectHandler(400));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRedirectUnsecuredRootMovedTemporarily() throws Exception
|
||||
{
|
||||
try
|
||||
{
|
||||
startServer(HttpServletResponse.SC_MOVED_TEMPORARILY);
|
||||
URL url = serverHttpUri.resolve("/").toURL();
|
||||
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
||||
connection.setInstanceFollowRedirects(false);
|
||||
connection.setAllowUserInteraction(false);
|
||||
assertThat("response code", connection.getResponseCode(), is(302));
|
||||
assertThat("location header", connection.getHeaderField("Location"), is(serverHttpsUri.resolve("/").toASCIIString()));
|
||||
connection.disconnect();
|
||||
}
|
||||
finally
|
||||
{
|
||||
stopServer();
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testRedirectUnsecuredRootMovedPermanently() throws Exception
|
||||
{
|
||||
try
|
||||
{
|
||||
startServer(HttpServletResponse.SC_MOVED_PERMANENTLY);
|
||||
URL url = serverHttpUri.resolve("/").toURL();
|
||||
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
||||
connection.setInstanceFollowRedirects(false);
|
||||
connection.setAllowUserInteraction(false);
|
||||
assertThat("response code", connection.getResponseCode(), is(301));
|
||||
assertThat("location header", connection.getHeaderField("Location"), is(serverHttpsUri.resolve("/").toASCIIString()));
|
||||
connection.disconnect();
|
||||
}
|
||||
finally
|
||||
{
|
||||
stopServer();
|
||||
}
|
||||
}
|
||||
|
||||
private void startServer(int redirectCode) throws Exception
|
||||
{
|
||||
// Setup SSL
|
||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore.p12");
|
||||
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
|
||||
sslContextFactory.setKeyStorePath(keystore.getAbsolutePath());
|
||||
sslContextFactory.setKeyStorePassword("storepwd");
|
||||
|
||||
server = new Server();
|
||||
|
||||
int port = 32080;
|
||||
int securePort = 32443;
|
||||
|
||||
// Setup HTTP Configuration
|
||||
HttpConfiguration httpConf = new HttpConfiguration();
|
||||
httpConf.setSecurePort(securePort);
|
||||
httpConf.setSecureScheme("https");
|
||||
|
||||
ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConf));
|
||||
httpConnector.setName("unsecured");
|
||||
httpConnector.setPort(port);
|
||||
|
||||
// Setup HTTPS Configuration
|
||||
HttpConfiguration httpsConf = new HttpConfiguration(httpConf);
|
||||
httpsConf.addCustomizer(new SecureRequestCustomizer());
|
||||
|
||||
ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConf));
|
||||
httpsConnector.setName("secured");
|
||||
httpsConnector.setPort(securePort);
|
||||
|
||||
// Add connectors
|
||||
server.setConnectors(new Connector[]{httpConnector, httpsConnector});
|
||||
|
||||
// Wire up context for unsecure handling to only
|
||||
// the named 'unsecured' connector
|
||||
ContextHandler redirectHandler = new ContextHandler();
|
||||
redirectHandler.setContextPath("/");
|
||||
redirectHandler.setHandler(new SecuredRedirectHandler(redirectCode));
|
||||
redirectHandler.setVirtualHosts(new String[]{"@unsecured"});
|
||||
|
||||
// Establish all handlers that have a context
|
||||
ContextHandlerCollection contextHandlers = new ContextHandlerCollection();
|
||||
contextHandlers.setHandlers(new Handler[]{redirectHandler});
|
||||
|
||||
// Create server level handler tree
|
||||
server.setHandler(new HandlerList(contextHandlers, new DefaultHandler()));
|
||||
|
||||
server.start();
|
||||
|
||||
// calculate serverUri
|
||||
String host = httpConnector.getHost();
|
||||
if (host == null)
|
||||
{
|
||||
host = "localhost";
|
||||
}
|
||||
serverHttpUri = new URI(String.format("http://%s:%d/", host, httpConnector.getLocalPort()));
|
||||
serverHttpsUri = new URI(String.format("https://%s:%d/", host, httpsConnector.getLocalPort()));
|
||||
|
||||
origVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
|
||||
origSsf = HttpsURLConnection.getDefaultSSLSocketFactory();
|
||||
|
||||
HttpsURLConnection.setDefaultHostnameVerifier(new AllowAllVerifier());
|
||||
HttpsURLConnection.setDefaultSSLSocketFactory(sslContextFactory.getSslContext().getSocketFactory());
|
||||
}
|
||||
|
||||
private void stopServer() throws Exception
|
||||
{
|
||||
HttpsURLConnection.setDefaultSSLSocketFactory(origSsf);
|
||||
HttpsURLConnection.setDefaultHostnameVerifier(origVerifier);
|
||||
|
||||
server.stop();
|
||||
server.join();
|
||||
}
|
||||
}
|
4
pom.xml
4
pom.xml
|
@ -45,7 +45,7 @@
|
|||
<grpc.version>1.43.2</grpc.version>
|
||||
<gson.version>2.8.9</gson.version>
|
||||
<guava.version>31.0.1-jre</guava.version>
|
||||
<guice.version>5.0.1</guice.version>
|
||||
<guice.version>5.1.0</guice.version>
|
||||
<hamcrest.version>2.2</hamcrest.version>
|
||||
<hawtio.version>2.14.4</hawtio.version>
|
||||
<hazelcast.version>4.2.4</hazelcast.version>
|
||||
|
@ -167,7 +167,7 @@
|
|||
<maven.source.plugin.version>3.2.1</maven.source.plugin.version>
|
||||
<maven.war.plugin.version>3.3.2</maven.war.plugin.version>
|
||||
<spotbugs.maven.plugin.version>4.5.3.0</spotbugs.maven.plugin.version>
|
||||
<versions.maven.plugin.version>2.8.1</versions.maven.plugin.version>
|
||||
<versions.maven.plugin.version>2.9.0</versions.maven.plugin.version>
|
||||
|
||||
<!-- testing -->
|
||||
<invoker.mergeUserSettings>false</invoker.mergeUserSettings>
|
||||
|
|
Loading…
Reference in New Issue