protected HttpConfiguration buildHttpConfiguration() { HttpConfiguration httpConfig = new HttpConfiguration(); // most parameters are hardcoded for now... we should turn these // into properties httpConfig.setHeaderCacheSize(512); httpConfig.setOutputBufferSize(32 * 1024); httpConfig.setRequestHeaderSize(requestHeaderSize); httpConfig.setResponseHeaderSize(responseHeaderSize); httpConfig.setSendDateHeader(true); httpConfig.setSendServerVersion(true); httpConfig.addCustomizer(new ForwardedRequestCustomizer()); return httpConfig; }
@Override public void customize(Server server) { ForwardedRequestCustomizer customizer = new ForwardedRequestCustomizer(); for (Connector connector : server.getConnectors()) { for (ConnectionFactory connectionFactory : connector .getConnectionFactories()) { if (connectionFactory instanceof HttpConfiguration.ConnectionFactory) { ((HttpConfiguration.ConnectionFactory) connectionFactory) .getHttpConfiguration().addCustomizer(customizer); } } } }
@VisibleForTesting HttpConfiguration configureForwardRequestCustomizer(HttpConfiguration httpConf) { if (conf.get(HTTP_ENABLE_FORWARDED_REQUESTS_KEY, HTTP_ENABLE_FORWARDED_REQUESTS_DEFAULT)) { httpConf.addCustomizer(new ForwardedRequestCustomizer()); } return httpConf; }
/** Creates a Jetty server listening on HTTP and HTTPS, serving handlers. */ public static Server createJetty(Handler handler) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { final Server server = new Server(); server.setHandler(handler); HttpConfiguration httpConfig = new HttpConfiguration(); // Parses X-Forwarded-For headers for Servlet.getRemoteAddr() httpConfig.addCustomizer(new ForwardedRequestCustomizer()); final ServerConnector connector = new ServerConnector( server, new HttpConnectionFactory(httpConfig) ); server.addConnector(connector); connector.setPort(HTTP_PORT); // Enable SSL on port 8443 using the debug keystore KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); InputStream keyStream = Main.class.getResourceAsStream("debug_keystore.jks"); keyStore.load(keyStream, null); keyStream.close(); SslContextFactory ssl = new SslContextFactory(); ssl.setKeyStore(keyStore); ssl.setKeyStorePassword("password"); SslConnectionFactory sslFactory = new SslConnectionFactory(ssl, "http/1.1"); // SecureRequestCustomizer is required to correctly set scheme to https HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); httpsConfig.addCustomizer(new ForwardedRequestCustomizer()); ConnectionFactory httpsFactory = new HttpConnectionFactory(httpsConfig); ServerConnector sslConnector = new ServerConnector(server, sslFactory, httpsFactory); sslConnector.setPort(HTTPS_PORT); server.addConnector(sslConnector); registerShutdownHook(server); return server; }
/** * @return Jetty config bean */ @Bean public EmbeddedServletContainerFactory jettyConfigBean() { JettyEmbeddedServletContainerFactory jef = new JettyEmbeddedServletContainerFactory(); jef.addServerCustomizers(new JettyServerCustomizer() { public void customize(Server server) { if (Config.getConfigBoolean("access_log_enabled", true)) { // enable access log via Logback HandlerCollection handlers = new HandlerCollection(); for (Handler handler : server.getHandlers()) { handlers.addHandler(handler); } RequestLogHandler reqLogs = new RequestLogHandler(); reqLogs.setServer(server); RequestLogImpl rli = new RequestLogImpl(); rli.setResource("/logback-access.xml"); rli.setQuiet(true); rli.start(); reqLogs.setRequestLog(rli); handlers.addHandler(reqLogs); server.setHandler(handlers); } for (Connector y : server.getConnectors()) { for (ConnectionFactory cf : y.getConnectionFactories()) { if (cf instanceof HttpConnectionFactory) { HttpConnectionFactory dcf = (HttpConnectionFactory) cf; // support for X-Forwarded-Proto // redirect back to https if original request uses it if (Config.IN_PRODUCTION) { HttpConfiguration httpConfiguration = dcf.getHttpConfiguration(); httpConfiguration.addCustomizer(new ForwardedRequestCustomizer()); } // Disable Jetty version header dcf.getHttpConfiguration().setSendServerVersion(false); } } } } }); int defaultPort = NumberUtils.toInt(System.getProperty("jetty.http.port", "8080")); jef.setPort(NumberUtils.toInt(System.getProperty("server.port"), defaultPort)); logger.info("Listening on port {}...", jef.getPort()); return jef; }
@Override public void start() throws Exception { // Thread pool final QueuedThreadPool threadPool = new QueuedThreadPool(); threadPool.setMinThreads(10); threadPool.setMaxThreads(500); // Jetty Server server = new Server(threadPool); // Setup Scheduler server.addBean(new ScheduledExecutorScheduler()); // Setup JMX final MBeanContainer mbeanContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer()); server.addBean(mbeanContainer); // HTTP config final HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.addCustomizer( new ForwardedRequestCustomizer() ); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(httpsPort); httpConfig.setOutputBufferSize(32768); httpConfig.setRequestHeaderSize(8192); httpConfig.setResponseHeaderSize(8192); httpConfig.setSendServerVersion(false); httpConfig.setSendDateHeader(false); // HTTP Connector final ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig)); httpConnector.setPort(httpPort); httpConnector.setHost(bindInterface); httpConnector.setIdleTimeout(30000); server.addConnector(httpConnector); // Setup handlers server.setHandler(createHandlers()); // Extra config options server.setStopAtShutdown(true); // Configure SSL if (httpsEnable && !Strings.isNullOrEmpty(keystoreFile) && new File(keystoreFile).exists()) { // SSL Context final SslContextFactory sslContextFactory = new SslContextFactory(); // Define keystore path and passwords sslContextFactory.setKeyStorePath(keystoreFile); sslContextFactory.setKeyStorePassword(keystorePassword); sslContextFactory.setKeyManagerPassword(keystorePassword); // HTTPS config final HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // HTTPS connector final ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(httpsPort); sslConnector.setHost(bindInterface); server.addConnector(sslConnector); } server.start(); server.join(); }
