yes, and it should be in the RC5 binaries available in maven central and for download from eclipse.
jesse -- jesse mcconnell [email protected] On Mon, Jan 23, 2012 at 08:57, Mario Georgiev <[email protected]> wrote: > Hi Thomas, > > OK, that sounds good that the bug is found and fixed :) > Do you know is it going to be in Jetty 7.6? > > On Mon, Jan 23, 2012 at 16:46, Thomas Becker <[email protected]> wrote: >> Hi Mario, >> >> this is a bug in jetty which we recently have fixed: >> https://bugs.eclipse.org/bugs/show_bug.cgi?id=368773 >> Sorry, didn't remember your email. Otherwise I would have reported that to >> you earlier. >> >> Cheers, >> Thomas >> >> >> On 1/23/12 3:41 PM, Mario Georgiev wrote: >>> >>> Hi, >>> >>> So I've been busy with other stuff and a colleague of mine have been >>> taken the issue and here is what he found so far. >>> >>> If there is "securityHandler" enabled the redirect works. So when we >>> add this in the context configuration it works: >>> >>> <Get name="securityHandler"> >>> <Set name="loginService"> >>> <New class="org.eclipse.jetty.security.HashLoginService"> >>> <Set name="name">Test Realm</Set> >>> <Set name="config"><SystemProperty name="jetty.home" >>> default="."/>/etc/realm.properties</Set> >>> <!-- To enable reload of realm when properties change, >>> uncomment the following lines --> >>> <!-- changing refreshInterval (in seconds) as desired >>> --> >>> <!-- >>> <Set name="refreshInterval">5</Set> >>> <Call name="start"></Call> >>> --> >>> </New> >>> </Set> >>> <Set name="checkWelcomeFiles">true</Set> >>> </Get> >>> >>> So my questions are >>> 1. Why do we need a "securityHandler"? >>> and >>> 2. What is the right configuration when I need only to redirect users >>> but not to authenticate them? >>> >>> On Fri, Jan 13, 2012 at 13:17, Thomas Becker<[email protected]> wrote: >>>> >>>> Hi Mario, >>>> >>>> I've setup the same thing again within 5 min. by just using the standard >>>> jetty config files, creating a keystore and enabling jetty-ssl.xml in >>>> start.ini. It works just fine. >>>> >>>> Here's the web.xml excerpt I've used. >>>> >>>> <!-- redirect everything to confidential port --> >>>> <security-constraint> >>>> <web-resource-collection> >>>> <web-resource-name>Protected Context</web-resource-name> >>>> >>>> <url-pattern>/*</url-pattern> >>>> </web-resource-collection> >>>> <user-data-constraint> >>>> <transport-guarantee>CONFIDENTIAL</transport-guarantee> >>>> </user-data-constraint> >>>> </security-constraint> >>>> >>>> Pretty much the same thing as you have and it simply works. All calls to >>>> this webapp get redirected to https. So I don't have a clue why this is >>>> not >>>> working for you. I've tested with 7.6.0-SNAPSHOT, but that shouldn't make >>>> a >>>> difference in this case. >>>> >>>> Cheers, >>>> Thomas >>>> >>>> On 1/12/12 10:20 AM, Thomas Becker wrote: >>>>> >>>>> Hi Mario, >>>>> >>>>> at a first glimpse your config looks completely ok to me. If I will find >>>>> some time to do so, I will see if I can put a config together that works >>>>> and >>>>> paste it to you. You can then start with a config that is known to work >>>>> and >>>>> if it still doesn't work for you, we at least know it's not the config. >>>>> >>>>> Cheers, >>>>> Thomas >>>>> >>>>> On 1/11/12 12:42 PM, Mario Georgiev wrote: >>>>>> >>>>>> Hi, >>>>>> >>>>>> Yes I have "confidentialPort" set in the config. >>>>>> Here are the configurations for the connectors: >>>>>> >>>>>> <New id="sslContextFactory" >>>>>> class="org.eclipse.jetty.http.ssl.SslContextFactory"> >>>>>> <Set name="KeyStore"><Property name="jetty.home" default="." >>>>>> />mykey.keystore</Set> >>>>>> <Set name="KeyStorePassword">pass</Set> >>>>>> <Set name="KeyManagerPassword">pass</Set> >>>>>> <Set name="TrustStore"><Property name="jetty.home" default="." >>>>>> />mytruststore.keystore</Set> >>>>>> <Set name="TrustStorePassword">pass</Set> >>>>>> </New> >>>>>> >>>>>> <Call name="addConnector"> >>>>>> <Arg> >>>>>> <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector"> >>>>>> <Arg><Ref id="sslContextFactory" /></Arg> >>>>>> <Set name="Port">8443</Set> >>>>>> >>>>>> <Set name="maxIdleTime">45000</Set> >>>>>> <Set name="AcceptQueueSize">100</Set> >>>>>> <Set name="Acceptors">2</Set> >>>>>> <Set name="lowResourcesConnections">11000</Set> >>>>>> <Set name="lowResourcesMaxIdleTime">1000</Set> >>>>>> </New> >>>>>> </Arg> >>>>>> </Call> >>>>>> >>>>>> <Call name="addConnector"> >>>>>> <Arg> >>>>>> <New class="org.eclipse.jetty.server.nio.SelectChannelConnector"> >>>>>> <Set name="host"> >>>>>> <Property name="jetty.host" /> >>>>>> </Set> >>>>>> <Set name="port"> >>>>>> <Property name="jetty.port" default="8080" /> >>>>>> </Set> >>>>>> <Set name="maxIdleTime">45000</Set> >>>>>> <Set name="Acceptors">2</Set> >>>>>> <Set name="statsOn">false</Set> >>>>>> <Set name="confidentialPort">8443</Set> >>>>>> <Set name="lowResourcesConnections">10000</Set> >>>>>> <Set name="lowResourcesMaxIdleTime">5000</Set> >>>>>> <Set name="ThreadPool"> >>>>>> <New class="org.eclipse.jetty.util.thread.QueuedThreadPool"> >>>>>> <Set name="name">SSL Thread Pool</Set> >>>>>> <Set name="minThreads">10</Set> >>>>>> <Set name="maxThreads">400</Set> >>>>>> </New> >>>>>> </Set> >>>>>> </New> >>>>>> </Arg> >>>>>> </Call> >>>>>> >>>>>> >>>>>> Do you know where in the code to look for these settings? >>>>>> I can try to debug it and see what is going on, I just need some >>>>>> direction to look for. >>>>>> >>>>>> >>>>>> On Wed, Jan 11, 2012 at 11:15, Simone Bordet<[email protected]> >>>>>> wrote: >>>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> On Wed, Jan 11, 2012 at 10:05, Mario Georgiev<[email protected]> >>>>>>> wrote: >>>>>>>> >>>>>>>> Hi Thomas, >>>>>>>> >>>>>>>> The SSL connector is setup as it should and works like a charm. I >>>>>>>> have >>>>>>>> working SSL environment and I can open pages/access resources on >>>>>>>> https >>>>>>>> with no problems at all. >>>>>>>> The redirect from http to https that should happen from the >>>>>>>> configuration with this security constraint - that is not working. >>>>>>>> >>>>>>>> I forgot to tell: Jetty version I use is 7.5.4.v20111024 >>>>>>> >>>>>>> Did you specify the confidentialPort in the non-SSL connector ? >>>>>>> Otherwise Jetty will not know where to redirect to. >>>>>>> >>>>>>> Simon >>>>>>> -- >>>>>>> http://cometd.org >>>>>>> http://intalio.com >>>>>>> http://bordet.blogspot.com >>>>>>> ---- >>>>>>> Finally, no matter how good the architecture and design are, >>>>>>> to deliver bug-free software with optimal performance and reliability, >>>>>>> the implementation technique must be flawless. Victoria Livschitz >>>>>>> _______________________________________________ >>>>>>> jetty-users mailing list >>>>>>> [email protected] >>>>>>> https://dev.eclipse.org/mailman/listinfo/jetty-users >>>>>> >>>>>> >>>>>> >>>> -- >>>> thomas becker >>>> [email protected] >>>> >>>> http://webtide.com / http://intalio.com >>>> (the folks behind jetty and cometd) >>>> >>>> _______________________________________________ >>>> jetty-users mailing list >>>> [email protected] >>>> https://dev.eclipse.org/mailman/listinfo/jetty-users >>> >>> >>> >> >> -- >> thomas becker >> [email protected] >> >> http://webtide.com / http://intalio.com >> (the folks behind jetty and cometd) >> >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> https://dev.eclipse.org/mailman/listinfo/jetty-users > > > > -- > Regards, > Mario Georgiev > Senior Web Developer > > Trading 212 > www.trading212.com > > E-mail: [email protected] > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users _______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
