Hey Thomas, thanks for describing the steps in detail. Yes, you are right, I missed that (should be using HTTPProxyEngine, *not* SPDYProxyEngine).
Now, I've done as you described. But unfortunately, it still does not work for me. This is the Jetty output, after I open https://localhost:8443/ with Chrome: ... 2013-03-12 21:56:13.151:INFO:oejssp.HTTPSPDYProxyServerConnector:main: Started HTTPSPDYProxyServerConnector@119c149{HTTP/1.1}{0.0.0.0:8080} 2013-03-12 21:56:13.454:INFO:oejssp.HTTPSPDYProxyServerConnector:main: Started HTTPSPDYProxyServerConnector@52d334{SSL-npn}{0.0.0.0:8443} 2013-03-12 21:56:24.558:WARN:oejut.QueuedThreadPool:qtp10883068-58: java.lang.NoSuchMethodError: sun.security.ssl.EngineInputRecord.decrypt(Lsun/security/ssl/CipherBox;Ljava/nio/ByteBuffer;)Ljava/nio/ByteBuffer; at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:957) at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:888) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:762) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:487) at org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.fill(NextProtoNegoServerConnection.java:100) at org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.onFillable(NextProtoNegoServerConnection.java:68) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:240) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:589) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:520) at java.lang.Thread.run(Thread.java:722) 2013-03-12 21:56:24.566:WARN:oejut.QueuedThreadPool:qtp10883068-29: java.lang.NoSuchMethodError: sun.security.ssl.EngineInputRecord.decrypt(Lsun/security/ssl/CipherBox;Ljava/nio/ByteBuffer;)Ljava/nio/ByteBuffer; at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:957) at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:888) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:762) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:487) at org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.fill(NextProtoNegoServerConnection.java:100) at org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.onFillable(NextProtoNegoServerConnection.java:68) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:240) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:589) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:520) at java.lang.Thread.run(Thread.java:722) I've tried two different npn-boot jars: the most recent one and the one you used in your steps, but that does not make a difference. Opening http://localhost:8080/ gives a different error. The same environment on Windows (7, JDK7, Chrome as client) gives the same error. We have been using the same versions right? On 12 March 2013 09:19, Thomas Becker <[email protected]> wrote: > Hi Arjan, > > that's because you're trying to redirect to an HTTP server with a > SPDYProxyEngine. Instead you've to use an HTTPProxyEngine as described in > the example configuration in the documentation for proxying to HTTP. > > To verify that it works I used the latest jetty-9 distribution and wrote > down the steps for you: > > 1. cp npn jar to $JETTY_HOME > 2. uncomment OPTIONS=spdy and add etc/jetty-spdy-proxy.xml in start.ini > 3. comment jetty-http.xml > 4. Copy and Paste the HTTP Proxy config from the documentation: > http://www.eclipse.org/jetty/**documentation/current/spdy-** > configuring-proxy.html#spdy-**to-http-example-config<http://www.eclipse.org/jetty/documentation/current/spdy-configuring-proxy.html#spdy-to-http-example-config> > 5. replace IP (127.0.0.1) and port (9090) with www.google.com and 80 > 6. start jetty: java -Xbootclasspath/p:npn-boot-1.**1.0.v20120525.jar > -jar start.jar > 6. try it, works > > As you're proxying to another server outside jetty you can safely remove > the http connector for port 9090 from that config. > Also it's fine if you use --exec and place the npn jar inside lib as you > did. > > Cheers, > Thomas > > > Am 3/11/13 10:34 PM, schrieb Arjan Peddemors: > >> Hi Thomas, thanks for your reply. >> >> Yes, I have read the SPDY proxy example documentation. >> >> I am using jetty-9.0.0.v20130308 . >> >> This is my start.ini: >> --exec >> -Xbootclasspath/p:lib/npn-**boot-1.1.2.v20130305.jar >> OPTIONS=Server,ext,spdy >> etc/jetty.xml >> etc/jetty-spdy-proxy.xml >> >> I have not touched the etc/jetty.xml file. >> This is in etc/jetty-spdy-proxy.xml: >> <?xml version="1.0" encoding="UTF-8"?> >> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" >> "http://www.eclipse.org/jetty/**configure_9_0.dtd<http://www.eclipse.org/jetty/configure_9_0.dtd> >> "> >> >> <Configure id="Server" class="org.eclipse.jetty.**server.Server"> >> >> <New id="sslContextFactory" >> class="org.eclipse.jetty.util.**ssl.SslContextFactory"> >> <Set name="KeyStorePath"><Property name="jetty.home" default="." >> />/etc/keystore</Set> >> <Set name="KeyStorePassword">OBF:**1vny1zlo1x8e1vnw1vn61x8g1zlu1v** >> n4</Set> >> <Set name="KeyManagerPassword">OBF:**1u2u1wml1z7s1z7a1wnl1u2g</Set> >> <Set name="TrustStorePath"><**Property name="jetty.home" default="." >> />/etc/keystore</Set> >> <Set >> name="TrustStorePassword">OBF:**1vny1zlo1x8e1vnw1vn61x8g1zlu1v**n4</Set> >> </New> >> >> <New id="tlsHttpConfig" >> class="org.eclipse.jetty.**server.HttpConfiguration"> >> <Arg><Ref refid="httpConfig"/></Arg> >> <Call name="addCustomizer"> >> <Arg><New >> class="org.eclipse.jetty.**server.**SecureRequestCustomizer"/></**Arg> >> </Call> >> </New> >> >> <New id="spdyProxyEngine" >> class="org.eclipse.jetty.spdy.**server.proxy.SPDYProxyEngine"> >> <Arg> >> <New class="org.eclipse.jetty.spdy.**client.SPDYClient$Factory"> >> <Call name="start"/> >> </New> >> </Arg> >> </New> >> >> <New id="proxyEngineSelector" >> class="org.eclipse.jetty.spdy.**server.proxy.**ProxyEngineSelector"> >> <Call name="putProxyEngine"> >> <Arg>spdy/3</Arg> >> <Arg> >> <Ref refid="spdyProxyEngine"/> >> </Arg> >> </Call> >> <Set name="proxyServerInfos"> >> <Map> >> <Entry> >> <Item>localhost</Item> >> <Item> >> <New >> class="org.eclipse.jetty.spdy.**server.proxy.**ProxyEngineSelector$** >> ProxyServerInfo"> >> <Arg type="String">spdy/3</Arg> >> <Arg>127.0.0.1</Arg> >> <Arg type="int">7070</Arg> >> </New> >> </Item> >> </Entry> >> </Map> >> </Set> >> </New> >> >> <Call name="addConnector"> >> <Arg> >> <New >> class="org.eclipse.jetty.spdy.**server.proxy.** >> HTTPSPDYProxyServerConnector"> >> <Arg> >> <Ref refid="Server"/> >> </Arg> >> <Arg> >> <Ref refid="proxyEngineSelector"/> >> </Arg> >> <Set name="Port">8080</Set> >> </New> >> </Arg> >> </Call> >> <Call name="addConnector"> >> <Arg> >> <New >> class="org.eclipse.jetty.spdy.**server.proxy.** >> HTTPSPDYProxyServerConnector"> >> <Arg> >> <Ref refid="Server"/> >> </Arg> >> <Arg> >> <Ref refid="sslContextFactory"/> >> </Arg> >> <Arg> >> <Ref refid="proxyEngineSelector"/> >> </Arg> >> <Set name="Port">8443</Set> >> </New> >> </Arg> >> </Call> >> >> </Configure> >> >> I have not changed the sslContextFactory configuration (is straight from >> the distribution). >> Now, to try this out, I am running an HTTP server on the same machine as >> the SPDY proxy, listening on port 7070. The proxy is started with: java >> -jar start.jar. In my chrome browser, on the same machine, I go to >> https://localhost:8443/ . No result in the browser (keeps loading). No >> incoming request for the HTTP server on 7070. >> >> Jetty output at this point: >> $ java -jar start.jar >> 2013-03-11 22:21:29.421:INFO:oejs.Server:**main: jetty-9.0.0.v20130308 >> 2013-03-11 22:21:29.535:INFO:oejssp.**HTTPSPDYProxyServerConnector:** >> main: >> Started HTTPSPDYProxyServerConnector@**63a4bb{HTTP/1.1}{0.0.0.0:8080 >> <http://0.0.0.0:8080>} >> >> 2013-03-11 22:21:29.864:INFO:oejssp.**HTTPSPDYProxyServerConnector:** >> main: >> Started HTTPSPDYProxyServerConnector@**b0a583{SSL-npn}{0.0.0.0:8443 >> <http://0.0.0.0:8443>} >> >> 2013-03-11 22:21:47.162:WARN:oejut.**QueuedThreadPool:qtp16655481-**26: >> java.lang.NoSuchMethodError: >> sun.security.ssl.**EngineInputRecord.decrypt(** >> Lsun/security/ssl/CipherBox;**Ljava/nio/ByteBuffer;)Ljava/** >> nio/ByteBuffer; >> at sun.security.ssl.**SSLEngineImpl.readRecord(**SSLEngineImpl.java:957) >> at sun.security.ssl.**SSLEngineImpl.readNetRecord(** >> SSLEngineImpl.java:888) >> at sun.security.ssl.**SSLEngineImpl.unwrap(**SSLEngineImpl.java:762) >> at javax.net.ssl.SSLEngine.**unwrap(SSLEngine.java:624) >> at >> org.eclipse.jetty.io.ssl.**SslConnection$**DecryptedEndPoint.fill(** >> SslConnection.java:487) >> at >> org.eclipse.jetty.spdy.server.**NextProtoNegoServerConnection.**fill(** >> NextProtoNegoServerConnection.**java:100) >> at >> org.eclipse.jetty.spdy.server.**NextProtoNegoServerConnection.** >> onFillable(**NextProtoNegoServerConnection.**java:68) >> at >> org.eclipse.jetty.io.**AbstractConnection$**ReadCallback.run(** >> AbstractConnection.java:240) >> at >> org.eclipse.jetty.util.thread.**QueuedThreadPool.runJob(** >> QueuedThreadPool.java:589) >> at >> org.eclipse.jetty.util.thread.**QueuedThreadPool$3.run(** >> QueuedThreadPool.java:520) >> at java.lang.Thread.run(Thread.**java:722) >> 2013-03-11 22:21:47.162:WARN:oejut.**QueuedThreadPool:qtp16655481-**25: >> java.lang.NoSuchMethodError: >> sun.security.ssl.**EngineInputRecord.decrypt(** >> Lsun/security/ssl/CipherBox;**Ljava/nio/ByteBuffer;)Ljava/** >> nio/ByteBuffer; >> at sun.security.ssl.**SSLEngineImpl.readRecord(**SSLEngineImpl.java:957) >> at sun.security.ssl.**SSLEngineImpl.readNetRecord(** >> SSLEngineImpl.java:888) >> at sun.security.ssl.**SSLEngineImpl.unwrap(**SSLEngineImpl.java:762) >> at javax.net.ssl.SSLEngine.**unwrap(SSLEngine.java:624) >> at >> org.eclipse.jetty.io.ssl.**SslConnection$**DecryptedEndPoint.fill(** >> SslConnection.java:487) >> at >> org.eclipse.jetty.spdy.server.**NextProtoNegoServerConnection.**fill(** >> NextProtoNegoServerConnection.**java:100) >> at >> org.eclipse.jetty.spdy.server.**NextProtoNegoServerConnection.** >> onFillable(**NextProtoNegoServerConnection.**java:68) >> at >> org.eclipse.jetty.io.**AbstractConnection$**ReadCallback.run(** >> AbstractConnection.java:240) >> at >> org.eclipse.jetty.util.thread.**QueuedThreadPool.runJob(** >> QueuedThreadPool.java:589) >> at >> org.eclipse.jetty.util.thread.**QueuedThreadPool$3.run(** >> QueuedThreadPool.java:520) >> at java.lang.Thread.run(Thread.**java:722) >> >> >> No active SPDY session when I look at >> chrome://net-internals/#**events&q=type:SPDY_SESSION%**20is:active >> This is on Ubuntu 12.04 >> $ java -version >> java version "1.7.0_15" >> OpenJDK Runtime Environment (IcedTea7 2.3.7) (7u15-2.3.7-0ubuntu1~12.04.1) >> OpenJDK Server VM (build 23.7-b01, mixed mode) >> >> Any idea? >> >> Best regards, >> Arjan >> >> >> Date: Mon, 11 Mar 2013 09:44:29 +0100 >> From: Thomas Becker <[email protected] <mailto:[email protected] >> >> >> To: [email protected] >> <mailto:jetty-users@eclipse.**org<[email protected]> >> > >> >> Subject: Re: [jetty-users] Minimalistic SPDY proxy setup using Jetty >> 9.0.0 >> Message-ID: <[email protected] >> <mailto:513D996D.7060207@**intalio.com <[email protected]> >> >> >> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Hi Arjan, >> >> you've seen the example configuration for a SPDY to HTTP proxy in the >> documentation? >> >> It's described here: >> http://www.eclipse.org/jetty/**documentation/current/spdy-** >> configuring-proxy.html#spdy-**to-http-example-config<http://www.eclipse.org/jetty/documentation/current/spdy-configuring-proxy.html#spdy-to-http-example-config> >> >> Regarding your steps: >> >> 2. I usually put the npn file in $JETTY_HOME, but that's just my >> personal preference. >> 3. Comment out jetty-http.xml to disable the HTTP coonector you >> don't need. >> 4. That depends on what you want to achieve. Read the documentation: >> http://www.eclipse.org/jetty/**documentation/current/spdy-** >> configuring-proxy.html#spdy-**example-config<http://www.eclipse.org/jetty/documentation/current/spdy-configuring-proxy.html#spdy-example-config> >> >> and try to apply the settings according to your setup. >> 5. You need to include the npn jar in the classpath like so: >> -Xbootclasspath/p:$JETTY_HOME/**npn-boot-1.1.2.v20130305.jar >> Make sure to change the path to npn-boot if you don't have it in >> $JETTY_HOME. >> >> Cheers, >> Thomas >> Am 3/10/13 10:49 PM, schrieb Arjan Peddemors: >> > Hi all, >> > I'm kind of lost setting up a simple Jetty SPDY proxy >> configuration on >> > my Ubuntu 12.04 machine with OpenJDK 7. I have read the SPDY >> > documentation, but can't seem to get it going. >> > >> > Say I have a regular (backend) web server running on the same >> machine, >> > listening for incoming HTTP request on port 7070. I want to setup >> the >> > proxy as a frontend such that HTTP over SPDY/3 requests are >> forwarded to >> > localhost:7070. Given the new Jetty 9.0.0 distribution, what would >> be >> > the *concrete* steps to set this up as simple as possible? >> > >> > I would say these are the steps, but what about step 3 and 4? >> > 1- Unpack the distribution; cd into it >> > 2- Download npn-boot-1.1.2.v20130305.jar from repo1.maven.org >> <http://repo1.maven.org> >> > <http://repo1.maven.org>, and copy to the lib directory >> > 3- Change the start.ini file: exactly what changes for a >> minimalistic setup? >> > 4- Change the etc/jetty-spdy-proxy.xml file: exactly what changes? >> > Self-signed certificate is ok. >> > 5- Run it with: java -jar start.jar >> > >> > Thx, >> > Arjan >> > >> > >> > >> > ______________________________**_________________ >> > jetty-users mailing list >> > [email protected] >> <mailto:jetty-users@eclipse.**org<[email protected]> >> > >> > >> https://dev.eclipse.org/**mailman/listinfo/jetty-users<https://dev.eclipse.org/mailman/listinfo/jetty-users> >> >> > >> >> >> >> ______________________________**_________________ >> jetty-users mailing list >> [email protected] >> https://dev.eclipse.org/**mailman/listinfo/jetty-users<https://dev.eclipse.org/mailman/listinfo/jetty-users> >> >> > ______________________________**_________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/**mailman/listinfo/jetty-users<https://dev.eclipse.org/mailman/listinfo/jetty-users> >
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
