IIRC, TLS (w/ALPN) is required for all user-agents to use for HTTP/2. There is a protocol called "h2c" that allows for HTTP/2 in clear-text, but no client supports that. However many load balancers, and proxies do.
If you have such a setup, then the LB or Proxy would talk to Jetty via "h2c". As for Jetty support for "h2c", that's a different connection factory. (HTTP2*C*ServerConnectionFactory vs HTTP2ServerConnectionFactory) See: https://github.com/eclipse/jetty.project/blob/jetty-9.4.x/examples/embedded/src/main/java/org/eclipse/jetty/embedded/Http2Server.java#L96 (and line #116) Joakim Erdfelt / [email protected] On Mon, Feb 26, 2018 at 2:10 PM, Shawn Heisey <[email protected]> wrote: > On 2/26/2018 12:02 PM, Joakim Erdfelt wrote: > > Don't forget to think about what JVM Runtime you are running on. > > > > https://www.eclipse.org/jetty/documentation/9.4.x/alpn-chapter.html > > > > Java 1.8? Then you need a -Xbootclasspath/p:<path_to_alpn_boot_jar> for > > your alpn-boot-<jvm-version-dependent>.jar > > JVM Version to alpn-boot > > table: https://www.eclipse.org/jetty/documentation/9.4.x/ > alpn-chapter.html#alpn-versions > > > > Java 9? Then you don't use alpn-boot, but instead you need > > `jetty-alpn-java-server` artifact present in your classpath (don't add > > this artifact for Java 1.8 runtime) > > Recent Solr versions support Java 8 and Java 9. We recommend either > Oracle or OpenJDK, because other implementations (primarily IBM's) are > known to have problems with Lucene-based software. Because Solr does > not enforce one provider over another, I have absolutely no idea what > JVM the user will be using. > > Reading the page you provided about ALPN, it sounds like Solr could > probably include the conscrypt provider (and any dependencies that > requires) and have everything work. When we update to require Java 9, > then Solr can switch to the provider using the ALPN support built into > the JVM. The documentation for Solr can refer users to Jetty > documentation if they really want to use a different ALPN provider. > > Does HTTP/2 on Jetty require TLS, or can it work without encryption? I > know that TLS is definitely preferred, and most clients will require it, > but it's a question I know people will ask, so I want to get it answered > now. I'm going to guess that TLS will be required. > > Thanks, > Shawn > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
