We don't currently support configuring hosts based on interface name. Interestingly, this information is present via the java.net.NetworkInterface APIs. However, a single name can often lead to multiple addresses. So it's not a 1::1 affair, but something new.
Meaning, if I were to configure (on my machine) the name "enp4s0" I would wind up with 4 java.net.InetAddress to bind to. (3 are on IPv6, 1 is on IPv4) That would be 4 connectors, in Jetty speak. Joakim Erdfelt / joa...@webtide.com On Tue, Mar 19, 2024 at 9:33 AM Lansing Chen via jetty-users < jetty-users@eclipse.org> wrote: > Dear Jetty team, > > For security enhancement purposes, we are seeking to configure the Jetty > server to listen on trusted interfaces instead of "0.0.0.0". Currently, we > could achieve that by specifying an IP address for the "jetty.ssl.host=xxx" > property in the "ssl.ini" file. > > Given the interface IP address could change upon network configuration > adjustments(more likely than the interface name in our case), we wonder if > it's possible to configure the SSL connector to bind to a specific > interface using its name? For example, instead of "jetty.ssl.host=xxx", > could we configure "jetty.ssl.interface=eth0"? The expected behavior is: > Even if the IP address associated with the interface changes, the Jetty > server can seamlessly identify and bind the connector using the new IP. > > Would the above behavior be achievable via jetty configuration? If so, > could you please advise how to achieve that? Any guidance would be greatly > appreciated. Thanks. > Best, > Lansing > _______________________________________________ > jetty-users mailing list > jetty-users@eclipse.org > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
