Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 345081 - The NestedConnector#isConfidential always returns false
Summary: The NestedConnector#isConfidential always returns false
Status: RESOLVED FIXED
Alias: None
Product: Jetty
Classification: RT
Component: server (show other bugs)
Version: 7.4.0   Edit
Hardware: All All
: P3 major (vote)
Target Milestone: 7.2.x   Edit
Assignee: Greg Wilkins CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-05-08 20:09 EDT by Hugues Malphettes CLA
Modified: 2011-05-09 21:46 EDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hugues Malphettes CLA 2011-05-08 20:09:24 EDT 
When running a servlet from inside the nested connector the method HttpServletRequest#isSecure() always returns false.
Comment 1 Hugues Malphettes CLA 2011-05-08 20:11:36 EDT 
The suggested patch consists of doing what the SslChannelSelectConnector does:
Override the method isConfidential in the NestedConnector.

/**
     * In the case of the NesteConnector it is not clear that we can check the forwarded attribute.
     * We do something similar to what the Ssl*Connector does.
     * @see org.eclipse.jetty.server.Connector#isConfidential(org.eclipse.jetty.server.Request)
     * @see org.eclipse.jetty.server.ssl.SslSelectChannelConnector#isConfidential(org.eclipse.jetty.server.Request)
     */
    public boolean isConfidential(Request request)
    {
    	if (request.getScheme().equalsIgnoreCase(HttpSchemes.HTTPS))
    	{
	        final int confidentialPort = getConfidentialPort();
	        return confidentialPort == 0 || confidentialPort == request.getServerPort();
    	}
    	else
    	{
    		return false;
    	}
    }
Comment 2 Greg Wilkins CLA 2011-05-09 21:46:33 EDT 
the connector is now setup in forwarded mode and inspects for the x-forwarded-for headers.  Also the outer request is consulted when setting the protocol.