I have set up Jetty 9.3 with two XML context configurations. One for static content:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <Configure class="org.eclipse.jetty.server.handler.ContextHandler"> <Set name="contextPath">/static</Set> <Set name="handler"> <New class="org.eclipse.jetty.server.handler.ResourceHandler"> <Set name="resourceBase">/home/user/static</Set> <Set name="directoriesListed">true</Set> </New> </Set> </Configure> and one for a web application (WAR file):
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd"> <Configure class="org.eclipse.jetty.webapp.WebAppContext"> <Set name="contextPath">/webapp</Set> <Set name="war">/home/user/webapp.war</Set> </Configure> I then used this answer to set up Jetty to forward HTTP requests to HTTPS. More specifically, I added the following to jetty/etc/webdefault.xml:
<security-constraint> <web-resource-collection> <web-resource-name>Everything</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> and added the following to my HttpConfiguration in jetty/etc/jetty.xml:
<Call name="addCustomizer"> <Arg> <New class="org.eclipse.jetty.server.SecureRequestCustomizer" /> </Arg> </Call> This works perfectly for my web application (i.e. accessing the server through HTTP at '/webapp' will redirect to HTTPS), but doesn't seem to affect the static content served under '/static'. I assume this is because the setting added to webdefault.xml only applies to web applications since they have an applicable web.xml file.
How can I set up HTTP requests to redirect to HTTPS for all my pages served as static content?
0 comments:
Post a Comment