You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Sergey Beryozkin (JIRA)" <ji...@apache.org> on 2016/12/05 09:42:58 UTC

[jira] [Commented] (CXF-7160) Can not configure CXF http-jetty transport to handle X-Fowarded-for headers with Jetty 9

    [ https://issues.apache.org/jira/browse/CXF-7160?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15721757#comment-15721757 ] 

Sergey Beryozkin commented on CXF-7160:
---------------------------------------

I guess the 2nd option would effectively mean the jetty transport will only be used with Jetty9 which I believe is not an option for 3.1.x . Can the 1st option can be done, perhaps with some reflective coding ? 

> Can not configure CXF http-jetty transport to handle X-Fowarded-for headers with Jetty 9
> ----------------------------------------------------------------------------------------
>
>                 Key: CXF-7160
>                 URL: https://issues.apache.org/jira/browse/CXF-7160
>             Project: CXF
>          Issue Type: Bug
>          Components: Transports
>    Affects Versions: 3.1.5
>            Reporter: Joe Luo
>
> With Jetty 8, we can configure CXF http-jetty transport to handle reverse proxy headers by simply setting "forwarded" to "true" to Jetty8 NIO SelectChannelConnector:
> {code}
> <httpj:engine-factory bus="cxf">
>     <httpj:engine port="${crx.ws.port}">
> 	    <httpj:connector>
> 		    <bean id="connector" class="org.eclipse.jetty.server.nio.SelectChannelConnector">                    
> 			    <property name="port" value="${crx.ws.port}" />                    
> 				<property name="forwarded" value="true" />                
> 			</bean>            
> 		</httpj:connector>          
> 	</httpj:engine> 
> </httpj:engine-factory>
> {code}
> However, with Jetty 9, it is not possible to do so. Because in Jetty 9, the SelectChannelConnector was replaced by more generic purpose ServerConnector. And we can't configure ServerConnector since the old no-args constructor does not exist anymore in ServerConnector class and all new constructors require the org.eclipse.jetty.server.Server as an input parameter.
> Jetty 9 documentation here talked about "X-Forward-for Configuration":
> http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html
> We should configure HttpConfiguration with ForwardedRequestCustomizer in order to handle reverse proxy headers:
> {code}
> <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
>     <Set name="outputBufferSize">32768</Set>
>     <Set name="requestHeaderSize">8192</Set>
>     <Set name="responseHeaderSize">8192</Set>
>     <Call name="addCustomizer">
>         <Arg>
>             <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/>
>         </Arg>
>     </Call>
> </New>
> {code}
> However, CXF http-jetty transport schema is not in-sync with API changes in Jetty 9. There is no way to configure above with CXF http-jetty transport schema.
> I can think of two solutions:
> # Just like what we did in another JIRA:
> https://issues.apache.org/jira/browse/CXF-5937 for servlet, we should also fix CXF http-jetty transport so we can optionally react to X-Forwarded headers;
> # Change CXF http-jetty transport schema
> http://cxf.apache.org/schemas/configuration/http-jetty.xsd
> and related java code to allow configuring HttpConfiguration along with ForwardedRequestCustomizer in order to handle X-Fowarded-for headers.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)