You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Joe Luo (JIRA)" <ji...@apache.org> on 2016/12/02 11:46:59 UTC

[jira] [Created] (CXF-7160) Can not configure CXF http-jetty transport to handle X-Fowarded-for headers with Jetty 9

Joe Luo created CXF-7160:
----------------------------

             Summary: Can not configure CXF http-jetty transport to handle X-Fowarded-for headers with Jetty 9
                 Key: CXF-7160
                 URL: https://issues.apache.org/jira/browse/CXF-7160
             Project: CXF
          Issue Type: Bug
          Components: Transports
    Affects Versions: 3.1.5
            Reporter: Joe Luo


With Jetty 8, we can configure CXF http-jetty transport to handle reverse proxy headers by simply setting "forwarded" to "true" to Jetty8 NIO SelectChannelConnector:
{code}
<httpj:engine-factory bus="cxf">
    <httpj:engine port="${crx.ws.port}">
	    <httpj:connector>
		    <bean id="connector" class="org.eclipse.jetty.server.nio.SelectChannelConnector">                    
			    <property name="port" value="${crx.ws.port}" />                    
				<property name="forwarded" value="true" />                
			</bean>            
		</httpj:connector>          
	</httpj:engine> 
</httpj:engine-factory>
{code}

However, with Jetty 9, it is not possible to do so. Because in Jetty 9, the SelectChannelConnector was replaced by more generic purpose ServerConnector. And we can't configure ServerConnector since the old no-args constructor does not exist anymore in ServerConnector class and all new constructors require the org.eclipse.jetty.server.Server as an input parameter.

Jetty 9 documentation here talked about "X-Forward-for Configuration":
http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html
We should configure HttpConfiguration with ForwardedRequestCustomizer in order to handle reverse proxy headers:
{code}
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Set name="outputBufferSize">32768</Set>
    <Set name="requestHeaderSize">8192</Set>
    <Set name="responseHeaderSize">8192</Set>
    <Call name="addCustomizer">
        <Arg>
            <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/>
        </Arg>
    </Call>
</New>
{code}
However, CXF http-jetty transport schema is not in-sync with API changes in Jetty 9. There is no way to configure above with CXF http-jetty transport schema.

I can think of two solutions:
# Just like what we did in another JIRA:
https://issues.apache.org/jira/browse/CXF-5937 for servlet, we should also fix CXF http-jetty transport so we can optionally react to X-Forwarded headers;
# Change CXF http-jetty transport schema
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
and related java code to allow configuring HttpConfiguration along with ForwardedRequestCustomizer in order to handle X-Fowarded-for headers.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)