Issue opened:
https://github.com/eclipse/jetty.project/issues/10306
On 13-08-2023 01:31, Greg Wilkins via jetty-users wrote:
Actually,
I think Uwe's and Silvio's problems are similar but different.
Silvio, you have no forwarded request customizer headers and a real
"demo.jambo.software:8443" as the host header value. This could be a
http2 issue in recreating that header.
Uwe's issue is more about the customizer.
So Silvio, perhaps open a second issue?
cheers
P.S. We expect at least a monthly cadence of 12.0.x releases.
On Sun, 13 Aug 2023 at 08:52, Greg Wilkins <gr...@webtide.com> wrote:
Silvio,
I'll respond more in Uwe's issue. Please post your details there
to help the triage.
cheers
On Sun, 13 Aug 2023 at 05:19, Uwe Schindler via jetty-users
<jetty-users@eclipse.org> wrote:
I opened: https://github.com/eclipse/jetty.project/issues/10304
Am 12.08.2023 um 19:30 schrieb Uwe Schindler via jetty-users:
I have seen the same after upgrading my project to Java 12.
The problem is that all Customizers are not able to correctly
set the port number.
This is a blocker issue, because it makes it impossible to
setup this common setup:
* NGINX as user facing web server with HTTPS enabled
* NGINX forwarding the requests to jetty listen only on
localhost with some arbitrary port number (in my case
8081). NGINX sets the following headers: X-Forwarded-For,
X-Forwarded-Proto, original "Host" header as sent by
client (no rewriting)
* Jetty with: http_config.addCustomizer(new
ForwardedRequestCustomizer());
* Jetty 10 works fine it reads the clien't IP address and
all other information from X-Forwarded-For, the scheme is
read from X-Forwarded-Proto, and host header is coming
from "Host" header. It also extracts the port number from
the host.
* Jetty 12 is setup in same way, it successfully extracts
the client's IP address and also it returns secure=true
and uses "https://"; for
javax.servlet.HttServletRequest#getRequestURL(). But it
always adds its own private port number. I also tried to
use setForcedHost("xyz:443") to make sure it sees a port
number. It still constructs all URLs with port number
8081 where it listens on.
I will open a bug report. From my experience the
"customize()" method in the RequestCustomizer does everything
right also also returns the port number, but the
javax.servlet API seems to still use the port number used by
the connector's channel.
I reverted back to Jetty 10. This won't work here. If you
have any suggestion to get the port corrcet, tell me,
everything like subclassing and implementing my own
cutsomizer did not work. I was not able to debug through
everything and figure out where the listener port gets
injected again.
I can say: With current status Jetty 12 is unuseable with the
common proxy setup using ForwardedRequestCustomizer as it
tried to always inject its own hidden/private port number
instead of the default for the port as negotiated by
client/proxy with the Host header.
--
Uwe Schindler
uschind...@apache.org
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
--
Greg Wilkins <gr...@webtide.com> CTO http://webtide.com
--
Greg Wilkins <gr...@webtide.com> CTO http://webtide.com
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list,
visithttps://www.eclipse.org/mailman/listinfo/jetty-users
_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
