[jira] [Commented] (BROOKLYN-190) Upgrade to Jetty9

ASF GitHub Bot (JIRA) Thu, 05 Nov 2015 02:20:58 -0800

    [ 
https://issues.apache.org/jira/browse/BROOKLYN-190?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14991463#comment-14991463
 ]


ASF GitHub Bot commented on BROOKLYN-190:
-----------------------------------------

Github user CMoH commented on a diff in the pull request:

    https://github.com/apache/incubator-brooklyn/pull/997#discussion_r43995953
  
    --- Diff: 
usage/launcher/src/test/java/org/apache/brooklyn/launcher/BrooklynWebServerTest.java
 ---
    @@ -146,11 +146,13 @@ public void verifyHttpsFromConfig() throws Exception {
         @Test
         public void verifyHttpsCiphers() throws Exception {
             brooklynProperties.put(BrooklynWebConfig.HTTPS_REQUIRED, true);
    -        brooklynProperties.put(BrooklynWebConfig.TRANSPORT_PROTOCOLS, 
"XXX");
    -        brooklynProperties.put(BrooklynWebConfig.TRANSPORT_CIPHERS, "XXX");
    --- End diff --
    
    I adjusted the test to match your request above.
    
    However, since the SSL connectors are different between jetty8 and jetty9, 
the server may choose to abort the connection at different stages. From the 
results of this test I presume that jetty9 disconnects before starting the SSL 
handshake, so the client gets a SocketException, while jetty8 delays reading 
those properties until later on, and therefore the client receives an SSL 
exception.
    
    For that reason I believe the client exception is dependent of the server 
version.
    
    The jetty9 server log for this test supports my above reasoning:
    ```
    2015-11-05 11:57:29,631 WARN  Exception while notifying connection 
SslConnection@15c886f3{NEED_WRAP,eio=-1/-1,di=-1} -> 
HttpConnection@112995a5{IDLE}
    org.eclipse.jetty.io.RuntimeIOException: 
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is 
disabled or cipher suites are inappropriate)
        at 
org.eclipse.jetty.io.ssl.SslConnection.onOpen(SslConnection.java:150) 
~[jetty-io-9.2.13.v20150730.jar:9.2.13.v20150730]
    Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol 
(protocol is disabled or cipher suites are inappropriate)
        at sun.security.ssl.Handshaker.activate(Handshaker.java:470) 
~[na:1.7.0_80]
    2015-11-05 11:57:29,635 WARN  Exception while notifying connection 
SslConnection@70d9f5a6{NEED_WRAP,eio=-1/-1,di=-1} -> 
HttpConnection@758e9f2b{IDLE}
    ```



> Upgrade to Jetty9
> -----------------
>
>                 Key: BROOKLYN-190
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-190
>             Project: Brooklyn
>          Issue Type: Improvement
>    Affects Versions: 0.8.0, 0.9.0
>            Reporter: Ciprian Ciubotariu
>            Assignee: Ciprian Ciubotariu
>            Priority: Minor
>             Fix For: 0.9.0
>
>
> According to [1] jetty9 is now the stable version.
> In relation to BROOKLYN-183, current stable pax-web 4.x series also support 
> Jetty9 (although I believe it can be used with Jetty8 as well). However, 
> migrating Brooklyn to a more current Jetty version seems preferable.
> [1] http://www.eclipse.org/jetty/documentation/current/what-jetty-version.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (BROOKLYN-190) Upgrade to Jetty9

Reply via email to