[jira] [Created] (CXF-7160) Can not configure CXF http-jetty transport to handle X-Fowarded-for headers with Jetty 9

Fri, 02 Dec 2016 03:48:06 -0800 

Joe Luo created CXF-7160:
----------------------------

             Summary: Can not configure CXF http-jetty transport to handle 
X-Fowarded-for headers with Jetty 9
                 Key: CXF-7160
                 URL: https://issues.apache.org/jira/browse/CXF-7160
             Project: CXF
          Issue Type: Bug
          Components: Transports
    Affects Versions: 3.1.5
            Reporter: Joe Luo


With Jetty 8, we can configure CXF http-jetty transport to handle reverse proxy 
headers by simply setting "forwarded" to "true" to Jetty8 NIO 
SelectChannelConnector:
{code}
<httpj:engine-factory bus="cxf">
    <httpj:engine port="${crx.ws.port}">
            <httpj:connector>
                    <bean id="connector" 
class="org.eclipse.jetty.server.nio.SelectChannelConnector">                    
                            <property name="port" value="${crx.ws.port}" />     
               
                                <property name="forwarded" value="true" />      
          
                        </bean>            
                </httpj:connector>          
        </httpj:engine> 
</httpj:engine-factory>
{code}

However, with Jetty 9, it is not possible to do so. Because in Jetty 9, the 
SelectChannelConnector was replaced by more generic purpose ServerConnector. 
And we can't configure ServerConnector since the old no-args constructor does 
not exist anymore in ServerConnector class and all new constructors require the 
org.eclipse.jetty.server.Server as an input parameter.

Jetty 9 documentation here talked about "X-Forward-for Configuration":
http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html
We should configure HttpConfiguration with ForwardedRequestCustomizer in order 
to handle reverse proxy headers:
{code}
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Set name="outputBufferSize">32768</Set>
    <Set name="requestHeaderSize">8192</Set>
    <Set name="responseHeaderSize">8192</Set>
    <Call name="addCustomizer">
        <Arg>
            <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/>
        </Arg>
    </Call>
</New>
{code}
However, CXF http-jetty transport schema is not in-sync with API changes in 
Jetty 9. There is no way to configure above with CXF http-jetty transport 
schema.

I can think of two solutions:
# Just like what we did in another JIRA:
https://issues.apache.org/jira/browse/CXF-5937 for servlet, we should also fix 
CXF http-jetty transport so we can optionally react to X-Forwarded headers;
# Change CXF http-jetty transport schema
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
and related java code to allow configuring HttpConfiguration along with 
ForwardedRequestCustomizer in order to handle X-Fowarded-for headers.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to