Using SSL during development

Hassan

unread,

Mar 23, 2012, 12:34:51 PM3/23/12

to lif...@googlegroups.com

Hi,

So a lift application we're developing needs to be behind SSL. I'm relatively new to both Lift and servlet-based platforms, so after reading a bit online I added the following to our WEB-INF/web.xml file:

<security-constraint>

<display-name>Security Constraint</display-name>

<web-resource-collection>

<web-resource-name>myapp</web-resource-name>

<url-pattern>/*</url-pattern>

</web-resource-collection>

<user-data-constraint>

<transport-guarantee>CONFIDENTIAL</transport-guarantee>

</user-data-constraint>

</security-constraint>

For production, packaging the lift web app as a war and deploying to an SSL configured container works like a charm.

But in development (using sbt and jetty) I'm running into some problems duplicating the SSL configuration. Using the latest xsbt-webplugin (0.2.11) I configured ssl in my build.sbt to:

ssl in container.Configuration := Some(8081, "keystore", "mypassword", "mypassword")

That seemed to work and I was able to access our app at https://localhost:8081/ but anything that relied on comet seems to be broken. The ajax request go to the server just fine, but the pages never update (without a full page refresh). These same exact pages work fine over HTTP (assuming the transport-guarantee is set to NONE). In addition, standard ajax calls will sometimes just fail with a popup saying that "the server cannot be contacted" and in the sbt console I'm seeing some NullPointerExceptions from jetty's Request.getServerName. The first part of the stack trace is:

ERROR 10:59:39.315 net.liftweb.http.LiftRules - Exception being returned to browser when processing /comet_request/45658766711/4on22iie9rel/F1060674866885K2SJDQ: Message: java.lang.NullPointerException

org.mortbay.jetty.Request.getServerName(Request.java:1112)

org.mortbay.jetty.Request.getServerPort(Request.java:1169)

javax.servlet.ServletRequestWrapper.getServerPort(ServletRequestWrapper.java:248)

net.liftweb.http.provider.servlet.HTTPRequestServlet.serverPort(HTTPRequestServlet.scala:92)

net.liftweb.http.Req$$anonfun$hostAndPath$1.apply(Req.scala:987)

net.liftweb.common.Full.map(Box.scala:491)

net.liftweb.http.Req.hostAndPath(Req.scala:987)

net.liftweb.http.LiftSession$$anonfun$cometForHost$1.apply(LiftSession.scala:600)

net.liftweb.http.LiftSession$$anonfun$cometForHost$1.apply(LiftSession.scala:599)

scala.collection.TraversableLike$$anonfun$filter$1.apply(TraversableLike.scala:213)

scala.collection.LinearSeqOptimized$class.foreach(LinearSeqOptimized.scala:59)

scala.collection.immutable.List.foreach(List.scala:45)

scala.collection.TraversableLike$class.filter(TraversableLike.scala:212)

scala.collection.immutable.List.filter(List.scala:45)

net.liftweb.http.LiftSession.cometForHost(LiftSession.scala:599)

What am I doing wrong? Is there a better way to using SSL during development (other than running a separate fully configured container, I'd prefer not to lose sbt's convenience)? Any help would be much appreciated!

Thanks,

Hassan

Diego Medina

unread,

Mar 23, 2012, 3:25:12 PM3/23/12

to lif...@googlegroups.com

I wonder if after setting the ssl option in sbt, the underlaying xml
file is changed.

From another thread that was having the same issue (comet was not updating)

"I finally decided to focus solely on Jetty. What could possibly be
different between what SBT does with it and outside. Looking over the
jetty.xml file, something finally hit me: comets require the NIO
socket, but Jetty comes defaulted to the BIO socket.

Switching Jetty to NIO changed everything!"

You may want to ask on the sbt mailing list if you need to set the NIO
option too (and how to do such thing)

Regards,

Diego

> --
> Lift, the simply functional web framework: http://liftweb.net
> Code: http://github.com/lift
> Discussion: http://groups.google.com/group/liftweb
> Stuck? Help us help you:
> https://www.assembla.com/wiki/show/liftweb/Posting_example_code

--
Diego Medina
Lift/Scala Developer
di...@fmpwizard.com
http://www.fmpwizard.com

Tim Nelson

unread,

Mar 23, 2012, 4:07:19 PM3/23/12

to lif...@googlegroups.com

You should be able to provide your own jetty.xml file using:

configurationFiles in container.Configuration := Seq(file("jetty.xml"))

See the xsbt-web-plugin wiki [1] for more info.

Tim

1 - https://github.com/siasia/xsbt-web-plugin/wiki/Miscellaneous

Tim Nelson

unread,

Mar 23, 2012, 4:21:23 PM3/23/12

to lif...@googlegroups.com

Wrong link. This is the correct one:

https://github.com/siasia/xsbt-web-plugin/wiki/Settings

Diego Medina

unread,

Mar 23, 2012, 7:05:36 PM3/23/12

to lif...@googlegroups.com

Thanks Tim,

Added to the wiki here:

http://www.assembla.com/spaces/liftweb/wiki/Cool_Tips

Regards,

Diego

Reply all

Reply to author

Forward