How to enable Jetty ForwardedRequestCustomizer

30 views
Skip to first unread message

Alain Picard

unread,
Sep 17, 2021, 10:23:34 AM9/17/21
to OPS4J
Reading the documentation I see that we have to be careful in areas that are managed by Pax-web.

The settings for ForwardedRequestCustomizer are in the httpconfig setion as shown here:
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> <Set name="secureScheme">https</Set> <Set name="securePort"><Property name="jetty.secure.port" default="8443" /></Set> <Set name="outputBufferSize"><Property name="jetty.output.buffer.size" default="32768" /></Set> <Set name="requestHeaderSize"><Property name="jetty.request.header.size" default="8192" /></Set> <Set name="responseHeaderSize"><Property name="jetty.response.header.size" default="8192" /></Set> <Set name="sendServerVersion"><Property name="jetty.send.server.version" default="true" /></Set> <Set name="sendDateHeader"><Property name="jetty.send.date.header" default="false" /></Set> <Set name="headerCacheSize">512</Set> <!-- Uncomment to enable handling of X-Forwarded- style headers <Call name="addCustomizer"> <Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg> </Call> --> </New>

How should this be added? Can it be as is in the jetty.xml or as a service or other??

Also congratulation on Pax-web 8.0, looking forward to make the jump soon.

Thanks
Alain

Grzegorz Grzybek

unread,
Sep 20, 2021, 5:40:40 AM9/20/21
to op...@googlegroups.com
Hello

This specific customizer (org.eclipse.jetty.server.ForwardedRequestCustomizer) is added in Pax Web 8 when org.ops4j.pax.web PID has this configuration property:

org.osgi.service.http.checkForwardedHeaders = true

But I've checked that this property was added to Pax Web in 2014 and is handed by pax-web-jetty and pax-web-undertow:

if (checkForwardedHeaders != null && checkForwardedHeaders) {
    httpConfig.addCustomizer(new ForwardedRequestCustomizer());
}


But for completeness, you can use external Jetty config (for example in ${karaf.etc}/jetty.xml) like this:

<!-- Object named "Server" of org.eclipse.jetty.server.Server class is configured by pax-web-jetty -->
<Configure id="Server" class="org.eclipse.jetty.server.Server">


  <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Set name="secureScheme">https</Set>
    <Set name="securePort">
      <Property name="jetty.secure.port" default="8443" />
    </Set>
    <Set name="outputBufferSize">32768</Set>
    <Set name="requestHeaderSize">8192</Set>
    <Set name="responseHeaderSize">8192</Set>
    <Set name="sendServerVersion">true</Set>
    <Set name="sendDateHeader">false</Set>

    <Set name="headerCacheSize">512</Set>
    <Call name="addCustomizer">
      <Arg>
        <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer" />
      </Arg>
    </Call>
  </New>

  <Call name="addConnector">
    <Arg>
      <New class="org.eclipse.jetty.server.ServerConnector">
        <Arg name="server">
          <Ref refid="Server" />
        </Arg>
        <Arg name="factories">
          <Array type="org.eclipse.jetty.server.ConnectionFactory">
            <Item>
              <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                <Arg name="config">
                  <Ref refid="httpConfig" />
                </Arg>
              </New>
            </Item>
          </Array>
        </Arg>
        <Set name="host">
          <Property name="jetty.host" default="0.0.0.0" />
        </Set>
        <Set name="port">
          <Property name="jetty.port" default="8181" />
        </Set>
        <Set name="idleTimeout">
          <Property name="http.timeout" default="30000" />
        </Set>
        <Set name="name">default</Set>
      </New>
    </Arg>
  </Call>
</Configure>

When you install pax-web-http-jetty feature in Pax Web 8 (or pax-jetty in Pax Web 7) you should have org.ops4j.pax.web.cfg PID installed into KARAF_HOME/etc - there should be ready (in Pax Web 7) or commented out (in Pax Web 8) option:

# external Jetty configuration file where Jetty-specific beans may be declared
#org.ops4j.pax.web.config.file = ${karaf.etc}/jetty.xml

just uncomment it and it should work - I've just checked that "ForwardedRequestCustomizer" works without problems when configured this way.

kind regards
Grzegorz Grzybek

--
--
------------------
OPS4J - http://www.ops4j.org - op...@googlegroups.com

---
You received this message because you are subscribed to the Google Groups "OPS4J" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ops4j+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ops4j/f5354df5-b5a1-4a15-8a91-2cf4f0cf72d0n%40googlegroups.com.

Alain Picard

unread,
Sep 24, 2021, 4:00:04 AM9/24/21
to OPS4J

Thanks for the lengthy info
Reply all
Reply to author
Forward
0 new messages