Jetty 10.0.x 4814 configuring connection factory (#4815)

* Issue #4814 Configuring Connection Factory Redo of this PR without Attributes improvements (moved to #4816). Add a ConnectionFactory.Configuring interface to all connectors to be configured during doStart. I have some concern about shared HttpConfigurations. Signed-off-by: Greg Wilkins <gregw@webtide.com> * updates from review Signed-off-by: Greg Wilkins <gregw@webtide.com>
jetty · Apr 29, 2020 · 81c4663 · 81c4663
1 parent 4a46266
commit 81c4663
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 6 deletions.
diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/AbstractConnector.java b/jetty-server/src/main/java/org/eclipse/jetty/server/AbstractConnector.java
@@ -311,6 +311,11 @@ public int getAcceptors()
     @Override
     protected void doStart() throws Exception
     {
+        getConnectionFactories().stream()
+            .filter(ConnectionFactory.Configuring.class::isInstance)
+            .map(ConnectionFactory.Configuring.class::cast)
+            .forEach(configuring -> configuring.configure(this));
+
         _shutdown = new Graceful.Shutdown(this)
         {
             @Override

diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/ConnectionFactory.java b/jetty-server/src/main/java/org/eclipse/jetty/server/ConnectionFactory.java
@@ -125,4 +125,16 @@ enum Detection
          */
         Detection detect(ByteBuffer buffer);
     }
+
+    /**
+     * A ConnectionFactory that can configure the connector.
+     */
+    interface Configuring extends ConnectionFactory
+    {
+        /**
+         * Called during {@link Connector#start()}.
+         * @param connector The connector to configure
+         */
+        void configure(Connector connector);
+    }
 }
diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/SslConnectionFactory.java b/jetty-server/src/main/java/org/eclipse/jetty/server/SslConnectionFactory.java
@@ -32,7 +32,7 @@
 import org.eclipse.jetty.util.component.ContainerLifeCycle;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 
-public class SslConnectionFactory extends AbstractConnectionFactory implements ConnectionFactory.Detecting
+public class SslConnectionFactory extends AbstractConnectionFactory implements ConnectionFactory.Detecting, ConnectionFactory.Configuring
 {
     private static final int TLS_ALERT_FRAME_TYPE = 0x15;
     private static final int TLS_HANDSHAKE_FRAME_TYPE = 0x16;
@@ -42,6 +42,7 @@ public class SslConnectionFactory extends AbstractConnectionFactory implements C
     private final String _nextProtocol;
     private boolean _directBuffersForEncryption = false;
     private boolean _directBuffersForDecryption = false;
+    private boolean _ensureSecureRequestCustomizer = true;
 
     public SslConnectionFactory()
     {
@@ -91,6 +92,21 @@ public String getNextProtocol()
         return _nextProtocol;
     }
 
+    public boolean isEnsureSecureRequestCustomizer()
+    {
+        return _ensureSecureRequestCustomizer;
+    }
+
+    /**
+     * @param ensureSecureRequestCustomizer True if this factory ensures that all {@link HttpConfiguration}s on
+     * associated {@link Connector}s have an {@link SecureRequestCustomizer} instance.
+     * @see ConnectionFactory.Configuring
+     */
+    public void setEnsureSecureRequestCustomizer(boolean ensureSecureRequestCustomizer)
+    {
+        _ensureSecureRequestCustomizer = ensureSecureRequestCustomizer;
+    }
+
     @Override
     protected void doStart() throws Exception
     {
@@ -104,6 +120,19 @@ protected void doStart() throws Exception
             setInputBufferSize(session.getPacketBufferSize());
     }
 
+    @Override
+    public void configure(Connector connector)
+    {
+        if (isEnsureSecureRequestCustomizer())
+        {
+            connector.getContainedBeans(HttpConfiguration.class).forEach(configuration ->
+            {
+                if (configuration.getCustomizer(SecureRequestCustomizer.class) == null)
+                    configuration.addCustomizer(new SecureRequestCustomizer());
+            });
+        }
+    }
+
     @Override
     public Detection detect(ByteBuffer buffer)
     {

diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SslConnectionFactoryTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SslConnectionFactoryTest.java
@@ -43,7 +43,6 @@
 import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
 import org.eclipse.jetty.server.Request;
-import org.eclipse.jetty.server.SecureRequestCustomizer;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
 import org.eclipse.jetty.server.SocketCustomizationListener;
@@ -81,16 +80,16 @@ public void before() throws Exception
         httpConfig.setSecureScheme("https");
         httpConfig.setSecurePort(8443);
         httpConfig.setOutputBufferSize(32768);
-        HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
-        httpsConfig.addCustomizer(new SecureRequestCustomizer());
 
         SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
         sslContextFactory.setKeyStorePassword("storepwd");
 
+        SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
+        sslConnectionFactory.setEnsureSecureRequestCustomizer(true);
         ServerConnector https = _connector = new ServerConnector(_server,
-            new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
-            new HttpConnectionFactory(httpsConfig));
+            sslConnectionFactory,
+            new HttpConnectionFactory());
         https.setPort(0);
         https.setIdleTimeout(30000);