diff options
author | Harald Musum <musum@verizonmedia.com> | 2022-10-06 13:11:54 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-06 13:11:54 +0200 |
commit | 878e46f2d9c59b368b4f88da9dc5920b465eda19 (patch) | |
tree | 78fc20852c57dfce4102f5ad675016067584d8b6 /container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java | |
parent | bbb47ccadb603a84b3a9d4e695aa098ea46a25ad (diff) |
Revert "Restrict server names accepted per connector"
Diffstat (limited to 'container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java')
-rw-r--r-- | container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java | 73 |
1 files changed, 33 insertions, 40 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java index d2811847995..96c5bac335b 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java @@ -14,6 +14,7 @@ import org.eclipse.jetty.http.HttpField; import org.eclipse.jetty.jmx.ConnectorServer; import org.eclipse.jetty.jmx.MBeanContainer; import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.eclipse.jetty.server.SslConnectionFactory; @@ -138,51 +139,43 @@ public class JettyHttpServer extends AbstractServerProvider { private HandlerCollection getHandlerCollection(ServerConfig serverConfig, List<JDiscServerConnector> connectors, ServletHolder jdiscServlet) { - HandlerCollection connectorSpecificHandlers = new HandlerCollection(); - for (JDiscServerConnector connector : connectors) { - ServletContextHandler servletContextHandler = createServletContextHandler(connector); - servletContextHandler.addServlet(jdiscServlet, "/*"); - - List<ConnectorConfig> connectorConfigs = connectors.stream().map(JDiscServerConnector::connectorConfig).collect(toList()); - var secureRedirectHandler = new SecuredRedirectHandler(connectorConfigs); - secureRedirectHandler.setHandler(servletContextHandler); - - var proxyHandler = new HealthCheckProxyHandler(connectors); - proxyHandler.setHandler(secureRedirectHandler); - - var authEnforcer = new TlsClientAuthenticationEnforcer(connectorConfigs); - authEnforcer.setHandler(proxyHandler); - - GzipHandler gzipHandler = newGzipHandler(serverConfig); - gzipHandler.setHandler(authEnforcer); - - HttpResponseStatisticsCollector statisticsCollector = - new HttpResponseStatisticsCollector(serverConfig.metric().monitoringHandlerPaths(), - serverConfig.metric().searchHandlerPaths()); - statisticsCollector.setHandler(gzipHandler); - for (String agent : serverConfig.metric().ignoredUserAgents()) { - statisticsCollector.ignoreUserAgent(agent); - } - StatisticsHandler statisticsHandler = newStatisticsHandler(); - statisticsHandler.setHandler(statisticsCollector); + ServletContextHandler servletContextHandler = createServletContextHandler(); + servletContextHandler.addServlet(jdiscServlet, "/*"); + + List<ConnectorConfig> connectorConfigs = connectors.stream().map(JDiscServerConnector::connectorConfig).collect(toList()); + var secureRedirectHandler = new SecuredRedirectHandler(connectorConfigs); + secureRedirectHandler.setHandler(servletContextHandler); + + var proxyHandler = new HealthCheckProxyHandler(connectors); + proxyHandler.setHandler(secureRedirectHandler); + + var authEnforcer = new TlsClientAuthenticationEnforcer(connectorConfigs); + authEnforcer.setHandler(proxyHandler); - connectorSpecificHandlers.addHandler(statisticsHandler); + GzipHandler gzipHandler = newGzipHandler(serverConfig); + gzipHandler.setHandler(authEnforcer); + + HttpResponseStatisticsCollector statisticsCollector = + new HttpResponseStatisticsCollector(serverConfig.metric().monitoringHandlerPaths(), + serverConfig.metric().searchHandlerPaths()); + statisticsCollector.setHandler(gzipHandler); + for (String agent : serverConfig.metric().ignoredUserAgents()) { + statisticsCollector.ignoreUserAgent(agent); } - return connectorSpecificHandlers; + StatisticsHandler statisticsHandler = newStatisticsHandler(); + statisticsHandler.setHandler(statisticsCollector); + + HandlerCollection handlerCollection = new HandlerCollection(); + handlerCollection.setHandlers(new Handler[] { statisticsHandler }); + return handlerCollection; } - private ServletContextHandler createServletContextHandler(JDiscServerConnector connector) { - var ctx = new ServletContextHandler(ServletContextHandler.NO_SECURITY | ServletContextHandler.NO_SESSIONS); - ctx.setContextPath("/"); - ctx.setDisplayName(getDisplayName(listenedPorts)); - List<String> allowedServerNames = connector.connectorConfig().serverName().allowed(); - if (allowedServerNames.isEmpty()) { - ctx.setVirtualHosts(new String[]{"@%s".formatted(connector.getName())}); - } else { - ctx.setVirtualHosts(allowedServerNames.toArray(new String[0])); - } - return ctx; + private ServletContextHandler createServletContextHandler() { + ServletContextHandler servletContextHandler = new ServletContextHandler(ServletContextHandler.NO_SECURITY | ServletContextHandler.NO_SESSIONS); + servletContextHandler.setContextPath("/"); + servletContextHandler.setDisplayName(getDisplayName(listenedPorts)); + return servletContextHandler; } private static String getDisplayName(List<Integer> ports) { |