summaryrefslogtreecommitdiffstats
path: root/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java
diff options
context:
space:
mode:
Diffstat (limited to 'container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java')
-rw-r--r--container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java10
1 files changed, 5 insertions, 5 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java
index 10a6c4702b5..7299ab4b500 100644
--- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java
+++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java
@@ -16,7 +16,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import static com.yahoo.jdisc.http.server.jetty.HttpServletRequestUtils.getConnectorLocalPort;
+import static com.yahoo.jdisc.http.server.jetty.RequestUtils.getConnectorLocalPort;
/**
* A Jetty handler that enforces TLS client authentication with configurable white list.
@@ -34,7 +34,7 @@ class TlsClientAuthenticationEnforcer extends HandlerWrapper {
@Override
public void handle(String target, Request request, HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws IOException, ServletException {
if (isHttpsRequest(request)
- && !isRequestToWhitelistedBinding(servletRequest)
+ && !isRequestToWhitelistedBinding(request)
&& !isClientAuthenticated(servletRequest)) {
servletResponse.sendError(
Response.Status.UNAUTHORIZED,
@@ -60,14 +60,14 @@ class TlsClientAuthenticationEnforcer extends HandlerWrapper {
return request.getDispatcherType() == DispatcherType.REQUEST && request.getScheme().equalsIgnoreCase("https");
}
- private boolean isRequestToWhitelistedBinding(HttpServletRequest servletRequest) {
- int localPort = getConnectorLocalPort(servletRequest);
+ private boolean isRequestToWhitelistedBinding(Request jettyRequest) {
+ int localPort = getConnectorLocalPort(jettyRequest);
List<String> whiteListedPaths = getWhitelistedPathsForPort(localPort);
if (whiteListedPaths == null) {
return true; // enforcer not enabled
}
// Note: Same path definition as HttpRequestFactory.getUri()
- return whiteListedPaths.contains(servletRequest.getRequestURI());
+ return whiteListedPaths.contains(jettyRequest.getRequestURI());
}
private List<String> getWhitelistedPathsForPort(int localPort) {