summaryrefslogtreecommitdiffstats
path: root/jdisc_http_service
Commit message (Collapse)AuthorAgeFilesLines
...
* Only use a client certificate if requiredBjørn Christian Seime2020-01-281-5/+25
|
* Upgrade Apache httpclient+httpcore to newest versionBjørn Christian Seime2020-01-101-1/+1
| | | | | Use deprecated setSslcontext() in code that may run outside JDisc.
* Revert "Bjorncs/java deps cleanup"Harald Musum2020-01-101-1/+1
|
* Upgrade Apache httpclient and httpcore to newest versionBjørn Christian Seime2020-01-091-1/+1
|
* Non-functional changesJon Bratseth2020-01-061-0/+1
|
* Remove use of apache commons libraries in jdisc_http_serviceBjørn Christian Seime2020-01-032-16/+20
|
* Log effective SSL setup on JDisc startupBjørn Christian Seime2019-12-161-0/+18
|
* Revert "Move cipher and protocol inclusion/exclusion logic to separate class"Jon Marius Venstad2019-12-092-38/+18
| | | | This reverts commit 7d8233a7d9ab9a177d689b6faa03ae8dd7e4e13a.
* Revert "Add connector config for enabled cipher suites and protocol versions"Jon Marius Venstad2019-12-091-6/+0
| | | | This reverts commit f0771b350536dffaeeb5d4c2878da495437e611e.
* Revert "Use cipher/protocol config to configure Jetty"Jon Marius Venstad2019-12-091-48/+21
| | | | This reverts commit 645a7d5190b95c0a47fac52d48327192b7c8e405.
* Revert "Update ABI spec file"Jon Marius Venstad2019-12-091-13/+2
| | | | This reverts commit 3eb2a26b3183d876ebf38fc942b1f5802e1d66f8.
* Revert "Allow config of ssl cipher suites and protocol version"Jon Marius Venstad2019-12-093-20/+38
|
* Only enable ciphers supported by current JVMBjørn Christian Seime2019-12-051-2/+2
|
* Log effective SSL setup on JDisc startupBjørn Christian Seime2019-12-041-0/+18
|
* Remove unused classBjørn Christian Seime2019-12-041-36/+0
|
* Merge pull request #11494 from vespa-engine/bjorncs/jdisc-cipher-protocol-configBjørn Christian Seime2019-12-045-41/+105
|\ | | | | Bjorncs/jdisc cipher protocol config
| * Update ABI spec fileBjørn Christian Seime2019-12-041-2/+13
| | | | | | | | This API is marked as public API for legacy reasons
| * Use cipher/protocol config to configure JettyBjørn Christian Seime2019-12-031-21/+48
| |
| * Add connector config for enabled cipher suites and protocol versionsBjørn Christian Seime2019-12-031-0/+6
| |
| * Move cipher and protocol inclusion/exclusion logic to separate classBjørn Christian Seime2019-12-032-18/+38
| |
* | Fix invalid ordering of arguments to constructorBjørn Christian Seime2019-12-041-2/+2
|/
* Use mockito-core 3.1.0Håkon Hallingstad2019-10-187-12/+13
|
* Replace 'Alternative' with 'Optional'Bjørn Christian Seime2019-10-083-208/+4
|
* Use 'X-Forwarded-Port' as preferred source for remote portBjørn Christian Seime2019-10-082-1/+16
|
* Always include peer port/address in access logBjørn Christian Seime2019-10-081-9/+10
|
* Hide exceptions caused by abruptly closed connectionsBjørn Christian Seime2019-09-301-1/+1
|
* Specify user agentBjørn Christian Seime2019-09-241-0/+1
|
* set up tls using complete cert chain in config/fileandreer2019-09-191-2/+2
|
* Allow whitelisting of uri paths in combination with implicit ssl connectorBjørn Christian Seime2019-09-161-5/+30
|
* Improve error message when clients present an invalid certificateBjørn Christian Seime2019-09-121-1/+4
|
* Remove findbugs annotations from code and build path.gjoranv2019-09-096-17/+8
| | | | | - jsr305 is needed by guava, which declares it as optional dep. - Remaining modules with annotations do not affect the container.
* Allow CA certificates configured as PEM stringBjørn Christian Seime2019-08-211-5/+12
|
* Reimplement ConfiguredSslContextFactoryProvider as TlsContextBasedProviderBjørn Christian Seime2019-08-211-34/+27
| | | | | Use the TlsContextBasedProvider to ensure that the endpoint uses the standard TLS settings of Vespa (TLS protocol version, ciphers etc).
* Merge pull request #10262 from vespa-engine/bjorncs/http-bindings-cleanupBjørn Christian Seime2019-08-161-1/+1
|\ | | | | Don't use wildcard scheme in uri patterns
| * Don't use wildcard scheme in uri patternsBjørn Christian Seime2019-08-131-1/+1
| |
* | Merge pull request #10296 from vespa-engine/bjorncs/nginx-health-check-proxyBjørn Christian Seime2019-08-157-11/+231
|\ \ | | | | | | Add health check proxy support to jdisc connectors
| * | Only allow proxying https portsBjørn Christian Seime2019-08-151-4/+3
| | |
| * | Add health check proxy support to jdisc connectorsBjørn Christian Seime2019-08-157-11/+232
| | | | | | | | | | | | | | | | | | | | | | | | Add connector configuration that will transform the connector to a health check proxy for to a different connector, e.g proxying http -> https. This is a required feature to support http-only load balancer health checks when the container is intended to be running in a https-only environment.
* | | Merge pull request #10238 from vespa-engine/ogronnesby/propagate-ca-in-configØyvind Grønnesby2019-08-142-0/+9
|\ \ \ | |/ / |/| | Add the CA certificates to configuration and read it from app package
| * | Add the CA certificates to configuration and read it from application packageØyvind Grønnesby2019-08-122-0/+9
| |/
* | Fix typo in commentBjørn Christian Seime2019-08-131-1/+1
| |
* | Add explicit unit test to verify whitelisted accessBjørn Christian Seime2019-08-131-0/+18
| |
* | Add Jetty handler that enforces TLS client authentication at http layerBjørn Christian Seime2019-08-136-13/+177
|/
* Fix typo in class nameBjørn Christian Seime2019-07-041-2/+2
|
* Add SslContextFactoryProvider that uses TlsContexBjørn Christian Seime2019-07-034-51/+150
|
* Extend the AutoCloseable interfaceBjørn Christian Seime2019-07-032-3/+7
|
* Rename 'ReloadingTlsContext' -> 'ConfigFiledBasedTlsContext'Bjørn Christian Seime2019-07-031-2/+2
|
* Some methods in SslContextFactory base class are deprecatedBjørn Christian Seime2019-07-023-3/+3
| | | | Use SslContextFactory.Server instead.
* Use new Jetty api for generating set-cookie headersBjørn Christian Seime2019-07-023-21/+19
|
* tls config from deploy paramsMorten Tokle2019-06-243-10/+38
|