From 717715970bbca27f705f39bf4e800ea0f96616c3 Mon Sep 17 00:00:00 2001 From: David Ostrovsky Date: Thu, 28 Nov 2013 21:50:01 +0100 Subject: [PATCH] Jetty: Fix connector behind SSL reverse proxy Change-Id: I0c19c78e8e299ec920f70b42ad0a86f5b35e87ed --- .../com/google/gerrit/pgm/http/jetty/JettyServer.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/http/jetty/JettyServer.java b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/http/jetty/JettyServer.java index 615e11e732..b8a3a26736 100644 --- a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/http/jetty/JettyServer.java +++ b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/http/jetty/JettyServer.java @@ -32,11 +32,13 @@ import com.google.inject.Singleton; import com.google.inject.servlet.GuiceFilter; import com.google.inject.servlet.GuiceServletContextListener; +import org.eclipse.jetty.http.HttpScheme; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.ForwardedRequestCustomizer; import org.eclipse.jetty.server.Handler; import org.eclipse.jetty.server.HttpConfiguration; import org.eclipse.jetty.server.HttpConnectionFactory; +import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.SecureRequestCustomizer; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; @@ -222,7 +224,14 @@ public class JettyServer { } else if ("proxy-https".equals(u.getScheme())) { defaultPort = 8080; config.addCustomizer(new ForwardedRequestCustomizer()); - config.addCustomizer(new SecureRequestCustomizer()); + config.addCustomizer(new HttpConfiguration.Customizer() { + @Override + public void customize(Connector connector, + HttpConfiguration channelConfig, Request request) { + request.setScheme(HttpScheme.HTTPS.asString()); + request.setSecure(true); + } + }); c = new ServerConnector(server, null, null, null, 0, acceptors, new HttpConnectionFactory(config));