opendev/gerrit
Code Issues Proposed changes

Hoist RequireSslFilter out of WebModule

Browse Source 
On googlesource.com we have a separate filter for this, and having two
of them causes problems.

Change-Id: If04b61be38eed67fa8edd5cbd164f4b97ea1e6e2
This commit is contained in:
Dave Borowitz
2015-11-10 14:31:11 -05:00
parent c131268d46
commit faf0802a35
4 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
gerrit-httpd/src/main/java/com/google/gerrit/httpd/RequireSslFilter.java
View File

@@ -34,11 +34,20 @@ import javax.servlet.http.HttpServletResponse;
/** Requires the connection to use SSL, redirects if not. */
@Singleton
class RequireSslFilter implements Filter {
static class Module extends ServletModule {
public class RequireSslFilter implements Filter {
public static class Module extends ServletModule {
private final boolean wantSsl;
@Inject
Module(@Nullable @CanonicalWebUrl String canonicalUrl) {
this.wantSsl = canonicalUrl != null && canonicalUrl.startsWith("https:");
}
@Override
protected void configureServlets() {
filter("/*").through(RequireSslFilter.class);
if (wantSsl) {
filter("/*").through(RequireSslFilter.class);
}
}
}

8
gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebModule.java
View File

@@ -16,7 +16,6 @@ package com.google.gerrit.httpd;
import static com.google.gerrit.extensions.registration.PrivateInternals_DynamicTypes.registerInParentInjectors;
import com.google.gerrit.common.Nullable;
import com.google.gerrit.extensions.registration.DynamicSet;
import com.google.gerrit.extensions.webui.WebUiPlugin;
import com.google.gerrit.httpd.auth.become.BecomeAnyAccountModule;
@@ -28,7 +27,6 @@ import com.google.gerrit.httpd.rpc.UiRpcModule;
import com.google.gerrit.lifecycle.LifecycleModule;
import com.google.gerrit.server.RemotePeer;
import com.google.gerrit.server.config.AuthConfig;
import com.google.gerrit.server.config.CanonicalWebUrl;
import com.google.gerrit.server.config.GerritRequestModule;
import com.google.gerrit.server.config.GitwebCgiConfig;
import com.google.gerrit.server.git.AsyncReceiveCommits;
@@ -42,17 +40,14 @@ import java.net.SocketAddress;
public class WebModule extends LifecycleModule {
private final AuthConfig authConfig;
private final boolean wantSSL;
private final GitwebCgiConfig gitwebCgiConfig;
private final GerritOptions options;
@Inject
WebModule(AuthConfig authConfig,
@CanonicalWebUrl @Nullable String canonicalUrl,
GerritOptions options,
GitwebCgiConfig gitwebCgiConfig) {
this.authConfig = authConfig;
this.wantSSL = canonicalUrl != null && canonicalUrl.startsWith("https:");
this.options = options;
this.gitwebCgiConfig = gitwebCgiConfig;
}
@@ -62,9 +57,6 @@ public class WebModule extends LifecycleModule {
bind(RequestScopePropagator.class).to(GuiceRequestScopePropagator.class);
bind(HttpRequestContext.class);
if (wantSSL) {
install(new RequireSslFilter.Module());
}
install(new RunAsFilter.Module());
installAuthModule();

2
gerrit-pgm/src/main/java/com/google/gerrit/pgm/Daemon.java
View File

@@ -28,6 +28,7 @@ import com.google.gerrit.httpd.GitOverHttpModule;
import com.google.gerrit.httpd.H2CacheBasedWebSession;
import com.google.gerrit.httpd.HttpCanonicalWebUrlProvider;
import com.google.gerrit.httpd.RequestContextFilter;
import com.google.gerrit.httpd.RequireSslFilter;
import com.google.gerrit.httpd.WebModule;
import com.google.gerrit.httpd.WebSshGlueModule;
import com.google.gerrit.httpd.auth.oauth.OAuthModule;
@@ -445,6 +446,7 @@ public class Daemon extends SiteProgram {
modules.add(H2CacheBasedWebSession.module());
modules.add(sysInjector.getInstance(GitOverHttpModule.class));
modules.add(sysInjector.getInstance(WebModule.class));
modules.add(sysInjector.getInstance(RequireSslFilter.Module.class));
modules.add(new HttpPluginModule());
if (sshd) {
modules.add(sshInjector.getInstance(WebSshGlueModule.class));

1
gerrit-war/src/main/java/com/google/gerrit/httpd/WebAppInitializer.java
View File

@@ -349,6 +349,7 @@ public class WebAppInitializer extends GuiceServletContextListener
modules.add(AllRequestFilter.module());
modules.add(sysInjector.getInstance(GitOverHttpModule.class));
modules.add(sysInjector.getInstance(WebModule.class));
modules.add(sysInjector.getInstance(RequireSslFilter.Module.class));
if (sshInjector != null) {
modules.add(sshInjector.getInstance(WebSshGlueModule.class));
} else {