Comments (7)
I think the best way to do this is to expose the SSLSession
object itself, for example under org.eclipse.jetty.servlet.request.ssl_session
, from where one could get much more information than just the TLS protocol version.
from jetty.project.
+1 to what @sbordet said.... but make it optional. Perhaps in the style of ForwardedRequestCustomizer, have a setSslSessionAttribute(String) method that set's the name of the attribute to use. If not set, then the attribute is not set.
from jetty.project.
Seems a bit dangerous to expose the full SSLSession to the web applications.
Why is just exposing the TLS protocol in a new attribute undesired?
from jetty.project.
Dangerous, how ?
Exposing the TLS protocol would be a non-standard addition, and then we would need to expose a bunch of other information that may be needed to web applications.
Exposing the SSLSession
avoids the proliferation of non-standard attributes: we just add one rather than one for every property that SSLSession
exposes.
from jetty.project.
If you don't know what you are doing with the SSLSession, couldn't you cause problems with your connection easily?
from jetty.project.
People can always mess things up if they don't know what they're doing, e.g. call System.exit(0)
.
For people that needs particular, non-common, SSLSession
information, looking up a non-standard attribute, I would say that if they mess up, well... but if they don't, they have all the information they want and we do this change once for all future SSLSession
attributes (e.g. ALPN protocols in JDK 9).
from jetty.project.
Fixed in jetty-9.2.x and merged up to jetty-9.3.x
from jetty.project.
Related Issues (20)
- Backport PRs 11746 and 11752 to jetty-12.0
- NPE from `org.eclipse.jetty.ee8.nested.Request.getRequestURL`
- jetty-http-spi does not properly provide SPI for modules HOT 5
- HttpExchange retained by HttpSenderOverHTTP which caused memory leak
- `LocalConnectorTest.testExpect100ContinueContentAvailable()` is flaky
- NPE in `HttpField.getHeader()` when `ServletChannelState.asyncError()` is called by H2
- Context start is logged twice for ee10
- Jetty Releases 10.0.21, 11.0.21
- Duplicate Resource / web-fragment registration HOT 2
- How to configure Jetty Server v12 ee10 for serving multiple static resources in the same base directory? HOT 3
- StdErrAppender should detect exception circular references
- ee10 DefaultServlet suffix mappings do not work
- Flaky H3 in org.eclipse.jetty.ee10.test.client.transport.HttpClientContinueTest
- Split `DefaultServlet` HOT 1
- client: Allow AsyncContentListener.onContent to throw checked Exceptions HOT 1
- Jetty http client metrics not pegging for http2 (plain text) request/response. HOT 1
- Follow Reactive Stream TCK for ContentSourcePublisher implementation
- module-info.java warnings for ManagedObject, ManagedAttribute, etc HOT 1
- Move jetty maven plugin integration tests out to tests module
- Maven "relativePath" usage
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jetty.project.