01 package gate.cow.jetty;
02
03 import java.io.IOException;
04
05 import org.mortbay.io.EndPoint;
06 import org.mortbay.jetty.HttpSchemes;
07 import org.mortbay.jetty.Request;
08 import org.mortbay.jetty.nio.SelectChannelConnector;
09
10 /**
11 * Simple custom Jetty connector that speaks the normal HTTP protocol but
12 * pretends to be secure. It returns true from {@link #isConfidential} and
13 * {@link #isIntegral} and customizes the request to believe it is an HTTPS
14 * request. This connector is useful when you are running CoW behind an Apache
15 * proxy that handles HTTPS requests and thus don't want to have to handle
16 * encryption within CoW, but you still want to be able to use the web.xml
17 * security-constraint mechanism to redirect requests to the secure port where
18 * necessary.
19 *
20 * For such a scenario your Apache server would need to be set up to ProxyPass
21 * HTTP requests to the normal Grails port and HTTPS requests to the port on
22 * which this SecureProxyConnector is listening. The server.port.https system
23 * property should be set to the port on which the <i>Apache</i> HTTPS server
24 * is listening (typically 443), not the port on which this
25 * SecureProxyConnector is listening.
26 */
27 public class SecureProxyConnector extends SelectChannelConnector {
28
29 /**
30 * Create a SecureProxyConnector listening on the given port.
31 */
32 public SecureProxyConnector(int port) {
33 super();
34 setPort(port);
35 }
36
37 /**
38 * Tell the request that it is being served over https.
39 */
40 public void customize(EndPoint ep, Request r) throws IOException {
41 super.customize(ep, r);
42 r.setScheme(HttpSchemes.HTTPS);
43 }
44
45 /**
46 * We are confidential.
47 */
48 public boolean isConfidential(Request r) {
49 return true;
50 }
51
52 /**
53 * We are integral.
54 */
55 public boolean isIntegral(Request r) {
56 return true;
57 }
58 }
|