Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Issue with upgrading to Jetty 9.4.11

Hi all,

 

I just would like to report that I am making some progress on upgrading Jetty 7 to Jetty 9.4.11, I will share the things that I have learned once the effort is completed. However, I am now stuck because, for some reason, Jetty 9.4.11 is returning a non-secure uri when it supposed to return secure uri back to the browsers. My question is this, how do I indicate to Jetty 9.4.11 to return a secure redirection uri instead of non-secure? Or, how does Jetty 9.4.11 determine how to redirect to secure instead of non secure uri? Please see the debug information generated by my jetty 9.4.11 below. I am almost there towards the completion of this effort. As you can see, it is returning a non secure uri for the location header attribute. My embedded Jetty 7 correctly returns secure uri for the location header attribute.

 

Thanks,

 

Ike

 

 

 

2018-10-10 12:28:36,691 [qtp958678400-48] DEBUG HttpChannel - sendResponse info=null content=HeapByteBuffer@5639ad7d[p=0,l=0,c=0,r=0]={<<<>>>} complete=true committing=true callback=Blocker@2afcfd94{null}

2018-10-10 12:28:36,691 [qtp958678400-48] DEBUG HttpChannel - COMMIT for /SSPDashboard/faces/logon.jsp;jsessionid=ycrx3afb3zghqc1kn4la5oc2g3v0itdceogh1seg5lll8p9gg.node0 on HttpChannelOverHttp@4420504a{r=1,c=true,a=DISPATCHED,uri=//10.xxx.xxx.xxx:7777/SSPDashboard/faces/logon.jsp;jsessionid=ycrx3afb3zghqc1kn4la5oc2g3v0itdceogh1seg5lll8p9gg.node0,age=771}

302 null HTTP/1.1

X-Frame-Options: SAMEORIGIN

cache-control: no-store, no-cache, must-revalidate

pragma: no-cache

X-Content-Type-Options: nosniff

X-XSS-Protection: 1

Strict-Transport-Security: max-age=31536000

Set-Cookie: JSESSIONID=jzf3myxmxspuzsjnqj1mhn99stt66j3ref0162afecyid5ux.node0;Path=/SSPDashboard;Secure;HttpOnly

Expires: Thu, 01 Jan 1970 00:00:00 GMT

Location: http://10.xxx.xxx.xxx:7777/SSPDashboard/faces/configuration.jsp

=====================================================
Please refer to http://www.aricent.com/email-disclaimer
for important disclosures regarding this electronic communication.
=====================================================

Back to the top