Skip to content

Tagging the ClientUpgradeRequest to be able to support per-reqiest client ssl auth #12660

New issue
New issue
Open
#14259
Open
Tagging the ClientUpgradeRequest to be able to support per-reqiest client ssl auth#12660
#14259
Assignees
lachlan-roberts
Labels
Enhancement
@iiliev2

Description

@iiliev2
iiliev2
opened on Dec 20, 2024

Jetty 12

In relation to #12659

The proxy uses secured transports, similar to the examples in org.eclipse.jetty.proxy.ClientAuthProxyTest

A websocket proxy must also be able to tag the ClientUpgradeRequest in order to be able to setup the ssl handshaking process to select a specific certificate on a per-request basis.

ClientUpgradeRequest upgradeRequest = ...
upgradeRequest.tag(new AliasTLSTag(...));
webClient.connect(endpoint, upgradeRequest, null);

Currently there is no way to do this with the websocket client AFAICT, but the underlying core client should be able to to it. So it is a matter of exposing such a method and copying the tag over to JettyClientUpgradeRequest in the connect.

Metadata

Metadata

Assignees

Labels

Enhancement

Type

No type

Projects

Jetty 12.1.6

Status

🏗 In progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions