Skip to content

Commit d9f5eef

Browse files
damenchobgrozev
authored andcommitted
Redirects all requests to jetty port 80 to the secure port(default 443). (#722)
* Redirects all requests to jetty port 80 to the secure port(default 443).
1 parent dda4d53 commit d9f5eef

File tree

3 files changed

+178
-2
lines changed

3 files changed

+178
-2
lines changed

src/main/java/org/jitsi/videobridge/osgi/JvbBundleConfig.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@ public class JvbBundleConfig
8888
// TCP harvester (started as part of Videobridge) does.
8989
"org/jitsi/videobridge/rest/RESTBundleActivator",
9090
"org/jitsi/videobridge/rest/PublicRESTBundleActivator",
91+
"org/jitsi/videobridge/rest/PublicClearPortRedirectBundleActivator",
9192
"org/jitsi/videobridge/stats/StatsManagerBundleActivator",
9293
"org/jitsi/videobridge/EndpointConnectionStatus"
9394
},
Lines changed: 173 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,173 @@
1+
/*
2+
* Copyright @ 2018 Atlassian Pty Ltd
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
package org.jitsi.videobridge.rest;
17+
18+
import org.eclipse.jetty.server.*;
19+
import org.eclipse.jetty.server.handler.*;
20+
import org.jitsi.rest.*;
21+
import org.jitsi.util.*;
22+
import org.osgi.framework.*;
23+
24+
import javax.servlet.*;
25+
import javax.servlet.http.*;
26+
import java.io.*;
27+
import java.util.*;
28+
29+
/**
30+
* Implements <tt>BundleActivator</tt> for the OSGi bundle which implements a
31+
* redirection from clear port 80 to the configured secure port.
32+
*
33+
* @author Damian Minkov
34+
*/
35+
public class PublicClearPortRedirectBundleActivator
36+
extends AbstractJettyBundleActivator
37+
{
38+
/**
39+
* The logger instance used by this
40+
* {@link PublicClearPortRedirectBundleActivator}.
41+
*/
42+
private static final Logger logger
43+
= Logger.getLogger(PublicClearPortRedirectBundleActivator.class);
44+
45+
/**
46+
* The prefix of the property names for the Jetty instance managed by
47+
* this {@link AbstractJettyBundleActivator}.
48+
*/
49+
public static final String JETTY_PROPERTY_PREFIX
50+
= "org.jitsi.videobridge.clearport.redirect";
51+
52+
/**
53+
* Initializes a new {@link PublicRESTBundleActivator}.
54+
*/
55+
public PublicClearPortRedirectBundleActivator()
56+
{
57+
super(JETTY_PROPERTY_PREFIX);
58+
}
59+
60+
/**
61+
* {@inheritDoc}
62+
*/
63+
@Override
64+
protected boolean willStart(BundleContext bundleContext)
65+
throws Exception
66+
{
67+
// redirection from clear port to the secure port, depends on the
68+
// configured jetty to have the secure port setup, if missing
69+
// we do not want to start this jetty instance
70+
if(cfg.getProperty(
71+
PublicRESTBundleActivator.JETTY_PROPERTY_PREFIX
72+
+ JETTY_TLS_PORT_PNAME) == null)
73+
{
74+
return false;
75+
}
76+
77+
// If there is no setting for the clear port, set it.
78+
// We do this check to have the default value
79+
// for {@link AbstractJettyBundleActivator} and to be able to set in the
80+
// config a value of -1 which will disable this redirect jetty instance
81+
if (cfg.getProperty(JETTY_PROPERTY_PREFIX + JETTY_PORT_PNAME) == null)
82+
{
83+
cfg.setProperty(JETTY_PROPERTY_PREFIX + JETTY_PORT_PNAME, 80);
84+
}
85+
86+
return super.willStart(bundleContext);
87+
}
88+
89+
90+
/**
91+
* Initializes the redirect handler.
92+
*
93+
* @param bundleContext the {@code BundleContext} in which the new instance
94+
* is to be initialized
95+
* @param server the {@code Server} on which the new instance will be set
96+
* @return the new {code HandlerList} instance to be set on {@code server}
97+
* @throws Exception
98+
*/
99+
@Override
100+
protected Handler initializeHandlerList(
101+
BundleContext bundleContext,
102+
Server server)
103+
throws Exception
104+
{
105+
List<Handler> handlers = new ArrayList<>();
106+
107+
handlers.add(
108+
new RedirectHandler(
109+
cfg.getInt(
110+
PublicRESTBundleActivator.JETTY_PROPERTY_PREFIX
111+
+ JETTY_TLS_PORT_PNAME,
112+
443)));
113+
114+
return initializeHandlerList(handlers);
115+
}
116+
117+
/**
118+
* {@inheritDoc}
119+
*
120+
* Just skips few of the printed errors in case of not having permission
121+
* to start it.
122+
*/
123+
@Override
124+
public void start(BundleContext bundleContext) throws Exception {
125+
try
126+
{
127+
super.start(bundleContext);
128+
}
129+
catch (Exception t)
130+
{
131+
logger.warn(
132+
"Could not start redirect from clear port(80) to secure port:"
133+
+ t.getMessage());
134+
}
135+
}
136+
137+
/**
138+
* Redirects requests to the https location using the specific port.
139+
*/
140+
private class RedirectHandler extends AbstractHandler
141+
{
142+
/**
143+
* The port of the target location.
144+
*/
145+
private final int targetPort;
146+
147+
RedirectHandler(int targetPort)
148+
{
149+
this.targetPort = targetPort;
150+
}
151+
152+
/**
153+
* Handles all requests by redirecting them
154+
* (with a 301) to the https location with the specified port.
155+
*/
156+
@Override
157+
public void handle(String target, Request baseRequest,
158+
HttpServletRequest request,
159+
HttpServletResponse response)
160+
throws IOException, ServletException
161+
{
162+
String host = request.getServerName();
163+
164+
String location
165+
= "https://" + host + ":" + targetPort + target;
166+
response.setHeader("Location", location);
167+
168+
response.setStatus(301);
169+
response.setContentLength(0);
170+
baseRequest.setHandled(true);
171+
}
172+
}
173+
}

src/main/java/org/jitsi/videobridge/rest/PublicRESTBundleActivator.java

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -402,14 +402,16 @@ private Handler initializeRedirectHandler(
402402
{
403403
privatePort
404404
= cfg.getInt(
405-
RESTBundleActivator.JETTY_PROPERTY_PREFIX + ".jetty.port",
405+
RESTBundleActivator.JETTY_PROPERTY_PREFIX
406+
+ JETTY_PORT_PNAME,
406407
8080);
407408
}
408409
else
409410
{
410411
privatePort
411412
= cfg.getInt(
412-
RESTBundleActivator.JETTY_PROPERTY_PREFIX + ".jetty.tls.port",
413+
RESTBundleActivator.JETTY_PROPERTY_PREFIX
414+
+ JETTY_TLS_PORT_PNAME,
413415
8443);
414416
}
415417

0 commit comments

Comments
 (0)