Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Encryption of the HTTP protocol (e.g. not its payload) 
Hi,

On Fri, Dec 20, 2019 at 9:41 AM Karel Goderis <karel.goderis@xxxxxx> wrote:
> Just for my understanding, willl HttpSession be maintained? It is the placeholder I use to store the encryption key that goes with that given connection.  And, does that have to go trough a new connection, or is there an alternative? And reading your pointer, I suspect that it is the server that set ups that new connection to the client, not the other way around (e.g. In HAP it is the client that triggers the secured connection)? The ideal would be to have a kind of filter/handler that kicks in before HttpConnection/Channel is filled with data.
>

Then you have to explain better how HAP works.
Jetty can handle bytes _before_ HTTP/1.1 requests (e.g.
ProxyConnectionFactory), it can handle sniffing bytes to figure out
what protocol to use (e.g. OptionalSslConnectionFactory), and it can
handle upgrades _after_ HTTP/1.1 (e.g. WebSocket).
The EndPoint.upgrade() mechanism uses the same connection, there is no
new connection creation.

My pointer shows how the server upgrades the Jetty Connection object
on an existing EndPoint - it's what happens on server side.
The Jetty Connection object is what interpret the bytes from the network.
You start with HttpConnection that interprets HTTP/1.1 and you upgrade
to your HAPConnection that interprets HAP.
The TCP connection remains the same, what changes is only how you
interpret the network bytes.

-- 
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.

Back to the top