[AAA-14] AJP protocol not supported with current Jetty, servlet attributes not populated - OpenDaylight JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Resolution: Done
Affects Version/s: None
Fix Version/s: None
Component/s: General
Labels:
None
Environment:

Operating System: All
Platform: All

External issue ID:
1977

Description

The ClaimAuthFilter expects authentication data provided by an HTTP proxy to populate the data served by certain ServletRequest and HttpServlet request getters (i.e. getRemoteUser(), getAuthType(), getAttribute(), etc.).

This data was transported using the AJP protocol and extraced by the servlet AJP handlers. A migration to Jetty away from Tomcat is underway. Tomcat fully supports AJP as well as earlier Jetty versions. But Jetty has now deprecated and removed AJP protocol support. Therefore an alternate method of transporting the HTTP proxy metadata is needed as well as being able to maintain using the defined servlet API (i.e. getRemoteUser(), getAuthType(), getAttribute(), etc.).

The proposed solution is to transport the metadata formerly carried in the AJP protocol in the HTTP protocol instead via extension HTTP headers and then add a servlet filter wrapping the HttpServletRequest which will override the methods in question to extract the data from the HTTP extension headers.

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: John Dennis

Reporter:: John Dennis

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 19/Sep/14 12:18 PM

Updated:: 21/Mar/19 11:56 AM

Resolved:: 15/Dec/15 10:51 AM