Package io.undertow.server.handlers
Class SSLHeaderHandler
java.lang.Object
io.undertow.server.handlers.SSLHeaderHandler
- All Implemented Interfaces:
HttpHandler
Handler that sets SSL information on the connection based on the following headers:
- SSL_CLIENT_CERT
- SSL_CIPHER
- SSL_SESSION_ID
If this handler is present in the chain it will always override the SSL session information, even if these headers are not present.
This handler MUST only be used on servers that are behind a reverse proxy, where the reverse proxy has been configured to always set these header for EVERY request (or strip existing headers with these names if no SSL information is present). Otherwise it may be possible for a malicious client to spoof a SSL connection.
- Author:
- Stuart Douglas
-
Nested Class Summary
Nested Classes -
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
handleRequest
(HttpServerExchange exchange) Handle the request.toString()
-
Field Details
-
HTTPS
- See Also:
-
-
Constructor Details
-
SSLHeaderHandler
-
-
Method Details
-
handleRequest
Description copied from interface:HttpHandler
Handle the request.- Specified by:
handleRequest
in interfaceHttpHandler
- Parameters:
exchange
- the HTTP request/response exchange- Throws:
Exception
-
toString
-