build: 由于代码中有webdriver使用了jetty，我们这里去掉undertow，使用jetty来作为web容器

2022-07-02 18:38:23 +08:00 · 2022-07-02 18:38:23 +08:00 · e234b7f7e7
parent 0362488b0d
commit e234b7f7e7
3 changed files with 66 additions and 33 deletions
--- a/backend/pom.xml
+++ b/backend/pom.xml
@ -65,7 +65,16 @@
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-undertow</artifactId>
+            <artifactId>spring-boot-starter-jetty</artifactId>
+        </dependency>
+        <!-- http2 配置-->
+        <dependency>
+            <groupId>org.eclipse.jetty</groupId>
+            <artifactId>jetty-alpn-conscrypt-server</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.jetty.http2</groupId>
+            <artifactId>http2-server</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
--- a/backend/src/main/java/io/metersphere/config/HTTPSConfig.java
+++ b/backend/src/main/java/io/metersphere/config/HTTPSConfig.java
@ -1,21 +1,19 @@
 package io.metersphere.config;


-import io.undertow.Undertow;
-import io.undertow.UndertowOptions;
-import io.undertow.server.handlers.DisallowedMethodsHandler;
-import io.undertow.util.HttpString;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.ServerConnector;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.boot.web.embedded.undertow.UndertowServletWebServerFactory;
-import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
-import org.springframework.context.annotation.Bean;
+import org.springframework.boot.web.embedded.jetty.ConfigurableJettyWebServerFactory;
+import org.springframework.boot.web.server.WebServerFactoryCustomizer;
 import org.springframework.context.annotation.Configuration;


@Configuration
@ConditionalOnProperty(name = "server.ssl.enabled", havingValue = "true")
-public class HTTPSConfig {
+public class HTTPSConfig implements WebServerFactoryCustomizer<ConfigurableJettyWebServerFactory> {

    /**
     * http服务端口
@ -29,31 +27,21 @@ public class HTTPSConfig {
    @Value("${server.port}")
    private Integer httpsPort;

+    @Override
+    public void customize(ConfigurableJettyWebServerFactory factory) {

-    @Bean
-    public ServletWebServerFactory undertowFactory() {
-        UndertowServletWebServerFactory undertowFactory = new UndertowServletWebServerFactory();
-        undertowFactory.addBuilderCustomizers((Undertow.Builder builder) -> {
-            builder.addHttpListener(httpPort, "0.0.0.0");
-            // 开启HTTP2
-            builder.setServerOption(UndertowOptions.ENABLE_HTTP2, true);
-        });
-        // 暂不开启自动跳转
-//        undertowFactory.addDeploymentInfoCustomizers(deploymentInfo -> {
-//            // 开启HTTP自动跳转至HTTPS
-//            deploymentInfo.addSecurityConstraint(new SecurityConstraint()
-//                            .addWebResourceCollection(new WebResourceCollection().addUrlPattern("/*"))
-//                            .setTransportGuaranteeType(TransportGuaranteeType.CONFIDENTIAL)
-//                            .setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.PERMIT))
-//                    .setConfidentialPortManager(exchange -> httpsPort);
-//        });
-        // 禁用 TRACE 和 TRACK
-        undertowFactory.addDeploymentInfoCustomizers(deploymentInfo -> deploymentInfo.addInitialHandlerChainWrapper(handler -> {
-            HttpString[] disallowedHttpMethods = {HttpString.tryFromString("TRACE"), HttpString.tryFromString("TRACK")};
-            return new DisallowedMethodsHandler(handler, disallowedHttpMethods);
-        }));
-        return undertowFactory;
-    }
-
+        factory.addServerCustomizers(
+                server -> {
+                    HttpConfiguration httpConfiguration = new HttpConfiguration();
+                    httpConfiguration.setSecurePort(httpsPort);
+                    httpConfiguration.setSecureScheme("https");
+
+                    ServerConnector connector = new ServerConnector(server);
+                    connector.addConnectionFactory(new HttpConnectionFactory(httpConfiguration));
+                    connector.setPort(httpPort);
+                    server.addConnector(connector);
+                }
+        );
+    }
 }

--- a/backend/src/main/java/io/metersphere/security/JettyFilter.java
+++ b/backend/src/main/java/io/metersphere/security/JettyFilter.java
@ -0,0 +1,36 @@
+package io.metersphere.security;
+
+import io.metersphere.commons.utils.LogUtil;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@WebFilter(urlPatterns = "/*", filterName = "jettyFilter")
+public class JettyFilter implements Filter {
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        LogUtil.debug("拦截器执行-----");
+        if ("TRACE".equalsIgnoreCase(httpRequest.getMethod()) || "TRACK".equalsIgnoreCase(httpRequest.getMethod())) {
+            httpResponse.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
+            LogUtil.info("trace 拦截执行");
+            return;
+        }
+        LogUtil.debug("拦截器结束-----");
+        chain.doFilter(request, response);
+    }
+
+    @Override
+    public void destroy() {
+    }
+}