Skip to content

Instantly share code, notes, and snippets.

@indigo423

indigo423/jetty.xml

Created February 12, 2022 00:09
Show Gist options
  • Save indigo423/cccf6aacdc643d9f66eb964c2f06f4de to your computer and use it in GitHub Desktop.
Save indigo423/cccf6aacdc643d9f66eb964c2f06f4de to your computer and use it in GitHub Desktop.
Download ZIP
Jetty XML in OpenNMS 29.0.6
Raw
jetty.xml
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="requestHeaderSize"><SystemProperty name="org.opennms.netmgt.jetty.requestHeaderSize" default="4000" /></Set>
</New>
<Call name="addConnector">
<Arg>
<New id="httpConnector" class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server"><Ref refid="Server" /></Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config"><Ref refid="httpConfig" /></Arg>
<Arg name="compliance"><Call class="org.eclipse.jetty.http.HttpCompliance" name="valueOf"><Arg><Property name="jetty.http.compliance" default="RFC7230"/></Arg></Call></Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host"><SystemProperty name="org.opennms.netmgt.jetty.host" default="0.0.0.0" /></Set>
<Set name="port"><SystemProperty name="org.opennms.netmgt.jetty.port" default="8980" /></Set>
</New>
</Arg>
</Call>
<!-- Add AJP support -->
<!--
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.ajp.Ajp13SocketConnector">
<Set name="statsOn">true</Set>
<Set name="port">8981</Set>
</New>
</Arg>
</Call>
-->
<!-- Add HTTPS support -->
<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Arg><Ref refid="httpConfig"/></Arg>
<Call name="addCustomizer">
<Arg>
<New class="org.eclipse.jetty.server.SecureRequestCustomizer">
<Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
<Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg>
<Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsIncludeSubdomains" default="false"/></Arg>
</New>
</Arg>
</Call>
</New>
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
<Set name="KeyStorePath"><SystemProperty name="org.opennms.netmgt.jetty.https-keystore" /></Set>
<Set name="KeyStorePassword"><SystemProperty name="org.opennms.netmgt.jetty.https-keystorepassword" default="changeit" /></Set>
<Set name="KeyStoreType"><SystemProperty name="org.opennms.netmgt.jetty.https-keystoretype" default="JKS" /></Set>
<Set name="KeyStoreProvider"><SystemProperty name="org.opennms.netmgt.jetty.https-keystoreprovider" /></Set>
<Set name="KeyManagerPassword"><SystemProperty name="org.opennms.netmgt.jetty.https-keypassword" default="changeit" /></Set>
<Set name="TrustStorePath"><SystemProperty name="org.opennms.netmgt.jetty.https-keystore" /></Set>
<Set name="TrustStorePassword"><SystemProperty name="org.opennms.netmgt.jetty.https-keystorepassword" default="changeit" /></Set>
<Set name="TrustStoreType"><SystemProperty name="org.opennms.netmgt.jetty.https-keystoretype" default="JKS" /></Set>
<Set name="TrustStoreProvider"><SystemProperty name="org.opennms.netmgt.jetty.https-keystoreprovider" /></Set>
<Set name="certAlias"><SystemProperty name="org.opennms.netmgt.jetty.https-cert-alias" /></Set>
<Set name="useCipherSuitesOrder"><Property name="jetty.sslContext.useCipherSuitesOrder" default="true"/></Set>
<Set name="sslSessionCacheSize"><Property name="jetty.sslContext.sslSessionCacheSize" default="-1"/></Set>
<Set name="sslSessionTimeout"><Property name="jetty.sslContext.sslSessionTimeout" default="-1"/></Set>
<Set name="renegotiationAllowed">TRUE</Set>
<Call name="addExcludeCipherSuites">
<Arg>
<Array type="java.lang.String">
<Item>.*_CBC_.*</Item>
<Item>.*_DHE_.*</Item>
</Array>
</Arg>
</Call>
<Call name="addExcludeProtocols">
<Arg>
<Array type="java.lang.String">
<Item>TLSv1</Item>
<Item>TLSv1.1</Item>
</Array>
</Arg>
</Call>
</New>
<Call name="addConnector">
<Arg>
<New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server"><Ref refid="Server" /></Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="next">http/1.1</Arg>
<Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
</New>
</Item>
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config"><Ref refid="sslHttpConfig" /></Arg>
<Arg name="compliance"><Call class="org.eclipse.jetty.http.HttpCompliance" name="valueOf"><Arg><Property name="jetty.http.compliance" default="RFC7230"/></Arg></Call></Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host"><SystemProperty name="org.opennms.netmgt.jetty.https-host" default="0.0.0.0" /></Set>
<Set name="port"><SystemProperty name="org.opennms.netmgt.jetty.https-port" default="8443" /></Set>
</New>
</Arg>
</Call>
<!-- Settings for X-Frame-Options to avoid clickjacking -->
<!-- Comment out this block and the below reference to RewriteHandler to allow framing -->
<New id="RewriteHandler" class="org.eclipse.jetty.rewrite.handler.RewriteHandler">
<Set name="rules">
<Array type="org.eclipse.jetty.rewrite.handler.Rule">
<Item>
<New id="header" class="org.eclipse.jetty.rewrite.handler.HeaderPatternRule">
<Set name="pattern">*</Set>
<Set name="name">X-Frame-Options</Set>
<Set name="value">SAMEORIGIN</Set>
</New>
</Item>
</Array>
</Set>
</New>
<!-- Enable statistics -->
<Call name="insertHandler">
<Arg>
<New id="StatsHandler" class="org.eclipse.jetty.server.handler.StatisticsHandler">
</New>
</Arg>
</Call>
<Call class="org.eclipse.jetty.server.ConnectorStatistics" name="addToAllConnectors">
<Arg><Ref refid="Server"/></Arg>
</Call>
<New id="Handlers" class="org.eclipse.jetty.server.handler.HandlerCollection">
<Set name="handlers">
<Array type="org.eclipse.jetty.server.Handler">
<!-- Comment out this item to allow framing -->
<Item>
<Ref id="RewriteHandler"/>
</Item>
<Item>
<New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"/>
</Item>
<Item>
<New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler"/>
</Item>
<!-- NCSA Request Logging
<Item>
<New id="RequestLog" class="org.eclipse.jetty.server.handler.RequestLogHandler">
<Set name="requestLog">
<New id="RequestLogImpl" class="org.eclipse.jetty.server.NCSARequestLog">
<Arg>logs/jetty-requests-yyyy_mm_dd.log</Arg>
<Set name="retainDays">90</Set>
<Set name="append">true</Set>
<Set name="extended">true</Set>
<Set name="logTimeZone">US/Central</Set>
</New>
</Set>
</New>
</Item>
-->
</Array>
</Set>
</New>
<Set name="handler">
<New id="mdcHandler" class="org.opennms.netmgt.jetty.MDCHandler">
<Set name="handler"><Ref id="Handlers" /></Set>
</New>
</Set>
<New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager">
<Set name="contexts">
<Ref id="Contexts" />
</Set>
<Call name="setContextAttribute">
<Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg>
<Arg>.*/[^/]*\.jar$</Arg>
</Call>
<Call name="addAppProvider">
<Arg>
<New class="org.opennms.netmgt.jetty.OpenNMSWebAppProvider">
<Set name="monitoredDirName"><SystemProperty name="opennms.home" />/jetty-webapps</Set>
<Set name="scanInterval">10</Set>
<Set name="extractWars">false</Set>
</New>
</Arg>
</Call>
</New>
<Call name="addBean">
<Arg>
<Ref refid="DeploymentManager"/>
</Arg>
</Call>
</Configure>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment