Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

classNotFoundException:org.eclipse.jetty.ee10.webapp.WebAppContext #12100

Closed
fgolzari opened this issue Jul 28, 2024 · 27 comments
Closed

classNotFoundException:org.eclipse.jetty.ee10.webapp.WebAppContext #12100

fgolzari opened this issue Jul 28, 2024 · 27 comments
Labels
Question

Comments

@fgolzari
Copy link

Jetty Version
12
Jetty Environment
ee10
Java Version
21
Question
while deploying the project ,while parsing jetty.xml file, it gives
classNotFoundException:org.eclipse.jetty.ee10.webapp.WebAppContext class.
When I search in the log of jetty, I see ee10-webapp jar file, loaded in class path. Why does this error happen?

This part of the configs is in the jetty.xml file

<New id="service"  class="org.eclipse.jetty.ee10.webapp.WebAppContext">
  <Arg name="webapp"><SystemProperty name="jetty.base" default="." />/webapps/service</Arg>
  <Arg name="contextpath">/service</Arg>
  <Set name="configurationClasses"><Ref refid="plusConfig"></Set>
  <Set name="defaultDescriptor"><SystemProperty name="jetty.base" default="." />/etc/webdefault-ee10.xml</Set>
  <Set name="tempDirectory"><SystemProperty name="jetty.base" default="." />/work/service</Set>
  <Get name="errorHandler">
    <Call name="setShowStacks">
      <Arg type="boolean">false</Arg>
    </Call>
  </Get>
  <Call name="setAttribute"> 
      <Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg> 
      <Arg>.*/.*jsp-api-[^/]*\.jar$|.*/.*jsp-[^/]*\.jar$|.*/.*taglib-[^/]*\.jar$</Arg> 
  </Call>
</New>

This part is in the continuation of the above configs in jetty.xml
image
@sbordet
Copy link
Contributor

sbordet commented Jul 28, 2024

Please add the output of:

$ java -jar $JETTY_HOME/start.jar --list-config

@fgolzari
Copy link
Author

image

@sbordet
Copy link
Contributor

sbordet commented Jul 28, 2024

@fgolzari please do not add images that are half cropped and provide no information.

Copy/paste the output as text and attach the output to this issue.

@fgolzari
Copy link
Author

@sbordet Unfortunately, I am working on a server that has closed access to copy and I can only take screenshots

@fgolzari
Copy link
Author

@sbordet

Enabled Modules:
JVM Version & Properties:
java.home = /opt/chmail/common/lib/jvm/openjdk-21.0.3-chmail
java.vm.vendor = Oracle Corporation
java.vm.version = 21.0.3+7-LTS-152
java.vm.name = Java HotSpot(TM) 64-Bit Server VM
java.vm.info = mixed mode, sharing
java.runtime.name = Java(TM) SE Runtime Environment
java.runtime.version = 21.0.3+7-LTS-152
java.io.tmpdir = /tmp
user.dir = /opt/chmail
user.language = en
user.country = US
Jetty Version & Properties:
jetty.version = 12.0.11
jetty.tag.version = jetty-12.0.11
jetty.build = 9f90cedce372142f30c744a16a38d2c6bf634ab6
jetty.home = /opt/chmail/common/jetty_home
jetty.base = /opt/chmail
Config Search Order:
<command-line>
${jetty.base} -> /opt/chmail
${jetty.home} -> /opt/chmail/common/jetty_home
System Properties:
(no system properties specified)
Properties: Jetty
java.version = 21.0.3
java.version.major = 21
java.version.micro = 3
java.version.minor = 0
java.version.platform = 21
jetty.base = /opt/chmail
jetty.base.uri = file:///opt/chmail
jetty.home = /opt/chmail/common/jetty_home
jetty.home.uri = file:///opt/chmail/common/jetty_home
runtime.feature.alpn = true
Classpath: Jetty
No classpath entries and/or version information available show.

@sbordet
Copy link
Contributor

sbordet commented Jul 28, 2024

There appear to be no enabled modules, so there are no Jetty components.

You likely have a misconfiguration.

@fgolzari
Copy link
Author

@sbordet
command for start jetty

/opt/chmail/common/bin/java_mailboxd -Djavax.net.debug=all -Dfile.encoding=UTF-8 -server
-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2, TLSv1.3 -Djdk.tls.client.protocols=TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
-Djava.awt.headless=true -Dsun.net.inetaddr.ttl=60 -Dorg.apache.jasper.compiler.disablejsr199=true -XX:+UseG1GC
-XX:SoftRefLRUPolicyMSPerMB=1 -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=15 -XX:G1MaxNewSizePercent=45
-XX:-OmitStackTraceInFastThrow -verbose:gc
-Xlog:gc*=info,safepoint=info:file=/opt/chmail/log/gc.log:time:filecount=20,filesize=10m
-Djava.security.egd=file:/dev/./urandom --add-opens java.base/java.lang-ALL-UNNAMED
-Djava.net.preferIPv4Stack=true -Xss256k -Xms2048m -Xmx2048m -Djava.io.tmpdir=/opt/chmail/mailboxd/work
-Djava.library.path=/opt/chmail/lib -Dchmail.config=/opt/chmail/conf/localconfig.xml --module-path
/opt/chmail/mailboxd/common/endorsed -Djetty.base=/opt/chmail/mailboxd -Djetty.home=/opt/chmail/common/jetty_home
-DSTART=/opt/chmail/mailboxd/etc/start.config -jar /opt/chmail/common/jetty_home/start.jar
--module=chmail,server,ee10-servlet,ee10-servlets,ee10-jsp,ee10-jstl,jmx,ee10-websocket-jakarta,ee10-websocket-jetty
,ee10-websocket-jetty-client-webapp,resources,ext,plus,rewrite,ee-webapp,ee10-webapp,setuid,http,ee10-deploy,ee10-
apache-jsp jetty.home=/opt/chmail/common/jetty_home jetty.base=/opt/chmail/mailboxd
/opt/chmail/mailboxd/etc/jetty.xml --debug

and in the log of jetty, I see these lines, These do not mean that the module is added to the project?

DEBUG: rawlibref = lib/jetty-ee10-webapp-${jetty.version}.jar DEBUG: expanded = lib/jetty-ee10-webapp-12.0.11.jar
DEBUG:getPaths('lib/jetty-ee10-webapp-12.0.11.jar')
DEBUG: Using relative path pattern: glob:**/lib/jetty-ee10-webapp-12.0.11.jar
DEBUG: Found [lib/jetty-ee10-webapp-12.0.11.jar] /opt/chmail/common/jetty_home/lib/jetty-ee10-webapp-12.0.11.jar DEBUG: Adding classpath component: /opt/chmail/common/jetty_home/lib/jetty-ee10-webapp-12.0.11.jar

@sbordet
Copy link
Contributor

sbordet commented Jul 28, 2024

This is way too customized to understand what's going on.

Again, it's a problem with your setup, but I cannot tell you where, as you are doing things in the non-idiomatic Jetty way.

Even the logs are not Jetty's, so please double-check your class-path. While jetty-ee10-webapp-<version>.jar may be in the class-path, a dependency may not be there, and that's why you get the CNFE.

@fgolzari
Copy link
Author

@sbordet Is there anything similar to these samples for jetty 12 configs? https://github.com/jetty/jetty.project/blob/jetty-11.0.6/jetty-server/src/main/config/etc/jetty.xml

@janbartel
Copy link
Contributor

@fgolzari you cannot reference ee10 classes from inside the jetty.xml file, which does not have any of the ee10 classes on it's classpath at the point in time at which it is executed, it only has core jetty classes which are servlet api independent. Whatever setup of your webapps you are doing you need to move into an xml file that will be executed in the ee10 environment. You can either make a context xml file for each one (see https://jetty.org/docs/jetty/12/operations-guide/deploy/index.html#context-xml) or you could use the new feature of an environment-specific xml file that will be applied to each webapp before any context xml file to allow you to do configuration that is common to all webapps in a particular environment (see https://jetty.org/docs/jetty/12/operations-guide/deploy/index.html#env-context-xml). Moreover, the systemClasses and serverClasses have been deprecated in favour of protected and hidden classes. You can easily add these in your ee10-webapp.ini file that is created when you enabled the ee10-webapp module, here's a snippet from that file to show you where to declare it:

## Add to the environment wide default jars and packages protected or hidden from webapps.
## Protected (aka System) classes cannot be overridden by a webapp.
## Hidden (aka Server) classes cannot be seen by a webapp
## Lists of patterns are comma separated and may be either:
##  + a qualified classname e.g. 'com.acme.Foo' 
##  + a package name e.g. 'net.example.'
##  + a jar file e.g. '${jetty.base.uri}/lib/dependency.jar' 
##  + a directory of jars,resource or classes e.g. '${jetty.base.uri}/resources' 
##  + A pattern preceded with a '-' is an exclusion, all other patterns are inclusions
##
## The +=, operator appends to a CSV list with a comma as needed.
##
#jetty.webapp.addProtectedClasses+=,org.example.
#jetty.webapp.addHiddenClasses+=,org.example.

@fgolzari
Copy link
Author

@janbartel Thank you very much for your answer
I don't know exactly what classes or packages or paths should be added to ProtectedClasses and HiddenClasses, and the list I posted above is probably not accurate. How should I know what list to add to them?

@janbartel
Copy link
Contributor

@fgolzari systemClasses == protected and serverClasses == hidden.Bear in mind that the defaults are:

protected: java., javax., jakarta., org.xml., org.w3c.

hidden: org.eclipse.jetty.

I don't think you need to change the systemClasses aka protected at all. You might not need to change the serverClasses aka hidden either - when you enable various jetty modules, they expose or hide more packages as necessary so you don't need to explicitly manage it. I think all of yours are covered, except perhaps for org.eclipse.jetty.util. Do you really need that exposed? Does your webapp include the jettty-util jar in it's WEB-INF/lib?

It seems to me that your app might have accumulated a bunch of cruft over time that is hampering your ability to upgrade - you seem to be trying to replicate stuff that jetty does for you automatically, but based on some older versions of jetty. That means that you are configuring some things that are not used and some that are not necessary, and some things incorrectly. I would have a good long look at your jetty.xml file that I know is on your command line from the other issues you have raised - very probably this is not necessary and you should just let the normal jetty modules do the setup and you just configure the options with *.ini properties. This way you are making it much much easier to upgrade to newer releases as your *.ini settings are portable, but your custom .xml files probably aren't.

@fgolzari
Copy link
Author

@janbartel jetty.xml file

<?xml version="1.0" encoding="UTF-8"?>  
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://jetty.org/configure_10_0.dtd">  
<Configure id="Server" class="org.eclipse.jetty.server.Server">  
<Get name="ThreadPool" id="pool">  
    <Set name="minThreads" type="int">10</Set>  
    <Set name="maxThreads" type="int">500</Set>  
    <Set name="idleTimeout" type="int">10000</Set>  
    <Set name="detailedDump">false</Set>  
</Get>  
<Call class="com.chmail.common.jetty.JettyMonitor" name="setThreadPool">  
    <Arg><Ref refid="pool"/></Arg>  
</Call>  
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">  
    <Set name="outputBufferSize">32768</Set>  
    <Set name="requestHeaderSize">8192</Set>  
    <Set name="responseHeaderSize">8192</Set>  
    <Set name="sendServerVersion">false</Set>  
    <Set name="sendDateHeader">true</Set>  
    <Set name="headerCacheSize">512</Set>  
    <Set name="securePort">8443</Set>  
    <Call name="addCustomizer">  
        <Arg>  
            <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer">  
                <Set name="forwardedForHeader">bogus</Set>  
                <Set name="forwardedPortAsAuthority">false</Set>  
            </New>  
        </Arg>  
    </Call>  
</New>  
<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">  
    <Arg>  
        <Ref refid="httpConfig" />  
    </Arg>  
    <Call name="addCustomizer">  
        <Arg>  
            <New class="org.eclipse.jetty.server.SecureRequestCustomizer" />  
        </Arg>  
    </Call>  
</New>  
<Call id="httpConnector" name="addConnector">  
    <Arg>  
        <New id="http" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="httpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">8081</Set>  
            <Set name="idleTimeout">60000</Set>  
        </New>  
    </Arg>  
</Call>
<New id="chmailSslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">  
    <Set name="KeyStorePath">  
        <SystemProperty name="jetty.base" default="," />/etc/keystore  
    </Set>  
    <Set name="KeyStorePassword">**</Set>  
    <Set name="KeyManagerPassword">**</Set>  
    <Set name="EndpointIdentificationAlgorithm"></Set>  
    <Set name="renegotiationAllowed">TRUE</Set>  
    <Set name="IncludeProtocols">  
        <Array type="java.lang.String">  
            <Item>SSLv2Hello</Item>  
            <Item>TLSv1</Item>  
            <Item>TLSv1.1</Item>  
            <Item>TLSv1.2</Item>  
        </Array>  
    </Set>  
    <Set name="ExcludeCipherSuites">  
        <Array type="java.lang.String">  
            <Item>.* RC4 *</Item>  
        </Array>  
    </Set>  
</New>  
<Call id="httpsConnector" name="addConnector">  
    <Arg>  
        <New id="ssl" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">8443</Set>  
            <Set name="idleTimeout">60000</Set>  
        </New>  
    </Arg>  
</Call>  
<Call id="adminHttpsConnector" name="addConnector">  
    <Arg>  
        <New id="admin" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">7073</Set>  
            <Set name="idleTimeout">0</Set>  
        </New>  
    </Arg>  
</Call>
<Call id="mtaAdminHttpsConnector" name="addConnector">  
    <Arg>  
        <New id="mtaAdmin" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">7075</Set>  
            <Set name="idleTimeout">0</Set>  
        </New>  
    </Arg>  
</Call>  
<Call id="extConnector" name="addConnector">  
    <Arg>  
        <New id="ext" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">7078</Set>  
            <Set name="idleTimeout">60000</Set>  
        </New>  
    </Arg>  
</Call>
<Set name="handler">  
    <New id="rewirethandler" class="org.eclipse.jetty.rewrite.handler.RewriteHandler">  
        <Set name="originalPathAttribute">requestedPath</Set>  
        <!--<Call name="addRule"><arg><New class="org.eclipse.jetty.rewrite.handler.MsieSslRule"/></Arg></Call>-->  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.CompactPathRule"/>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewritePatternRule">  
                    <Set name="pattern">/Microsoft-Server-ActiveSync/*</Set>  
                    <Set name="replacement">/service/ext/ch</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewriteRegexRule">  
                    <Set name="regex">(?i)/ews/Exchange.asmx/*</Set>  
                    <Set name="replacement">/service/ext/ch</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewritePatternRule">  
                    <Set name="pattern">//*</Set>  
                    <Set name="replacement">/</Set>  
                    <Set name="terminating">true</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewritePatternRule">  
                    <Set name="pattern">/*</Set>  
                    <Set name="replacement">/</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Set name="handler">  
            <New id="collectionHandler" class="org.eclipse.jetty.server.Handler.Sequence">  
                <Arg name="handlers">  
                    <Array type="org.eclipse.jetty.server.Handler">  
                        <Item>  
                            <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"/>  
                        </Item>  
                        <Item>  
                            <New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler"/>  
                        </Item>  
                    </Array>  
                </Arg>  
            </New>  
        </Set>  
    </Set>  
    <Array id="plusConfig" type="java.lang.String">  
        <Item>org.eclipse.jetty.eel0.webapp.WebInfConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.WebXmlConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.MetaInfConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.FragmentConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.plus.webapp.EmvConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.plus.webapp.PlusConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.annotations.AnnotationConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.JettyWebXmlConfiguration</Item>  
    </Array>  
    <New id="service" class="org.eclipse.jetty.eel0.webapp.WebAppContext">  
        <Arg>  
            <Ref refid="Contexts"/>  
        </Arg>  
        <Arg name="webApp">  
            <SystemProperty name="jetty.base" default="."/>/webapps/service  
        </Arg>  
        <Arg name="contextpath">/service</Arg>  
        <Set name="configurationClasses">  
            <Ref refid="plusConfig"/>  
        </Set>  
        <Set name="defaultsDescriptor">  
            <SystemProperty name="jetty.base" default="."/>/etc/webdefault-eel0.xml  
        </Set>  
        <Set name="tempDirectory">  
            <SystemProperty name="jetty.base" default="."/>/work/service  
        </Set>  
        <Set name="compactPath">true</Set>  
        <Get name="errorHandler">  
            <Call name="setShowStacks">  
                <Arg type="boolean">false</Arg>  
            </Call>  
        </Get>  
        <Call name="setAttribute">  
            <Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg>  
            <arg>.*/.*jsp-api-[^/]*\.jar$</arg>  
        </Call>  
    </New>
<Call name="setAttribute">  
    <Arg>org.eclipse.jetty.eel0.webapp.systemClasses</Arg>  
    <Arg>  
        <Array type="java.lang.String">  
            <Item>java.</Item>  
            <Item>javax.</Item>  
            <Item>jakarta.</Item>  
            <Item>org.xml.</Item>  
            <Item>org.w3c.</Item>  
            <Item>org.apache.commons.logging.</Item>  
            <Item>org.eclipse.jetty.jndi.</Item>  
            <Item>org.eclipse.jetty.security.jaas.</Item>  
            <Item>org.eclipse.jetty.websocket.</Item>  
            <Item>org.eclipse.jetty.eel0.websocket.</Item>  
            <Item>org.eclipse.jetty.eel0.servlet.</Item>  
            <Item>org.eclipse.jetty.eel0.servlets.</Item>  
            <Item>org.eclipse.jetty.server.</Item>  
            <Item>org.eclipse.jetty.io.</Item>  
            <Item>org.eclipse.jetty.http.</Item>  
            <Item>org.eclipse.jetty.security.</Item>  
            <Item>org.eclipse.jetty.util.</Item>  
        </Array>  
    </Arg>  
</Call>  
<Call name="setAttribute">  
    <Arg>org.eclipse.jetty.eel0.webapp.serverClasses</Arg>  
    <Arg>  
        <Array type="java.lang.String">  
            <Item>-org.eclipse.jetty.jndi.</Item>  
            <Item>-org.eclipse.jetty.security.jaas.</Item>  
            <Item>-org.eclipse.jetty.websocket.</Item>  
            <Item>-org.eclipse.jetty.eel0.websocket.</Item>  
            <Item>-org.eclipse.jetty.eel0.servlet.</Item>  
            <Item>-org.eclipse.jetty.eel0.servlets.</Item>  
            <Item>-org.eclipse.jetty.server.</Item>  
            <Item>-org.eclipse.jetty.io.</Item>  
            <Item>-org.eclipse.jetty.http.</Item>  
            <Item>-org.eclipse.jetty.security.</Item>  
            <Item>-org.eclipse.jetty.util.</Item>  
            <Item>-org.eclipse.jetty.eel0.apache.</Item>  
            <Item>org.eclipse.jetty.</Item>  
        </Array>  
    </Arg>  
</Call>  
<Call name="setAttribute">  
    <Arg>org.eclipse.jetty.server.Request.maxFormContentSize</Arg>  
    <Arg>200000</Arg>  
</Call>  
<New id="logWriter" class="org.eclipse.jetty.server.RequestLogWriter">  
    <Arg>  
        <SystemProperty name="jetty.base" default="."/>/logs/access_log.yyyy_mm_dd  
    </Arg>  
    <Set name="retainDays">30</Set>  
    <Set name="append">true</Set>  
    <Set name="filenameDateFormat">yyyy-MM-dd</Set>  
</New>  
<Set name="requestLog">  
    <New id="Requestlog" class="org.eclipse.jetty.server.CustomRequestLog">  
        <Arg><Ref refid="logWriter"/></Arg>  
        <Arg><Call name="EXTENDED_NCSA_FORMAT" class="org.eclipse.jetty.server.CustomRequestLog"/></Arg>  
        <Arg>%(client)a %r %s %b "%{Referer}i" "%{User-Agent}i"</Arg>  
    </New>  
</Set>  
<!-- HTTPCOMPRESSIONBEGIN -->  
<Get id="next" name="handler"/>  
<Set name="handler">  
    <New id="GzipHandler" class="org.eclipse.jetty.server.handler.gzip.GzipHandler">  
        <Set name="handler"><Ref refid="next"/></Set>  
        <Set name="minGzipSize"><Property name="jetty.gzip.minGzipSize" deprecated="gzip.minGzipSize" default="2048"/></Set>  
        <Set name="includedMethods">  
            <Array type="String">  
                <Item>GET</Item>  
                <Item>POST</Item>  
            </Array>  
        </Set>  
    </New>  
</Set>  
<Set name="stopAtShutdown">true</Set>  
<Ref refid="http">  
    <Call name="open"/>  
</Ref>
<Configure>  
    <Ref refid="ssl">  
        <Call name="open"/>  
    </Ref>  
    <Ref refid="admin">  
        <Call name="open"/>  
    </Ref>  
</Configure>

@janbartel
Copy link
Contributor

Well, as I said earlier, you can't reference ee10 classes in a jetty.xml that is executed before the ee10 environment has been created. So you need to remove every mention of ee10 classes and put them into either a context xml file that the ee10-deployer will find for your webapp, or into one or more custom modules as I think @sbordet mentioned, and use the hidden and protected properties in ee10-webapp.ini to configure your server and system classes respectively.

@joakime
Copy link
Contributor

joakime commented Jul 30, 2024

@fgolzari do not use your jetty.xml. use jetty-home and jetty-base properly!

I cannot emphasize this enough!

Your desired configuration is effectively 100% custom and getting support will be incredibly difficult.
Your jetty.xml makes upgrading (and downgrading) Jetty a nightmare of man hours spent and specialty knowledge with each version change, again don't use your jetty.xml
Your jetty.xml is also incomplete, missing many important and critical components to operate properly.
Your jetty.xml cannot grow and adapt with the changes in Jetty as well, you've basically concreted yourself into a very specific version of Jetty and the JVM with that jetty.xml
In short your desire to use this jetty.xml is 100% the cause of all of your issues.
Abandon that jetty.xml (yes, i'm still harping on this)

Lets look at your jetty.xml in detail.

If you are using jetty-home and jetty-base then do not use this mess of a jetty.xml

<?xml version="1.0" encoding="UTF-8"?>  
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://jetty.org/configure_10_0.dtd">  
<Configure id="Server" class="org.eclipse.jetty.server.Server">  
<Get name="ThreadPool" id="pool">  
    <Set name="minThreads" type="int">10</Set>  
    <Set name="maxThreads" type="int">500</Set>  
    <Set name="idleTimeout" type="int">10000</Set>  
    <Set name="detailedDump">false</Set>  
</Get>

This is incomplete
This handled by the threadpool module, you configure it in start.d/threadpool.ini once enabled.
There is nothing special about this XML snippet.

<Call class="com.chmail.common.jetty.JettyMonitor" name="setThreadPool">  
    <Arg><Ref refid="pool"/></Arg>  
</Call>

This can exist as a custom module with XML in your jetty-base.

 <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">  
    <Set name="outputBufferSize">32768</Set>  
    <Set name="requestHeaderSize">8192</Set>  
    <Set name="responseHeaderSize">8192</Set>  
    <Set name="sendServerVersion">false</Set>  
    <Set name="sendDateHeader">true</Set>  
    <Set name="headerCacheSize">512</Set>  
    <Set name="securePort">8443</Set>  
    <Call name="addCustomizer">  
        <Arg>  
            <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer">  
                <Set name="forwardedForHeader">bogus</Set>  
                <Set name="forwardedPortAsAuthority">false</Set>  
            </New>  
        </Arg>  
    </Call>  
</New>

This is incomplete and is handled by the server module.
The configuration is in start.d/server.ini once enabled.
There is nothing special about this XML snippet.

<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">  
    <Arg>  
        <Ref refid="httpConfig" />  
    </Arg>  
    <Call name="addCustomizer">  
        <Arg>  
            <New class="org.eclipse.jetty.server.SecureRequestCustomizer" />  
        </Arg>  
    </Call>  
</New>

This is also incompleted.
This is handled by the ssl module once enabled.
There is nothing special about this XML snippet.

<Call id="httpConnector" name="addConnector">  
    <Arg>  
        <New id="http" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="httpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">8081</Set>  
            <Set name="idleTimeout">60000</Set>  
        </New>  
    </Arg>  
</Call>

This is also incomplete.
This is handled by the http module once enabled.
This is configured by the start.d/http.ini once enabled.
There is nothing special about this XML snippet.

<New id="chmailSslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">  
    <Set name="KeyStorePath">  
        <SystemProperty name="jetty.base" default="," />/etc/keystore  
    </Set>  
    <Set name="KeyStorePassword">**</Set>  
    <Set name="KeyManagerPassword">**</Set>  
    <Set name="EndpointIdentificationAlgorithm"></Set>  
    <Set name="renegotiationAllowed">TRUE</Set>  
    <Set name="IncludeProtocols">  
        <Array type="java.lang.String">  
            <Item>SSLv2Hello</Item>  
            <Item>TLSv1</Item>  
            <Item>TLSv1.1</Item>  
            <Item>TLSv1.2</Item>  
        </Array>  
    </Set>  
    <Set name="ExcludeCipherSuites">  
        <Array type="java.lang.String">  
            <Item>.* RC4 *</Item>  
        </Array>  
    </Set>  
</New>

This is incomplete as well.
This is also not using Java properly as you cannot enable the protocols SSLv2Hello, TLSv1, TLSv1.1 this way on modern versions of Java (they are disabled at the JVM level see java.security for details)
The ExcludeCipherSuites has a bad regex.
Using <Set> against IncludeProtocols and ExcludeCipherSuites is incorrect usage, these should be <Call> with add semantics.

This is handled by the ssl module once enabled.
It is configured via the start.d/ssl.ini

<Call id="httpsConnector" name="addConnector">  
    <Arg>  
        <New id="ssl" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">8443</Set>  
            <Set name="idleTimeout">60000</Set>  
        </New>  
    </Arg>  
</Call>

This is also incomplete.
This is also handled by the ssl module, once enabled.
It is configured with start.d/ssl.ini
There is nothing special about this XML snippet.

<Call id="adminHttpsConnector" name="addConnector">  
    <Arg>  
        <New id="admin" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">7073</Set>  
            <Set name="idleTimeout">0</Set>  
        </New>  
    </Arg>  
</Call>
<Call id="mtaAdminHttpsConnector" name="addConnector">  
    <Arg>  
        <New id="mtaAdmin" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">7075</Set>  
            <Set name="idleTimeout">0</Set>  
        </New>  
    </Arg>  
</Call>

This is an incomplete declaration.
This is ripe for a custom module to enable new connectors. (module + xml)
This snippet would live on it's own, in it's own XML.

<Call id="extConnector" name="addConnector">  
    <Arg>  
        <New id="ext" class="org.eclipse.jetty.server.ServerConnector">  
            <Arg name="server">  
                <Ref refid="Server" />  
            </Arg>  
            <Arg name="factories">  
                <Array type="org.eclipse.jetty.server.ConnectionFactory">  
                    <Item>  
                        <New class="org.eclipse.jetty.server.SslConnectionFactory">  
                            <Arg name="sslContextFactory">  
                                <Ref refid="chmailSslContextFactory" />  
                            </Arg>  
                            <Arg name="next">http/1.1</Arg>  
                        </New>  
                    </Item>  
                    <Item>  
                        <New class="org.eclipse.jetty.server.HttpConnectionFactory">  
                            <Arg name="config">  
                                <Ref refid="sslHttpConfig" />  
                            </Arg>  
                        </New>  
                    </Item>  
                </Array>  
            </Arg>  
            <Set name="host"></Set>  
            <Set name="port">7078</Set>  
            <Set name="idleTimeout">60000</Set>  
        </New>  
    </Arg>  
</Call>

This is also an incomplete declaration.
This is the same as above and is ripe for a custom module to enable new connectors. (module + xml)
This snippet would live on it's own, in it's own XML.

<Set name="handler">  
    <New id="rewirethandler" class="org.eclipse.jetty.rewrite.handler.RewriteHandler">  
        <Set name="originalPathAttribute">requestedPath</Set>  
        <!--<Call name="addRule"><arg><New class="org.eclipse.jetty.rewrite.handler.MsieSslRule"/></Arg></Call>-->  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.CompactPathRule"/>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewritePatternRule">  
                    <Set name="pattern">/Microsoft-Server-ActiveSync/*</Set>  
                    <Set name="replacement">/service/ext/ch</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewriteRegexRule">  
                    <Set name="regex">(?i)/ews/Exchange.asmx/*</Set>  
                    <Set name="replacement">/service/ext/ch</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewritePatternRule">  
                    <Set name="pattern">//*</Set>  
                    <Set name="replacement">/</Set>  
                    <Set name="terminating">true</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Call name="addRule">  
            <Arg>  
                <New class="org.eclipse.jetty.rewrite.handler.RewritePatternRule">  
                    <Set name="pattern">/*</Set>  
                    <Set name="replacement">/</Set>  
                </New>  
            </Arg>  
        </Call>  
        <Set name="handler">  
            <New id="collectionHandler" class="org.eclipse.jetty.server.Handler.Sequence">  
                <Arg name="handlers">  
                    <Array type="org.eclipse.jetty.server.Handler">  
                        <Item>  
                            <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"/>  
                        </Item>  
                        <Item>  
                            <New id="DefaultHandler" class="org.eclipse.jetty.server.handler.DefaultHandler"/>  
                        </Item>  
                    </Array>  
                </Arg>  
            </New>  
        </Set>  
    </Set>

This is also incomplete.
This is handled by the rewrite module once enabled.
The configuration of RewriteHandler is done by start.d/rewrite.ini
The configuration of custom rules is done by ${jetty-base}/etc/jetty-rewrite-rules.xml (which will be present once you enable the rewrite module)

    <Array id="plusConfig" type="java.lang.String">  
        <Item>org.eclipse.jetty.eel0.webapp.WebInfConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.WebXmlConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.MetaInfConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.FragmentConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.plus.webapp.EmvConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.plus.webapp.PlusConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.annotations.AnnotationConfiguration</Item>  
        <Item>org.eclipse.jetty.eel0.webapp.JettyWebXmlConfiguration</Item>  
    </Array>

This has no effect, nothing in Jetty uses this. In fact, all of these declarations are even bad (they have typos and some don't even exist)
This isn't how Jetty 10 onwards works.
Remove this entirely.
Enable the modules ee10-webapp and ee10-annotations, that's all you have to do.

    <New id="service" class="org.eclipse.jetty.eel0.webapp.WebAppContext">  
        <Arg>  
            <Ref refid="Contexts"/>  
        </Arg>  
        <Arg name="webApp">  
            <SystemProperty name="jetty.base" default="."/>/webapps/service  
        </Arg>  
        <Arg name="contextpath">/service</Arg>  
        <Set name="configurationClasses">  
            <Ref refid="plusConfig"/>  
        </Set>  
        <Set name="defaultsDescriptor">  
            <SystemProperty name="jetty.base" default="."/>/etc/webdefault-eel0.xml  
        </Set>  
        <Set name="tempDirectory">  
            <SystemProperty name="jetty.base" default="."/>/work/service  
        </Set>  
        <Set name="compactPath">true</Set>  
        <Get name="errorHandler">  
            <Call name="setShowStacks">  
                <Arg type="boolean">false</Arg>  
            </Call>  
        </Get>  
        <Call name="setAttribute">  
            <Arg>org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern</Arg>  
            <arg>.*/.*jsp-api-[^/]*\.jar$</arg>  
        </Call>  
    </New>

This cannot exist here.
This exists in the ${jetty-base}/webapps/ directory as it's own XML.
Make sure to enable the ee10-deploy module first.

<Call name="setAttribute">  
    <Arg>org.eclipse.jetty.eel0.webapp.systemClasses</Arg>  
    <Arg>  
        <Array type="java.lang.String">  
            <Item>java.</Item>  
            <Item>javax.</Item>  
            <Item>jakarta.</Item>  
            <Item>org.xml.</Item>  
            <Item>org.w3c.</Item>  
            <Item>org.apache.commons.logging.</Item>  
            <Item>org.eclipse.jetty.jndi.</Item>  
            <Item>org.eclipse.jetty.security.jaas.</Item>  
            <Item>org.eclipse.jetty.websocket.</Item>  
            <Item>org.eclipse.jetty.eel0.websocket.</Item>  
            <Item>org.eclipse.jetty.eel0.servlet.</Item>  
            <Item>org.eclipse.jetty.eel0.servlets.</Item>  
            <Item>org.eclipse.jetty.server.</Item>  
            <Item>org.eclipse.jetty.io.</Item>  
            <Item>org.eclipse.jetty.http.</Item>  
            <Item>org.eclipse.jetty.security.</Item>  
            <Item>org.eclipse.jetty.util.</Item>  
        </Array>  
    </Arg>  
</Call>

This has no impact on Jetty, that attribute name doesn't exist on Jetty 12.
Remove this.
This is not configured with an attribute anymore.
Use the start.d/*.ini to configure this.

<Call name="setAttribute">  
    <Arg>org.eclipse.jetty.eel0.webapp.serverClasses</Arg>  
    <Arg>  
        <Array type="java.lang.String">  
            <Item>-org.eclipse.jetty.jndi.</Item>  
            <Item>-org.eclipse.jetty.security.jaas.</Item>  
            <Item>-org.eclipse.jetty.websocket.</Item>  
            <Item>-org.eclipse.jetty.eel0.websocket.</Item>  
            <Item>-org.eclipse.jetty.eel0.servlet.</Item>  
            <Item>-org.eclipse.jetty.eel0.servlets.</Item>  
            <Item>-org.eclipse.jetty.server.</Item>  
            <Item>-org.eclipse.jetty.io.</Item>  
            <Item>-org.eclipse.jetty.http.</Item>  
            <Item>-org.eclipse.jetty.security.</Item>  
            <Item>-org.eclipse.jetty.util.</Item>  
            <Item>-org.eclipse.jetty.eel0.apache.</Item>  
            <Item>org.eclipse.jetty.</Item>  
        </Array>  
    </Arg>  
</Call>

This has no impact on Jetty, that attribute name also doesn't exist on Jetty 12.
Remove this.
This is not configured with an attribute anymore.
Use the start.d/*.ini to configure this.

<Call name="setAttribute">  
    <Arg>org.eclipse.jetty.server.Request.maxFormContentSize</Arg>  
    <Arg>200000</Arg>  
</Call>

This has no effect on Jetty 12.
Remove this.
The max form content size is not configured via an Attribute on the Server.
This exists only in a Context.
This attribute should be set on the WebAppContext, which means this configuration exists
in ${jetty.base}/webapps/*.xml files instead.

<New id="logWriter" class="org.eclipse.jetty.server.RequestLogWriter">  
    <Arg>  
        <SystemProperty name="jetty.base" default="."/>/logs/access_log.yyyy_mm_dd  
    </Arg>  
    <Set name="retainDays">30</Set>  
    <Set name="append">true</Set>  
    <Set name="filenameDateFormat">yyyy-MM-dd</Set>  
</New>  
<Set name="requestLog">  
    <New id="Requestlog" class="org.eclipse.jetty.server.CustomRequestLog">  
        <Arg><Ref refid="logWriter"/></Arg>  
        <Arg><Call name="EXTENDED_NCSA_FORMAT" class="org.eclipse.jetty.server.CustomRequestLog"/></Arg>  
        <Arg>%(client)a %r %s %b "%{Referer}i" "%{User-Agent}i"</Arg>  
    </New>  
</Set>

This is incomplete.
This is handled by the requestlog module once enabled.
The start.d/requestlog.ini is where you configure this.
There is nothing special about this XML snippet.

<!-- HTTPCOMPRESSIONBEGIN -->  
<Get id="next" name="handler"/>  
<Set name="handler">  
    <New id="GzipHandler" class="org.eclipse.jetty.server.handler.gzip.GzipHandler">  
        <Set name="handler"><Ref refid="next"/></Set>  
        <Set name="minGzipSize"><Property name="jetty.gzip.minGzipSize" deprecated="gzip.minGzipSize" default="2048"/></Set>  
        <Set name="includedMethods">  
            <Array type="String">  
                <Item>GET</Item>  
                <Item>POST</Item>  
            </Array>  
        </Set>  
    </New>  
</Set>

This is also incomplete.
This is handled by the gzip module once enabled.
The start.d/gzip.ini is where you configure this (once enabled).
There is nothing special about this XML snippet.

<Set name="stopAtShutdown">true</Set>

This is handled by the server module once enabled.
This is configured by the start.d/server.ini

<Ref refid="http">  
    <Call name="open"/>  
</Ref>
<Configure>  
    <Ref refid="ssl">  
        <Call name="open"/>  
    </Ref>  
    <Ref refid="admin">  
        <Call name="open"/>  
    </Ref>  
</Configure>

This XML snippet is bad/broken to begin with.
Remove these lines.
This behavior, of opening the connectors early, is the default behavior in Jetty.
Do not do this manually!!!
The lifecycle is completely messed up on those ServerConnectors with those open calls.

@fgolzari
Copy link
Author

fgolzari commented Jul 31, 2024
edited
Loading

@joakime you are amazing. You are an angel, you helped me a lot, thank you very very much
I followed your instructions step by step
I noticed many things and learned them,
that was perfect !

now jetty log gives this error:

2024-07-31 23:21:16.649: WARN:oejx.XmlConfiguration:main: Config error java.lang.reflect.InvocationTargetException at <Call name="addConnector"><Arg>| <New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector"><Arg name="server"><Ref refid="Server"/></Arg><Arg name="acceptors" type="int"><Property name="jetty.ssl.acceptors" default="1"/></Arg><Arg name="selectors" type="int"><Property name="jetty.ssl.selectors" default="-1"/></Arg><Arg name="factories">| <Array type="org.eclipse.jetty.server.ConnectionFactory"><Item>|???????<New class="org.eclipse.jetty.server.SslConnectionFactory"><Arg name="sslContextFactory">|?????????<Ref refid="sslContextFactory" />|????????</Arg><Arg name="next">http/1.1</Arg></New>|??????</Item><Item>|???????<New class="org.eclipse.jetty.server.HttpConnectionFactory"><Arg name="config">|?????????<Ref refid="sslHttpConfig"/>|????????</Arg></New>|??????</Item></Array>| </Arg><Set name="host" property="jetty.ssl.host"/><Set name="port"><Property name="jetty.ssl.port" default="8443"/></Set><Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" default="30000"/></Set><Set name="acceptorPriorityDelta" property="jetty.ssl.acceptorPriorityDelta"/><Set name="acceptQueueSize" property="jetty.ssl.acceptQueueSize"/><Set name="reuseAddress"><Property name="jetty.ssl.reuseAddress" default="true"/></Set><Set name="reusePort"><Property name="jetty.ssl.reusePort" default="false"/></Set><Set name="acceptedTcpNoDelay"><Property name="jetty.ssl.acceptedTcpNoDelay" default="true"/></Set><Set name="acceptedReceiveBufferSize" property="jetty.ssl.acceptedReceiveBufferSize"/><Set name="acceptedSendBufferSize" property="jetty.ssl.acceptedSendBufferSize"/></New>] </Arg></Call> in file:///opt/chmail/jetty_base/etc/jetty-ssl.xml
2024-07-31 23:21:16.654: WARN:oejx.XmlConfiguration:main: Unable to execute XmlConfiguration
.
.
.
Caused by: java.lang.NullPointerException at java.base/java.util.objects.requireNonNull(Objects.java:233) at org.eclipse.jetty.server.HttpConnectionFactory.<init>(HttpConnectionFactory.java:48) at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(DirectConstructorHandleAccessor.java:62)

jetyy-ssl.xml:

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://jetty.org/configure_10_0.dtd">

<Configure id="Server" class="org.eclipse.jetty.server.Server">

<Call name="addConnector">
<Arg>
-->
<New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
    <Arg name="server"><Ref refid="Server" /></Arg>
    <Arg name="acceptors" type="int"><Property name="jetty.ssl.acceptors" default="1"/></Arg>
    <Arg name="selectors" type="int"><Property name="jetty.ssl.selectors" default="-1"/></Arg>
    <Arg name="factories">
        <Array type="org.eclipse.jetty.server.ConnectionFactory">
            <Item>
                <New class="org.eclipse.jetty.server.SslConnectionFactory">
                    <Arg name="sslContextFactory">
                        <Ref refid="sslContextFactory" />
                    </Arg>
                    <Arg name="next">http/1.1</Arg>
                </New>
            </Item>
            <Item>
                <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                    <Arg name="config">
                        <Ref refid="sslHttpConfig" />
                    </Arg>
                </New>
            </Item>
        </Array>
    </Arg>
    <Set name="host" property="jetty.ssl.host"/>
    <Set name="port"><Property name="jetty.ssl.port" default="8443" /></Set>
    <Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" default="30000"/></Set>
    <Set name="acceptorPriorityDelta" property="jetty.ssl.acceptorPriorityDelta"/>
    <Set name="acceptQueueSize" property="jetty.ssl.acceptQueueSize"/>
    <Set name="reuseAddress"><Property name="jetty.ssl.reuseAddress" default="true"/></Set>
    <Set name="reusePort"><Property name="jetty.ssl.reusePort" default="false"/></Set>
    <Set name="acceptedTcpNoDelay"><Property name="jetty.ssl.acceptedTcpNoDelay" default="true"/></Set>
    <Set name="acceptedReceiveBufferSize" property="jetty.ssl.acceptedReceiveBufferSize" />
    <Set name="acceptedSendBufferSize" property="jetty.ssl.acceptedSendBufferSize" />
</New>
</Arg>
</Call>

<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Arg><Ref refid="httpConfig"/></Arg>
    <Call name="addCustomizer">
        <Arg>
            <New class="org.eclipse.jetty.server.SecureRequestCustomizer">
                <Arg name="sniRequired" type="boolean"><Property name="jetty.ssl.sniRequired" default="false"/></Arg>
                <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
                <Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg>
                <Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsincludeSubdomains" default="false"/></Arg>
            </New>
        </Arg>
    </Call>
</New>
</Configure>

The constructor of HttpConnectionFactory class is giving an error, that is, the argument passed to it is null.
It means that sslHttpConfig could not get a value. how is it?

@janbartel
Copy link
Contributor

@fgolzari why do you have jetty-ssl.xml inside your jetty base etc directory? That file should only exist over in jetty home etc directory - you just need to configure it with properties in your jetty base start.d/ssl.ini file once you've enabled the ssl module.

@fgolzari
Copy link
Author

fgolzari commented Aug 1, 2024
edited
Loading

@janbartel Yes, I moved jetty-ssl.xml file to /jety_base/etc path because I wanted to add factories to it.
It means that I should add these things that I want to add, to the same file in /jetty_home/etc path?
Adding factories via start.d/ssl.ini was not possible as far as I could see.

In general, any xml file that is copied from /jetty_home/etc to /jety_base/etc path, will cause an error?

@sbordet
Copy link
Contributor

sbordet commented Aug 1, 2024

@fgolzari what factories do you want to add and why?

You should almost never copy files from $JETTY_HOME/etc to $JETTY_BASE/etc.

@fgolzari
Copy link
Author

fgolzari commented Aug 1, 2024

@sbordet

 <Array type="org.eclipse.jetty.server.ConnectionFactory">
            <Item>
                <New class="org.eclipse.jetty.server.SslConnectionFactory">
                    <Arg name="sslContextFactory">
                        <Ref refid="sslContextFactory" />
                    </Arg>
                    <Arg name="next">http/1.1</Arg>
                </New>
            </Item>
            <Item>
                <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                    <Arg name="config">
                        <Ref refid="sslHttpConfig" />
                    </Arg>
                </New>
            </Item>
        </Array>

These configs are not in the default jetty-ssl.xml file and I added them

@sbordet
Copy link
Contributor

sbordet commented Aug 1, 2024

@fgolzari they are the default, and they are already specified in jetty-https.xml.

Remove your file and everything should just work.

@fgolzari
Copy link
Author

fgolzari commented Aug 1, 2024
edited
Loading

@sbordet I removed this file from $JETTY_BASE/etc path and activated https module and it passed this error
Thank you for your guidance

I have also added jetty.xml file to $JETTY_BASE/etc path because I wanted to add the following config piece to httpConfig. Is this also wrong?

<Call name="addCustomizer">  
    <Arg>  
        <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer">  
            <Set name="forwardedForHeader">bo</Set>  
            <Set name="forwardedPortAsAuthority">false</Set>  
        </New>  
    </Arg>  
</Call>

@sbordet
Copy link
Contributor

sbordet commented Aug 1, 2024

Yes, it is wrong.

You do not want to modify existing Jetty XML files in your %JETTY_BASE -- they should all remain unmodified in $JETTY_HOME.

For the particular case of the ForwardedRequestCustomizer we have modules that you can enable, and you can configure them via *.ini files.

https://jetty.org/docs/jetty/12/operations-guide/modules/standard.html#http-forwarded

@fgolzari
Copy link
Author

fgolzari commented Aug 1, 2024

@sbordet To add <Call name='addExcludeChipherSuites">...</Call> to jetty-ssl-context.xml file, is it necessary to add a special module or make configs in a *.ini file? Or should it be directly entered in jetty-ssl-context.xml file?

@sbordet
Copy link
Contributor

sbordet commented Aug 1, 2024
edited
Loading

Do not enter it directly to jetty-ssl-context.xml.

We need to support a simpler way to specify inclusion/exclusion of cipher suites, you have a point on that.
I filed #12120 to address this.

For now, do this:

Modify start.d/ssl.ini from this:

...
--modules=ssl
...

to this:

...
--modules=ssl
etc/tls-config.xml
...

Then create a new file $JETTY_BASE/etc/tls-config.xml with the following content:

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_10_0.dtd">

<Configure>
  <Ref refid="sslContextFactory">
    <Set name="ExcludeCipherSuites">
      <Array type="String">
        <Item>^TLS_RSA_.*$</Item>
        ...
      </Array>
    </Set>
  </Ref>
</Configure>

You can configure the sslContextFactory object as you please in this file.
Note that you can use regular expressions in the item list of the cipher suite names.

In this way, you do not modify any of the original Jetty module or XML files, you only add your modifications to $JETTY_BASE, or you configure properties *.ini files in $JETTY_BASE/start.d.

@fgolzari
Copy link
Author

fgolzari commented Aug 3, 2024

@joakime , @sbordet , @janbartel ,
thank you very much to the powerful Jetty team. Thank you for helping me so much. You are very honorable people. I learned a lot from you.
@joakime You are truly a saving angel. Thank you for all the explanations you wrote in great detail. you are amazing!

@janbartel
Copy link
Contributor

Closing this issue as the questions have been answered.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
Question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@joakime @janbartel @sbordet @fgolzari