我如何知道对 servlet 的请求是使用 HTTP 还是 HTTPS 执行的? [英] How can I know if the request to the servlet was executed using HTTP or HTTPS?

问题描述

我用 Java 编写了一个 servlet，我想知道对该 servlet 的请求是使用 HTTP 还是 HTTPS 执行的.

I wrote a servlet in Java and I would like to know if the request to that servlet was executed using HTTP or HTTPS.

我以为我可以使用 request.getProtocol() 但它在两种方法上都返回 HTTP/1.1.

I thought I can use request.getProtocol() but it returns HTTP/1.1 on both methods.

有什么想法吗?

推荐答案

HttpSerlvetRequest.isSecure() 就是答案.ServletContainer 负责在以下情况下返回 true:

HttpSerlvetRequest.isSecure() is the answer. The ServletContainer is responsible for returning true in the following cases:

• 如果 ServletContainer 本身可以接受 https 上的请求.
• 如果ServletContainer前面有一个LoadBalancer.并且，LoadBlancer 收到了 https 上的请求，并将其发送到 plain http 上的 ServletContainer.在这种情况下，LoadBalancer 将 X-SSL-Secure : true 标头发送到 ServletContainer，这应该得到尊重.

• If the ServletContainer can itself accept requests on https.
• If there is a LoadBalancer in front of ServletContainer. And , the LoadBlancer has got the request on https and has dispatched the same to the ServletContainer on plain http. In this case, the LoadBalancer sends X-SSL-Secure : true header to the ServletContainer, which should be honored.

容器还应在 https 上收到请求时使此请求属性可用:

The Container should also make this request attributes available when the request is received on https:

• javax.servlet.http.sslsessionid
• javax.servlet.request.key_size
• javax.servlet.request.X509证书

这篇关于我如何知道对 servlet 的请求是使用 HTTP 还是 HTTPS 执行的?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！