我如何知道对 servlet 的请求是使用 HTTP 还是 HTTPS 执行的? [英] How can I know if the request to the servlet was executed using HTTP or HTTPS?
本文介绍了我如何知道对 servlet 的请求是使用 HTTP 还是 HTTPS 执行的?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我用 Java 编写了一个 servlet,我想知道对该 servlet 的请求是使用 HTTP 还是 HTTPS 执行的.
I wrote a servlet in Java and I would like to know if the request to that servlet was executed using HTTP or HTTPS.
我以为我可以使用 request.getProtocol()
但它在两种方法上都返回 HTTP/1.1.
I thought I can use request.getProtocol()
but it returns HTTP/1.1 on both methods.
有什么想法吗?
推荐答案
HttpSerlvetRequest.isSecure() 就是答案.ServletContainer 负责在以下情况下返回 true:
HttpSerlvetRequest.isSecure() is the answer. The ServletContainer is responsible for returning true in the following cases:
- 如果 ServletContainer 本身可以接受 https 上的请求.
- 如果ServletContainer前面有一个LoadBalancer.并且,LoadBlancer 收到了 https 上的请求,并将其发送到 plain http 上的 ServletContainer.在这种情况下,LoadBalancer 将 X-SSL-Secure : true 标头发送到 ServletContainer,这应该得到尊重.
- If the ServletContainer can itself accept requests on https.
- If there is a LoadBalancer in front of ServletContainer. And , the LoadBlancer has got the request on https and has dispatched the same to the ServletContainer on plain http. In this case, the LoadBalancer sends X-SSL-Secure : true header to the ServletContainer, which should be honored.
容器还应在 https 上收到请求时使此请求属性可用:
The Container should also make this request attributes available when the request is received on https:
- javax.servlet.http.sslsessionid
- javax.servlet.request.key_size
- javax.servlet.request.X509证书
这篇关于我如何知道对 servlet 的请求是使用 HTTP 还是 HTTPS 执行的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文