如何知道对servlet的请求是使用HTTP还是HTTPS执行的? [英] How can I know if the request to the servlet was executed using HTTP or HTTPS?
本文介绍了如何知道对servlet的请求是使用HTTP还是HTTPS执行的?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我用Java编写了一个servlet,我想知道是否使用HTTP或HTTPS执行了对该servlet的请求。
I wrote a servlet in Java and I would like to know if the request to that servlet was executed using HTTP or HTTPS.
我以为我可以使用 request.getProtocol()
但它在两种方法上都返回HTTP / 1.1。
I thought I can use request.getProtocol()
but it returns HTTP/1.1 on both methods.
有什么想法吗?
推荐答案
HttpSerlvetRequest.isSecure() 就是答案。在以下情况下,ServletContainer负责返回true:
HttpSerlvetRequest.isSecure() is the answer. The ServletContainer is responsible for returning true in the following cases:
- 如果ServletContainer本身可以接受https上的请求。
- 如果ServletContainer前面有一个LoadBalancer。并且,LoadBlancer已经在 https 上获得了请求,并已将其发送到 plain http 上的ServletContainer。在这种情况下,LoadBalancer将 X-SSL-Secure:true 标头发送到ServletContainer,这应该受到尊重。
- If the ServletContainer can itself accept requests on https.
- If there is a LoadBalancer in front of ServletContainer. And , the LoadBlancer has got the request on https and has dispatched the same to the ServletContainer on plain http. In this case, the LoadBalancer sends X-SSL-Secure : true header to the ServletContainer, which should be honored.
当在 https 上收到请求时,容器还应提供此请求属性:
The Container should also make this request attributes available when the request is received on https:
- javax.servlet.http.sslsessionid
- javax.servlet.request.key_size
- javax.servlet.request.X509Certificate
这篇关于如何知道对servlet的请求是使用HTTP还是HTTPS执行的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文