From: Ryan Lubke <ryan.lubke_at_oracle.com>
Date: Fri, 23 Jul 2010 14:19:04 -0700

Folks,

One aspect of the port unification scheme provided by Grizzly is the
ability to redirect a non-secure request to a secure listener or vice
versa. A limitation is this redirection feature didn't provide the
ability to redirect the request to a different port.

The following is an example of how this is accomplished today:

      Protocol Definition
      ----------------------
<protocol name="http-redirect">
<protocol-chain-instance-handler>
<protocol-chain>
<protocol-filter classname="com.sun.grizzly.config.HttpRedirectFilter"
name="redirect-filter" />
</protocol-chain>
</protocol-chain-instance-handler>
</protocol>

      Port Unification Definition
      -----------------------
<protocol name="pu-listener">
<port-unification>
<protocol-finder protocol="listener-https"
                               
classname="com.sun.grizzly.config.HttpProtocolFinder"
                               name="http-finder"/>
<protocol-finder protocol="http-redirect"
                               
classname="com.sun.grizzly.config.HttpProtocolFinder"
                               name="http-redirect"/>
</port-unification>
</protocol>

"listener-https" is another protocol defined to be secure. The
"pu-listener" protocol is then associated
with the network listener. Assuming the network listener is bound to
port 8181, any http request made
to this port will be redirected to 8181 as https.

With the latest Grizzly integration (1.9.19-beta6), we've enhanced the
port redirection feature to simplify
the declaration and to allow the redirection to different ports.

Working with the example above and the new build in place, the
"http-redirect" protocol definition
simply becomes:

<protocol name="http-redirect">
<http-redirect />
</protocol>

However, the administrator could specify a "port" attribute to cause the
redirect to a listener on a different
port.

<protocol name="http-redirect">
<http-redirect port="4849" secure="true" />
</protocol>

We've also exposed an attribute called "secure" to signify whether or
not the target of the redirect is
secure or not.

At this point, we'd like to add two new commands to support this feature
for 3.1:

      create-http-redirect [--redirect-port=redirect-port]
[--secure-redirect=secure-redirect] [--target=server] protocolname
      delete-http-redirect [--target=server] protocolname

Option --redirect-port specifies the port the request will be redirected
to.
Option --secure-redirect specifies whether or not the redirect should be
http or https.

Thoughts? Comments?

Thanks,
-rl