More concise port and TLS configuration #1051
Conversation
trustin
force-pushed
the
ports
branch
4 times, most recently
from
c06046b to
f7e74ef
Compare
Codecov Report
@@ Coverage Diff @@
## master #1051 +/- ##
==========================================
- Coverage 72.31% 72.27% -0.04%
==========================================
Files 507 507
Lines 22119 22154 +35
Branches 2705 2709 +4
==========================================
+ Hits 15995 16012 +17
- Misses 4715 4727 +12
- Partials 1409 1415 +6
Continue to review full report at Codecov.
|
| * {@link #defaultVirtualHost(VirtualHost)} already | ||
| */ | ||
| public ServerBuilder tls( | ||
| File keyCertChainFile, File keyFile, String keyPassword) throws SSLException { |
There was a problem hiding this comment.
@Nullable on keyPassword?
|
|
||
| /** | ||
| * Adds an HTTPS port that listens on all available network interfaces. If no HTTPS port is added, | ||
| * (i.e. no {@code https()} method is called), HTTPS support is disabled. |
There was a problem hiding this comment.
Just curious. What if a user called tls() method? I'm not sure but what's better behavior? Listening on randomly-assigned HTTPS port or disabling HTTPS or raising an exception? (Actually the current behavior is also OK to me)
There was a problem hiding this comment.
That's a good question. Refactored a little bit to default to HTTPS when tls() was called and added documentation about the behavior.
|
@anuraaga Now defaulting to HTTPS when tls() was called. Please review again. |
| @@ -653,6 +631,14 @@ public void operationComplete(ChannelFuture f) throws Exception { | |||
| primaryActivePort = actualPort; | |||
| } | |||
|
|
|||
| if (localAddress.getAddress().isAnyLocalAddress() || | |||
| localAddress.getAddress().isLoopbackAddress()) { | |||
| logger.info("Serving {} at {} - {}://127.0.0.1:{}/", | |||
There was a problem hiding this comment.
This is a good change :) FWIW, it might be considered a breaking change as it will result in double-logging for production users of armeria who almost certainly are doing the logging themselves.
There was a problem hiding this comment.
I'm curious if we should log at DEBUG level.
There was a problem hiding this comment.
Let me just leave this as it is for the sake of beginners' convenience. :-)
There was a problem hiding this comment.
Yeah I think it's good to use INFO but should probably mention in the release notes.
| * <h2 id="no_port_specified">What happens if no HTTP(S) port is specified?</h2> | ||
| * | ||
| * <p>When no TCP/IP port number or local address is specified, {@link ServerBuilder} will automatically bind | ||
| * to a random TCP/IP port assigned by O/S. It will serve HTTPS if you configured TLS (or HTTP otherwise), e.g. |
There was a problem hiding this comment.
by the O/S (or maybe OS, I'm not used to seeing a slash there)
Motivation: - A user currently has to specify SessionProtocol when adding a port, which increases the chance of specifying incorrect SessionProtocol. - sslContext() builder methods require SessionProtocol which is practically unncessary. - It would be confusing if Server serves plaintext HTTP when a user configured TLS even if he or she did not specify a port. More sensible behavior would be serving HTTPS when no port is specified in this case. Modifications: - Add http() and https() which supercede most port() methods. - Add tls() which supercede sslContext() methods. - Serve HTTPS by default when a user called tls() and no port was specified. - Add log messages that indicates the protocol and local address. - Deprecate the old methods. - Update documentation. - Miscellaneous: - Remove redundant `port(0, HTTP)` calls - Add `@Nullable` where necessary Result: - Fixes line#1050 - More user-friendliness
|
Thanks, reviewers! |
Motivation: - A user currently has to specify SessionProtocol when adding a port, which increases the chance of specifying incorrect SessionProtocol. - sslContext() builder methods require SessionProtocol which is practically unncessary. - It would be confusing if Server serves plaintext HTTP when a user configured TLS even if he or she did not specify a port. More sensible behavior would be serving HTTPS when no port is specified in this case. Modifications: - Add http() and https() which supercede most port() methods. - Add tls() which supercede sslContext() methods. - Serve HTTPS by default when a user called tls() and no port was specified. - Add log messages that indicates the protocol and local address. - Deprecate the old methods. - Update documentation. - Miscellaneous: - Remove redundant `port(0, HTTP)` calls - Add `@Nullable` where necessary Result: - Fixes line#1050 - More user-friendliness
Motivation:
which increases the chance of specifying incorrect SessionProtocol.
practically unncessary.
configured TLS even if he or she did not specify a port. More sensible
behavior would be serving HTTPS when no port is specified in this case.
Modifications:
specified.
port(0, HTTP)calls@Nullablewhere necessaryResult: