관련 질문이 올라왔는데 답변이 좀 길어져서 여기에 공유합니다. Jetty 사용하시는 분들이 보시면 유용하실 것 같아요.

 

Redirecting http requests to https

To redirect http to https, the webapp should indicate it needs CONFIDENTIAL or INTEGRAL connections from users. This is done in web.xml:

<web-app>
  ...
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Everything in the webapp</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>
</web-app>

Then you need to tell the plain http connector if the users try to access that webapp using plain http, they should be redirected to the port of your ssl connector (the "confidential port"):

<Call name="addConnector">
   <Arg>
      <New class="org.eclipse.jetty.nio.SelectChannelConnector">
         ...
         <Set name="confidentialPort">443</Set>
      </New>
   </Arg>
</Call>

That's it. If the webapp doesn't indicate it needs CONFIDENTIAL or INTEGRAL connections (as it may be considered a deployment issue), you can set this requirement in the context (so you must deploy the webapp as a WebAppContext instead of just a war file):

  <Configure class="org.eclipse.jetty.webapp.WebAppContext">
     <Set name="securityHandler">
        <New class="org.eclipse.jetty.security.ConstraintSecurityHandler">
            <Call name="addConstraintMapping">
                <Arg>
                   <New class="org.eclipse.jetty.security.ConstraintMapping">
                       <Set name="pathSpec">/*</Set>
                       <Set name="constraint">
                          <New class="org.eclipse.jetty.util.security.Constraint">
                             <!-- 2 means CONFIDENTIAL. 1 means INTEGRITY -->
                             <Set name="dataConstraint">2</Set>
                          </New>
                       </Set>
                   </New>
                </Arg>
            </Call>
        </New>
     </Set>
  </Configure>

Configuring SSL for Earlier Versions of Jetty

For instructions on configuring SSL for versions earlier than Jetty 7.3.1, refer to Using Deprecated Methods to Configure SSL for Jetty.

 

출처: https://wiki.eclipse.org/Jetty/Howto/Configure_SSL