[UNDERTOW-2033] Derrive SecurePredicate from connection encryption, r…

…ather than scheme
undertow-io · Apr 26, 2024 · 13a5b3c · 13a5b3c
1 parent a41521a
commit 13a5b3c
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/core/src/main/java/io/undertow/predicate/SecurePredicate.java b/core/src/main/java/io/undertow/predicate/SecurePredicate.java
@@ -19,11 +19,14 @@
 package io.undertow.predicate;
 
 import io.undertow.server.HttpServerExchange;
+import io.undertow.server.SSLSessionInfo;
 
 import java.util.Collections;
 import java.util.Map;
 import java.util.Set;
 
+import javax.net.ssl.SSLSession;
+
 /**
  * @author Stuart Douglas
  */
@@ -33,7 +36,10 @@ public class SecurePredicate implements Predicate {
 
     @Override
     public boolean resolve(HttpServerExchange value) {
-        return value.getRequestScheme().equals("https");
+        final SSLSession session = value.getConnection().getSslSession();
+        final SSLSessionInfo info = value.getConnection().getSslSessionInfo();
+        return (session != null && session.isValid())
+                || (info != null && info.getSSLSession() != null && info.getSSLSession().isValid());
     }
 
     public String toString() {