Jetty 9.3 changed the `setHandler` on the ServletContextHandler to no longer automatically detect SecurityHandler, SessionHandler, etc. It simply passes on the setHandler request to the ContextHandler class (with a warning logged). So make sure to explicitly use the method `setSecurityHandler` to set the ContraintSecurityHandler responsible for the http -> https redirection.pull/1438/head
sh.setConstraintMappings(new ConstraintMapping[] { cm }); | sh.setConstraintMappings(new ConstraintMapping[] { cm }); | ||||
// Configure this context to use the Security Handler defined before | // Configure this context to use the Security Handler defined before | ||||
rootContext.setHandler(sh); | |||||
rootContext.setSecurityHandler(sh); | |||||
} | } | ||||
// Setup the Gitblit context | // Setup the Gitblit context |