Java源码示例:org.apache.tomcat.util.descriptor.web.FilterDef
示例1
@Test
public void testDuplicateFilterMapping() throws Exception {
WebXml webxml = new WebXml();
Map<String,JavaClassCacheEntry> javaClassCache = new HashMap<>();
ContextConfig config = new ContextConfig();
File pFile = paramClassResource(
"org/apache/catalina/startup/DuplicateMappingParamFilter");
Assert.assertTrue(pFile.exists());
try {
config.processAnnotationsFile(pFile, webxml, false, javaClassCache);
Assert.fail();
} catch (IllegalArgumentException ex) {
// ignore
}
FilterDef filterDef = webxml.getFilters().get("paramD");
Assert.assertNull(filterDef);
}
示例2
private synchronized void init() throws Exception {
if (init) return;
Tomcat tomcat = getTomcatInstance();
Context root = tomcat.addContext("", TEMP_DIR);
Tomcat.addServlet(root, "Bug37794", new Bug37794Servlet());
root.addServletMappingDecoded("/test", "Bug37794");
if (createFilter) {
FilterDef failedRequestFilter = new FilterDef();
failedRequestFilter.setFilterName("failedRequestFilter");
failedRequestFilter.setFilterClass(
FailedRequestFilter.class.getName());
FilterMap failedRequestFilterMap = new FilterMap();
failedRequestFilterMap.setFilterName("failedRequestFilter");
failedRequestFilterMap.addURLPatternDecoded("/*");
root.addFilterDef(failedRequestFilter);
root.addFilterMap(failedRequestFilterMap);
}
tomcat.start();
setPort(tomcat.getConnector().getLocalPort());
init = true;
}
示例3
private MockFilterChain testRemoteIpFilter(FilterDef filterDef, Request request)
throws LifecycleException, IOException, ServletException {
Tomcat tomcat = getTomcatInstance();
Context root = tomcat.addContext("", TEMP_DIR);
RemoteIpFilter remoteIpFilter = new RemoteIpFilter();
filterDef.setFilterClass(RemoteIpFilter.class.getName());
filterDef.setFilter(remoteIpFilter);
filterDef.setFilterName(RemoteIpFilter.class.getName());
root.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(RemoteIpFilter.class.getName());
filterMap.addURLPatternDecoded("*");
root.addFilterMap(filterMap);
getTomcatInstance().start();
MockFilterChain filterChain = new MockFilterChain();
// TEST
TesterResponse response = new TesterResponse();
response.setRequest(request);
remoteIpFilter.doFilter(request, response, filterChain);
return filterChain;
}
示例4
@Test
public void testRequestForwarded() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
filterDef.addInitParameter("remoteIpHeader", "x-my-forwarded-for");
filterDef.addInitParameter("httpServerPort", "8080");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setHeader("x-my-forwarded-for", "140.211.11.130");
request.setHeader("x-forwarded-proto", "http");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
Assert.assertEquals("org.apache.tomcat.request.forwarded",
Boolean.TRUE,
actualRequest.getAttribute(Globals.REQUEST_FORWARDED_ATTRIBUTE));
}
示例5
private static void configureTest46243Context(Context context, boolean fail) {
// Add a test filter that fails
FilterDef filterDef = new FilterDef();
filterDef.setFilterClass(Bug46243Filter.class.getName());
filterDef.setFilterName("Bug46243");
filterDef.addInitParameter("fail", Boolean.toString(fail));
context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName("Bug46243");
filterMap.addURLPatternDecoded("*");
context.addFilterMap(filterMap);
// Add a test servlet so there is something to generate a response if
// it works (although it shouldn't)
Tomcat.addServlet(context, "Bug46243", new HelloWorldServlet());
context.addServletMappingDecoded("/", "Bug46243");
}
示例6
@Override
public void deployConfig(WebApplicationContext wac, Filter... filters) {
Assert.state(this.port != -1, "setup() was never called.");
this.context = this.tomcatServer.addContext("", System.getProperty("java.io.tmpdir"));
this.context.addApplicationListener(WsContextListener.class.getName());
Tomcat.addServlet(this.context, "dispatcherServlet", new DispatcherServlet(wac)).setAsyncSupported(true);
this.context.addServletMappingDecoded("/", "dispatcherServlet");
for (Filter filter : filters) {
FilterDef filterDef = new FilterDef();
filterDef.setFilterName(filter.getClass().getName());
filterDef.setFilter(filter);
filterDef.setAsyncSupported("true");
this.context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(filter.getClass().getName());
filterMap.addURLPattern("/*");
filterMap.setDispatcher("REQUEST,FORWARD,INCLUDE,ASYNC");
this.context.addFilterMap(filterMap);
}
}
示例7
@Override
public void deployConfig(WebApplicationContext wac, Filter... filters) {
Assert.state(this.port != -1, "setup() was never called.");
this.context = this.tomcatServer.addContext("", System.getProperty("java.io.tmpdir"));
this.context.addApplicationListener(WsContextListener.class.getName());
Tomcat.addServlet(this.context, "dispatcherServlet", new DispatcherServlet(wac)).setAsyncSupported(true);
this.context.addServletMappingDecoded("/", "dispatcherServlet");
for (Filter filter : filters) {
FilterDef filterDef = new FilterDef();
filterDef.setFilterName(filter.getClass().getName());
filterDef.setFilter(filter);
filterDef.setAsyncSupported("true");
this.context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(filter.getClass().getName());
filterMap.addURLPattern("/*");
filterMap.setDispatcher("REQUEST,FORWARD,INCLUDE,ASYNC");
this.context.addFilterMap(filterMap);
}
}
示例8
@Override
public void deployConfig(WebApplicationContext wac, Filter... filters) {
Assert.state(this.port != -1, "setup() was never called.");
this.context = this.tomcatServer.addContext("", System.getProperty("java.io.tmpdir"));
this.context.addApplicationListener(WsContextListener.class.getName());
Tomcat.addServlet(this.context, "dispatcherServlet", new DispatcherServlet(wac)).setAsyncSupported(true);
this.context.addServletMapping("/", "dispatcherServlet");
for (Filter filter : filters) {
FilterDef filterDef = new FilterDef();
filterDef.setFilterName(filter.getClass().getName());
filterDef.setFilter(filter);
filterDef.setAsyncSupported("true");
this.context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(filter.getClass().getName());
filterMap.addURLPattern("/*");
filterMap.setDispatcher("REQUEST,FORWARD,INCLUDE,ASYNC");
this.context.addFilterMap(filterMap);
}
}
示例9
/**
* Process the annotations for the filters.
*
* @param context The context which will have its annotations processed
*/
protected static void loadApplicationFilterAnnotations(Context context) {
FilterDef[] filterDefs = context.findFilterDefs();
for (FilterDef filterDef : filterDefs) {
Class<?> clazz = Introspection.loadClass(context, filterDef.getFilterClass());
if (clazz == null) {
continue;
}
loadClassAnnotation(context, clazz);
loadFieldsAnnotation(context, clazz);
loadMethodsAnnotation(context, clazz);
}
}
示例10
/**
* Return the set of defined filters for this Context.
* @return a string array with a representation of all
* the filter definitions
* @throws MBeanException propagated from the managed resource access
*/
public String[] findFilterDefs() throws MBeanException {
Context context = doGetManagedResource();
FilterDef[] filterDefs = context.findFilterDefs();
String[] stringFilters = new String[filterDefs.length];
for (int counter = 0; counter < filterDefs.length; counter++) {
stringFilters[counter] = filterDefs[counter].toString();
}
return stringFilters;
}
示例11
@Override
public FilterRegistration getFilterRegistration(String filterName) {
FilterDef filterDef = context.findFilterDef(filterName);
if (filterDef == null) {
return null;
}
return new ApplicationFilterRegistration(filterDef, context);
}
示例12
@Override
public Map<String, ? extends FilterRegistration> getFilterRegistrations() {
Map<String, ApplicationFilterRegistration> result = new HashMap<>();
FilterDef[] filterDefs = context.findFilterDefs();
for (FilterDef filterDef : filterDefs) {
result.put(filterDef.getFilterName(),
new ApplicationFilterRegistration(filterDef, context));
}
return result;
}
示例13
@Test
public void testFilterMapping() throws Exception {
WebXml webxml = new WebXml();
Map<String,JavaClassCacheEntry> javaClassCache = new HashMap<>();
ContextConfig config = new ContextConfig();
File sFile = paramClassResource(
"org/apache/catalina/startup/ParamServlet");
config.processAnnotationsFile(sFile, webxml, false, javaClassCache);
File fFile = paramClassResource(
"org/apache/catalina/startup/ParamFilter");
config.processAnnotationsFile(fFile, webxml, false, javaClassCache);
FilterDef fdef = webxml.getFilters().get("paramFilter");
Assert.assertNotNull(fdef);
Assert.assertEquals("Servlet says: ",fdef.getParameterMap().get("message"));
}
示例14
private void setUpApplication() throws Exception {
context = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir"));
context.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
Tomcat.addServlet(context, SERVLET_NAME, new TesterServlet());
context.addServletMappingDecoded(URI_PROTECTED, SERVLET_NAME);
FilterDef filterDef = new FilterDef();
filterDef.setFilterName(FILTER_NAME);
filterDef.setFilterClass(RestCsrfPreventionFilter.class.getCanonicalName());
filterDef.addInitParameter(FILTER_INIT_PARAM, REMOVE_CUSTOMER + "," + ADD_CUSTOMER);
context.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName(FILTER_NAME);
filterMap.addURLPatternDecoded(URI_CSRF_PROTECTED);
context.addFilterMap(filterMap);
SecurityCollection collection = new SecurityCollection();
collection.addPatternDecoded(URI_PROTECTED);
SecurityConstraint sc = new SecurityConstraint();
sc.addAuthRole(ROLE);
sc.addCollection(collection);
context.addConstraint(sc);
LoginConfig lc = new LoginConfig();
lc.setAuthMethod(METHOD);
context.setLoginConfig(lc);
AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
context.getPipeline().addValve(basicAuthenticator);
}
示例15
private void doTest(String encoding, String expected, int mode, boolean useSetContentType)
throws Exception {
// Setup Tomcat instance
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
// Add the Servlet
CharsetServlet servlet = new CharsetServlet(mode, useSetContentType);
Tomcat.addServlet(ctx, "servlet", servlet);
ctx.addServletMappingDecoded("/", "servlet");
// Add the Filter
FilterDef filterDef = new FilterDef();
filterDef.setFilterClass(AddDefaultCharsetFilter.class.getName());
filterDef.setFilterName("filter");
if (encoding != null) {
filterDef.addInitParameter("encoding", encoding);
}
ctx.addFilterDef(filterDef);
FilterMap filterMap = new FilterMap();
filterMap.setFilterName("filter");
filterMap.addServletName("servlet");
ctx.addFilterMap(filterMap);
tomcat.start();
Map<String, List<String>> headers = new HashMap<>();
getUrl("http://localhost:" + getPort() + "/", new ByteChunk(), headers);
String ct = getSingleHeader("Content-Type", headers).toLowerCase(Locale.ENGLISH);
Assert.assertEquals("text/plain;charset=" + expected.toLowerCase(Locale.ENGLISH), ct);
}
示例16
@Test
public void testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithCustomValues() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
filterDef.addInitParameter("remoteIpHeader", "x-my-forwarded-for");
filterDef.addInitParameter("httpServerPort", "8080");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setSecure(true);
request.setScheme("https");
request.setHeader("x-my-forwarded-for", "140.211.11.130");
request.setHeader("x-forwarded-proto", "http");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
boolean actualSecure = actualRequest.isSecure();
Assert.assertFalse("request must be unsecured as header x-forwarded-proto said it is http", actualSecure);
String actualScheme = actualRequest.getScheme();
Assert.assertEquals("scheme must be http as header x-forwarded-proto said it is http", "http", actualScheme);
int actualServerPort = actualRequest.getServerPort();
Assert.assertEquals("wrong http server port", 8080, actualServerPort);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例17
@Test
public void testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithDefaultValues() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setSecure(true);
request.setScheme("https");
request.setHeader("x-forwarded-for", "140.211.11.130");
request.setHeader("x-forwarded-proto", "http");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
boolean actualSecure = actualRequest.isSecure();
Assert.assertFalse("request must be unsecured as header x-forwarded-proto said it is http", actualSecure);
String actualScheme = actualRequest.getScheme();
Assert.assertEquals("scheme must be http as header x-forwarded-proto said it is http", "http", actualScheme);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例18
@Test
public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
Assert.assertNull("x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = request.getHeader("x-forwarded-by");
Assert.assertNull("x-forwarded-by must be null", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "192.168.0.10", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "remote-host-original-value", actualRemoteHost);
}
示例19
@Test
public void testInvokeAllProxiesAreInternal() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.addHeader("x-forwarded-for", "140.211.11.130, 192.168.0.10, 192.168.0.11");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are internal, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertNull("all proxies are internal, x-forwarded-by must be null", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例20
@Test
public void testInvokeAllProxiesAreTrusted() throws Exception {
// PREPARE
RemoteIpFilter remoteIpFilter = new RemoteIpFilter();
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
filterDef.setFilter(remoteIpFilter);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例21
@Test
public void testInvokeAllProxiesAreTrustedEmptyInternal() throws Exception {
// PREPARE
RemoteIpFilter remoteIpFilter = new RemoteIpFilter();
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
filterDef.setFilter(remoteIpFilter);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("proxy3");
request.setRemoteHost("remote-host-original-value");
request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2, proxy3", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例22
@Test
public void testInvokeAllProxiesAreTrustedUnusedInternal() throws Exception {
// PREPARE
RemoteIpFilter remoteIpFilter = new RemoteIpFilter();
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
filterDef.setFilter(remoteIpFilter);
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("proxy3");
request.setRemoteHost("remote-host-original-value");
request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2, proxy3", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例23
@Test
public void testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "127\\.0\\.0\\.1|192\\.168\\..*|another-internal-proxy");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.addHeader("x-forwarded-for", "140.211.11.130");
request.addHeader("x-forwarded-for", "proxy1");
request.addHeader("x-forwarded-for", "proxy2");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例24
@Test
public void testInvokeAllProxiesAreTrustedOrInternal() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
示例25
@Test
public void testInvokeNotAllowedRemoteAddr() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("not-allowed-internal-proxy");
request.setRemoteHost("not-allowed-internal-proxy-host");
request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertEquals("x-forwarded-for must be unchanged", "140.211.11.130, proxy1, proxy2", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertNull("x-forwarded-by must be null", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "not-allowed-internal-proxy", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "not-allowed-internal-proxy-host", actualRemoteHost);
}
示例26
@Test
public void testInvokeUntrustedProxyInTheChain() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, untrusted-proxy, proxy2");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor);
String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2", actualXForwardedBy);
String actualRemoteAddr = actualRequest.getRemoteAddr();
Assert.assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);
String actualRemoteHost = actualRequest.getRemoteHost();
Assert.assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost);
}
示例27
@Test
public void testInvokeXforwardedHost() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("hostHeader", "x-forwarded-host");
filterDef.addInitParameter("portHeader", "x-forwarded-port");
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
MockHttpServletRequest request = new MockHttpServletRequest();
// client ip
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("192.168.0.10");
// protocol
request.setSecure(false);
request.setServerPort(8080);
request.setScheme("http");
// host and port
request.getCoyoteRequest().serverName().setString("10.0.0.1");
request.setHeader("x-forwarded-host", "example.com");
request.setHeader("x-forwarded-port", "8443");
request.setHeader("x-forwarded-proto", "https");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
// protocol
String actualServerName = actualRequest.getServerName();
Assert.assertEquals("postInvoke serverName", "example.com", actualServerName);
String actualScheme = actualRequest.getScheme();
Assert.assertEquals("postInvoke scheme", "https", actualScheme);
int actualServerPort = actualRequest.getServerPort();
Assert.assertEquals("postInvoke serverPort", 8443, actualServerPort);
boolean actualSecure = actualRequest.isSecure();
Assert.assertTrue("postInvoke secure", actualSecure);
}
示例28
@Test
public void testInvokeXforwardedHostAndPort() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("hostHeader", "x-forwarded-host");
filterDef.addInitParameter("portHeader", "x-forwarded-port");
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
MockHttpServletRequest request = new MockHttpServletRequest();
// client ip
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("192.168.0.10");
// protocol
request.setSecure(false);
request.setServerPort(8080);
request.setScheme("http");
// host and port
request.getCoyoteRequest().serverName().setString("10.0.0.1");
request.setHeader("x-forwarded-host", "example.com:8443");
request.setHeader("x-forwarded-proto", "https");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
// protocol
String actualServerName = actualRequest.getServerName();
Assert.assertEquals("postInvoke serverName", "example.com", actualServerName);
String actualScheme = actualRequest.getScheme();
Assert.assertEquals("postInvoke scheme", "https", actualScheme);
int actualServerPort = actualRequest.getServerPort();
Assert.assertEquals("postInvoke serverPort", 443, actualServerPort);
boolean actualSecure = actualRequest.isSecure();
Assert.assertTrue("postInvoke secure", actualSecure);
}
示例29
@Test
public void testRequestAttributesForAccessLog() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
filterDef.addInitParameter("remoteIpHeader", "x-my-forwarded-for");
filterDef.addInitParameter("httpServerPort", "8080");
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRemoteAddr("192.168.0.10");
request.setHeader("x-my-forwarded-for", "140.211.11.130");
request.setHeader("x-forwarded-proto", "http");
// TEST
HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
// VERIFY
Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort",
Integer.valueOf(8080),
actualRequest.getAttribute(AccessLog.SERVER_PORT_ATTRIBUTE));
Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr",
"140.211.11.130",
actualRequest.getAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE));
Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost",
"140.211.11.130",
actualRequest.getAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE));
}
示例30
@Test
public void testBug54170() throws Exception {
Tomcat tomcat = getTomcatInstance();
// No file system docBase required
Context ctx = tomcat.addContext("", null);
Tomcat.addServlet(ctx, "HelloWorld", new HelloWorldServlet());
ctx.addServletMappingDecoded("/", "HelloWorld");
// Add a filter with a name that should be escaped if used in a JMX
// object name
FilterDef filterDef = new FilterDef();
filterDef.setFilterClass(AddDefaultCharsetFilter.class.getName());
filterDef.setFilterName("bug54170*");
ctx.addFilterDef(filterDef);
tomcat.start();
final MBeanServer mbeanServer =
Registry.getRegistry(null, null).getMBeanServer();
// There should be one Servlet MBean registered
Set<ObjectName> servlets = mbeanServer.queryNames(
new ObjectName("Tomcat:j2eeType=Servlet,*"), null);
Assert.assertEquals(1, servlets.size());
// There should be one Filter MBean registered
Set<ObjectName> filters = mbeanServer.queryNames(
new ObjectName("Tomcat:j2eeType=Filter,*"), null);
Assert.assertEquals(1, filters.size());
}
