Example 1 with RemoteIP
use of com.zimbra.common.util.RemoteIP in project zm-mailbox by Zimbra.
the class TestRemoteIP method testNoXForwardedHeaders.
@Test
public void testNoXForwardedHeaders() throws UnsupportedEncodingException, MalformedURLException {
HashMap<String, String> headers = new HashMap<String, String>();
MockHttpServletRequest req = new MockHttpServletRequest("test".getBytes("UTF-8"), new URL("http://localhost:7070/service/FooRequest"), "", 80, "192.168.1.1", headers);
RemoteIP remoteIp = new RemoteIP(req, new RemoteIP.TrustedIPs(new String[] { "192.168.1.1" }));
assertNull("originating IP should be null", remoteIp.getOrigIP());
assertNull("originating port should be null", remoteIp.getOrigPort());
assertNull("originating protocol should be null", remoteIp.getOrigProto());
assertEquals("wrong request IP", "192.168.1.1", remoteIp.getRequestIP());
assertEquals("wrong request port", "80", remoteIp.getRequestPort().toString());
assertEquals("wrong client IP", "192.168.1.1", remoteIp.getClientIP());
assertEquals("wrong client port", "80", remoteIp.getClientPort().toString());
}
Also used :
HashMap(java.util.HashMap)
RemoteIP(com.zimbra.common.util.RemoteIP)
MockHttpServletRequest(com.zimbra.cs.service.MockHttpServletRequest)
URL(java.net.URL)
Test(org.junit.Test)
Example 2 with RemoteIP
use of com.zimbra.common.util.RemoteIP in project zm-mailbox by Zimbra.
the class TestRemoteIP method testNonTrustedIPLogString.
@Test
public void testNonTrustedIPLogString() throws Exception {
HashMap<String, String> headers = new HashMap<String, String>();
headers.put(RemoteIP.X_ORIGINATING_IP_HEADER, "172.16.150.11");
headers.put(RemoteIP.X_ORIGINATING_PORT_HEADER, "8080");
headers.put(RemoteIP.X_ORIGINATING_PROTOCOL_HEADER, "IMAP");
MockHttpServletRequest req = new MockHttpServletRequest("test".getBytes("UTF-8"), new URL("http://localhost:7070/service/FooRequest"), "", 80, "10.10.1.1", headers);
RemoteIP remoteIp = new RemoteIP(req, new RemoteIP.TrustedIPs(new String[] { "192.168.1.1" }));
remoteIp.addToLoggingContext();
String updatedLogContext = ZimbraLog.getContextString();
// we should ignore X-Forwarded-XXX headers from non-trusted clients
assertTrue(updatedLogContext.indexOf("oip=172.16.150.11") == -1);
assertTrue(updatedLogContext.indexOf("oport=8080") == -1);
assertTrue(updatedLogContext.indexOf("ip=10.10.1.1") > -1);
assertTrue(updatedLogContext.indexOf("port=80") > -1);
assertTrue(updatedLogContext.indexOf("oproto=IMAP") == -1);
}
Also used :
HashMap(java.util.HashMap)
RemoteIP(com.zimbra.common.util.RemoteIP)
MockHttpServletRequest(com.zimbra.cs.service.MockHttpServletRequest)
URL(java.net.URL)
Test(org.junit.Test)
Example 3 with RemoteIP
use of com.zimbra.common.util.RemoteIP in project zm-mailbox by Zimbra.
the class ThrottlingFilter method doFilter.
@Override
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
HttpServletRequest hreq = (HttpServletRequest) req;
HttpServletResponse hresp = (HttpServletResponse) resp;
HttpSession session = hreq.getSession(false);
// always get the latest value from LC
int max = LC.servlet_max_concurrent_requests_per_session.intValue();
if (session == null || max <= 0) {
// don't throttle if no session or disabled
chain.doFilter(req, resp);
return;
}
Semaphore tracker = sid2tracker.get(session.getId());
if (tracker == null) {
tracker = new Semaphore(max);
Semaphore exist = sid2tracker.putIfAbsent(session.getId(), tracker);
if (exist == null) {
// absent
session.setAttribute(getClass().getName(), new SessionBindingListener());
} else {
tracker = exist;
}
}
if (tracker.tryAcquire()) {
try {
chain.doFilter(req, resp);
} finally {
tracker.release();
}
} else {
new RemoteIP(hreq, ZimbraServlet.getTrustedIPs()).addToLoggingContext();
ZimbraLog.addToContext("jsessionid", session.getId());
ZimbraLog.misc.warn("too many concurrent HTTP requests");
ZimbraLog.clearContext();
hresp.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE, "too many concurrent HTTP requests");
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpSessionBindingListener(javax.servlet.http.HttpSessionBindingListener)
RemoteIP(com.zimbra.common.util.RemoteIP)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Semaphore(java.util.concurrent.Semaphore)
Example 4 with RemoteIP
use of com.zimbra.common.util.RemoteIP in project zm-mailbox by Zimbra.
the class TestRemoteIP method testTrustedIPLogString.
@Test
public void testTrustedIPLogString() throws Exception {
HashMap<String, String> headers = new HashMap<String, String>();
headers.put(RemoteIP.X_ORIGINATING_IP_HEADER, "172.16.150.11");
headers.put(RemoteIP.X_ORIGINATING_PORT_HEADER, "8080");
headers.put(RemoteIP.X_ORIGINATING_PROTOCOL_HEADER, "IMAP");
MockHttpServletRequest req = new MockHttpServletRequest("test".getBytes("UTF-8"), new URL("http://localhost:7070/service/FooRequest"), "", 80, "192.168.1.1", headers);
RemoteIP remoteIp = new RemoteIP(req, new RemoteIP.TrustedIPs(new String[] { "192.168.1.1" }));
remoteIp.addToLoggingContext();
String updatedLogContext = ZimbraLog.getContextString();
assertTrue(updatedLogContext.indexOf("oip=172.16.150.11") > -1);
assertTrue(updatedLogContext.indexOf("oport=8080") > -1);
assertTrue(updatedLogContext.indexOf("ip=172.16.150.11") > -1);
assertTrue(updatedLogContext.indexOf("port=8080") > -1);
assertTrue(updatedLogContext.indexOf("oproto=IMAP") > -1);
}
Also used :
HashMap(java.util.HashMap)
RemoteIP(com.zimbra.common.util.RemoteIP)
MockHttpServletRequest(com.zimbra.cs.service.MockHttpServletRequest)
URL(java.net.URL)
Test(org.junit.Test)
Example 5 with RemoteIP
use of com.zimbra.common.util.RemoteIP in project zm-mailbox by Zimbra.
the class TestRemoteIP method testNonTrustedClientIPRemoteIP.
@Test
public void testNonTrustedClientIPRemoteIP() throws UnsupportedEncodingException, MalformedURLException {
HashMap<String, String> headers = new HashMap<String, String>();
headers.put(RemoteIP.X_ORIGINATING_PROTOCOL_HEADER, "IMAP");
MockHttpServletRequest req = new MockHttpServletRequest("test".getBytes("UTF-8"), new URL("http://localhost:7070/service/FooRequest"), "", 80, "10.10.1.1", headers);
RemoteIP remoteIp = new RemoteIP(req, new RemoteIP.TrustedIPs(new String[] { "192.168.1.1" }));
// we should ignore X-Forwarded-XXX headers from non-trusted clients
assertNull("originating IP should be null", remoteIp.getOrigIP());
assertNull("originating port should be null", remoteIp.getOrigPort());
assertNull("originating protocol should be null", remoteIp.getOrigProto());
assertEquals("wrong request IP", "10.10.1.1", remoteIp.getRequestIP());
assertEquals("wrong request port", "80", remoteIp.getRequestPort().toString());
assertEquals("wrong client IP", "10.10.1.1", remoteIp.getClientIP());
assertEquals("wrong client port", "80", remoteIp.getClientPort().toString());
}
Also used :
HashMap(java.util.HashMap)
RemoteIP(com.zimbra.common.util.RemoteIP)
MockHttpServletRequest(com.zimbra.cs.service.MockHttpServletRequest)
URL(java.net.URL)
Test(org.junit.Test)
Aggregations
RemoteIP (com.zimbra.common.util.RemoteIP)9
HashMap (java.util.HashMap)6
MockHttpServletRequest (com.zimbra.cs.service.MockHttpServletRequest)5
URL (java.net.URL)5
Test (org.junit.Test)5
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpServletResponse (javax.servlet.http.HttpServletResponse)2
ServiceException (com.zimbra.common.service.ServiceException)1
Element (com.zimbra.common.soap.Element)1
BufferStream (com.zimbra.common.util.BufferStream)1
EOFException (java.io.EOFException)1
Semaphore (java.util.concurrent.Semaphore)1
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1
HttpSession (javax.servlet.http.HttpSession)1
HttpSessionBindingListener (javax.servlet.http.HttpSessionBindingListener)1
