Example 26 with Request
use of org.apache.catalina.connector.Request in project tomcat by apache.
the class TestRemoteIpValve method testInvokeXforwardedHost.
@Test
public void testInvokeXforwardedHost() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setHostHeader("x-forwarded-host");
remoteIpValve.setPortHeader("x-forwarded-port");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("192.168.0.10");
// protocol
request.setSecure(false);
request.setServerPort(8080);
request.getCoyoteRequest().scheme().setString("http");
// host and port
request.getCoyoteRequest().serverName().setString("10.0.0.1");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-host").setString("example.com:8443");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-port").setString("8443");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
// protocol
String actualServerName = remoteAddrAndHostTrackerValve.getServerName();
Assert.assertEquals("tracked serverName", "example.com", actualServerName);
String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
Assert.assertEquals("tracked scheme", "https", actualScheme);
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
Assert.assertEquals("tracked serverPort", 8443, actualServerPort);
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
Assert.assertTrue("tracked secure", actualSecure);
String actualPostInvokeServerName = request.getServerName();
Assert.assertEquals("postInvoke serverName", "10.0.0.1", actualPostInvokeServerName);
boolean actualPostInvokeSecure = request.isSecure();
Assert.assertFalse("postInvoke secure", actualPostInvokeSecure);
int actualPostInvokeServerPort = request.getServerPort();
Assert.assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort);
String actualPostInvokeScheme = request.getScheme();
Assert.assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
}Example 27 with Request
use of org.apache.catalina.connector.Request in project tomcat by apache.
the class TestRemoteIpValve method performXForwardedProtoWithMultipleForwardsTest.
private void performXForwardedProtoWithMultipleForwardsTest(String incomingHeaderValue, boolean arrivesAsSecure, boolean shouldBeSecure) throws Exception {
// PREPARE
String incomingScheme = arrivesAsSecure ? "https" : "http";
String expectedScheme = shouldBeSecure ? "https" : "http";
int incomingServerPort = arrivesAsSecure ? 8443 : 8080;
int expectedServerPort = shouldBeSecure ? 443 : 80;
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("192.168.0.10");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
// protocol
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString(incomingHeaderValue);
request.setSecure(arrivesAsSecure);
request.setServerPort(incomingServerPort);
request.getCoyoteRequest().scheme().setString(incomingScheme);
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
// client ip
String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);
// protocol
String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedScheme, actualScheme);
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedServerPort, actualServerPort);
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
Assert.assertEquals("x-forwarded-proto says " + expectedScheme, Boolean.valueOf(shouldBeSecure), Boolean.valueOf(actualSecure));
boolean actualPostInvokeSecure = request.isSecure();
Assert.assertEquals("postInvoke secure", Boolean.valueOf(arrivesAsSecure), Boolean.valueOf(actualPostInvokeSecure));
int actualPostInvokeServerPort = request.getServerPort();
Assert.assertEquals("postInvoke serverPort", incomingServerPort, actualPostInvokeServerPort);
String actualPostInvokeScheme = request.getScheme();
Assert.assertEquals("postInvoke scheme", incomingScheme, actualPostInvokeScheme);
}
Also used :
Request(org.apache.catalina.connector.Request)
Example 28 with Request
use of org.apache.catalina.connector.Request in project tomcat by apache.
the class TestRemoteIpValve method testRequestForwarded.
@Test
public void testRequestForwarded() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("192.168.0.10");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
// protocol
request.setServerPort(8080);
request.getCoyoteRequest().scheme().setString("http");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
Assert.assertEquals("org.apache.tomcat.request.forwarded", Boolean.TRUE, request.getAttribute(Globals.REQUEST_FORWARDED_ATTRIBUTE));
}Example 29 with Request
use of org.apache.catalina.connector.Request in project tomcat by apache.
the class TestRemoteIpValve method testInvokeAllProxiesAreTrustedEmptyInternal.
@Test
public void testInvokeAllProxiesAreTrustedEmptyInternal() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("");
remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("proxy3");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1,proxy2,proxy3", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
Assert.assertEquals("postInvoke remoteAddr", "proxy3", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}Example 30 with Request
use of org.apache.catalina.connector.Request in project tomcat by apache.
the class TestRemoteIpValve method testInvokeAllowedRemoteAddrWithNullRemoteIpHeader.
@Test
public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10, 192\\.168\\.0\\.11");
remoteIpValve.setTrustedProxies("proxy1, proxy2, proxy3");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
Assert.assertNull("x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = request.getHeader("x-forwarded-by");
Assert.assertNull("x-forwarded-by must be null", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "192.168.0.10", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
Assert.assertEquals("remoteHost", "remote-host-original-value", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}Aggregations
Request (org.apache.catalina.connector.Request)80
Test (org.junit.Test)44
Response (org.apache.catalina.connector.Response)16
HttpServletRequest (javax.servlet.http.HttpServletRequest)14
IOException (java.io.IOException)9
HttpSession (javax.servlet.http.HttpSession)9
Context (org.apache.catalina.Context)9
ServletRequest (javax.servlet.ServletRequest)8
Valve (org.apache.catalina.Valve)7
RequestFacade (org.apache.catalina.connector.RequestFacade)7
TesterContext (org.apache.tomcat.unittest.TesterContext)7
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)5
HttpSession (jakarta.servlet.http.HttpSession)5
ServletException (javax.servlet.ServletException)5
Connector (org.apache.catalina.connector.Connector)5
ServletRequest (jakarta.servlet.ServletRequest)4
TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)4
ServletRequestWrapper (javax.servlet.ServletRequestWrapper)3
LifecycleException (org.apache.catalina.LifecycleException)3
ServletException (jakarta.servlet.ServletException)2
