Search in sources :

Example 56 with MessageBytes

use of org.apache.tomcat.util.buf.MessageBytes in project nzbhydra2 by theotherp.

the class HydraEmbeddedServletContainer method customize.

@Override
public void customize(ConfigurableEmbeddedServletContainer container) {
    if (!(container instanceof TomcatEmbeddedServletContainerFactory)) {
        // Is the case in tests
        return;
    }
    TomcatEmbeddedServletContainerFactory containerFactory = (TomcatEmbeddedServletContainerFactory) container;
    containerFactory.addContextValves(new ValveBase() {

        @Override
        public void invoke(Request request, Response response) throws IOException, ServletException {
            int originalPort = -1;
            final String forwardedPort = request.getHeader("X-Forwarded-Port");
            if (forwardedPort != null) {
                try {
                    originalPort = request.getServerPort();
                    request.setServerPort(Integer.valueOf(forwardedPort));
                } catch (final NumberFormatException e) {
                    logger.debug("ignoring forwarded port {}", forwardedPort);
                }
            }
            final MessageBytes serverNameMB = request.getCoyoteRequest().serverName();
            String originalServerName = null;
            String forwardedHost = request.getHeader("X-Forwarded-Host");
            if (forwardedHost == null) {
                forwardedHost = request.getHeader("host");
            }
            if (forwardedHost != null) {
                int colonIndex = forwardedHost.indexOf(":");
                if (colonIndex > -1) {
                    if (originalPort == -1) {
                        originalPort = request.getServerPort();
                    }
                    request.setServerPort(Integer.valueOf(forwardedHost.substring(colonIndex + 1)));
                    forwardedHost = forwardedHost.substring(0, colonIndex);
                }
                originalServerName = serverNameMB.getString();
                serverNameMB.setString(forwardedHost);
            }
            Boolean originallySecure = null;
            final String forwardedProto = request.getHeader("X-Forwarded-Proto");
            if (forwardedProto != null) {
                originallySecure = request.isSecure();
                request.setSecure(forwardedProto.equalsIgnoreCase("https"));
            }
            try {
                getNext().invoke(request, response);
            } finally {
                if (originallySecure != null) {
                    request.setSecure(originallySecure);
                }
                if (forwardedHost != null) {
                    serverNameMB.setString(originalServerName);
                }
                if (forwardedPort != null) {
                    request.setServerPort(originalPort);
                }
            }
        }
    });
    ((TomcatEmbeddedServletContainerFactory) container).addContextCustomizers(context -> context.setMapperContextRootRedirectEnabled(true));
}
Also used : Response(org.apache.catalina.connector.Response) ServletException(javax.servlet.ServletException) TomcatEmbeddedServletContainerFactory(org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory) Request(org.apache.catalina.connector.Request) MessageBytes(org.apache.tomcat.util.buf.MessageBytes) ValveBase(org.apache.catalina.valves.ValveBase) IOException(java.io.IOException)

Example 57 with MessageBytes

use of org.apache.tomcat.util.buf.MessageBytes in project tomcat by apache.

the class BasicAuthenticator method doAuthenticate.

@Override
protected boolean doAuthenticate(Request request, HttpServletResponse response) throws IOException {
    if (checkForCachedAuthentication(request, response, true)) {
        return true;
    }
    // Validate any credentials already included with this request
    MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders().getValue("authorization");
    if (authorization != null) {
        authorization.toBytes();
        ByteChunk authorizationBC = authorization.getByteChunk();
        BasicCredentials credentials = null;
        try {
            credentials = new BasicCredentials(authorizationBC, charset, getTrimCredentials());
            String username = credentials.getUsername();
            String password = credentials.getPassword();
            Principal principal = context.getRealm().authenticate(username, password);
            if (principal != null) {
                register(request, response, principal, HttpServletRequest.BASIC_AUTH, username, password);
                return true;
            }
        } catch (IllegalArgumentException iae) {
            if (log.isDebugEnabled()) {
                log.debug("Invalid Authorization" + iae.getMessage());
            }
        }
    }
    // the request could not be authenticated, so reissue the challenge
    StringBuilder value = new StringBuilder(16);
    value.append("Basic realm=\"");
    value.append(getRealmName(context));
    value.append('\"');
    if (charsetString != null && !charsetString.isEmpty()) {
        value.append(", charset=");
        value.append(charsetString);
    }
    response.setHeader(AUTH_HEADER_NAME, value.toString());
    response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
    return false;
}
Also used : ByteChunk(org.apache.tomcat.util.buf.ByteChunk) MessageBytes(org.apache.tomcat.util.buf.MessageBytes) Principal(java.security.Principal)

Example 58 with MessageBytes

use of org.apache.tomcat.util.buf.MessageBytes in project tomcat by apache.

the class StandardContextValve method invoke.

/**
 * Select the appropriate child Wrapper to process this request,
 * based on the specified request URI.  If no matching Wrapper can
 * be found, return an appropriate HTTP error.
 *
 * @param request Request to be processed
 * @param response Response to be produced
 *
 * @exception IOException if an input/output error occurred
 * @exception ServletException if a servlet error occurred
 */
@Override
public final void invoke(Request request, Response response) throws IOException, ServletException {
    // Disallow any direct access to resources under WEB-INF or META-INF
    MessageBytes requestPathMB = request.getRequestPathMB();
    if ((requestPathMB.startsWithIgnoreCase("/META-INF/", 0)) || (requestPathMB.equalsIgnoreCase("/META-INF")) || (requestPathMB.startsWithIgnoreCase("/WEB-INF/", 0)) || (requestPathMB.equalsIgnoreCase("/WEB-INF"))) {
        response.sendError(HttpServletResponse.SC_NOT_FOUND);
        return;
    }
    // Select the Wrapper to be used for this Request
    Wrapper wrapper = request.getWrapper();
    if (wrapper == null || wrapper.isUnavailable()) {
        response.sendError(HttpServletResponse.SC_NOT_FOUND);
        return;
    }
    // Acknowledge the request
    try {
        response.sendAcknowledgement(ContinueResponseTiming.IMMEDIATELY);
    } catch (IOException ioe) {
        container.getLogger().error(sm.getString("standardContextValve.acknowledgeException"), ioe);
        request.setAttribute(RequestDispatcher.ERROR_EXCEPTION, ioe);
        response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        return;
    }
    if (request.isAsyncSupported()) {
        request.setAsyncSupported(wrapper.getPipeline().isAsyncSupported());
    }
    wrapper.getPipeline().getFirst().invoke(request, response);
}
Also used : Wrapper(org.apache.catalina.Wrapper) MessageBytes(org.apache.tomcat.util.buf.MessageBytes) IOException(java.io.IOException)

Example 59 with MessageBytes

use of org.apache.tomcat.util.buf.MessageBytes in project tomcat by apache.

the class Stream method prepareRequest.

private void prepareRequest() {
    MessageBytes hostValueMB = coyoteRequest.getMimeHeaders().getUniqueValue("host");
    if (hostValueMB == null) {
        throw new IllegalArgumentException();
    }
    // This processing expects bytes. Server push will have used a String
    // to trigger a conversion if required.
    hostValueMB.toBytes();
    ByteChunk valueBC = hostValueMB.getByteChunk();
    byte[] valueB = valueBC.getBytes();
    int valueL = valueBC.getLength();
    int valueS = valueBC.getStart();
    int colonPos = Host.parse(hostValueMB);
    if (colonPos != -1) {
        int port = 0;
        for (int i = colonPos + 1; i < valueL; i++) {
            char c = (char) valueB[i + valueS];
            if (c < '0' || c > '9') {
                throw new IllegalArgumentException();
            }
            port = port * 10 + c - '0';
        }
        coyoteRequest.setServerPort(port);
        // Only need to copy the host name up to the :
        valueL = colonPos;
    }
    // Extract the host name
    char[] hostNameC = new char[valueL];
    for (int i = 0; i < valueL; i++) {
        hostNameC[i] = (char) valueB[i + valueS];
    }
    coyoteRequest.serverName().setChars(hostNameC, 0, valueL);
}
Also used : ByteChunk(org.apache.tomcat.util.buf.ByteChunk) MessageBytes(org.apache.tomcat.util.buf.MessageBytes)

Example 60 with MessageBytes

use of org.apache.tomcat.util.buf.MessageBytes in project tomcat by apache.

the class TestCoyoteAdapter method doTestNormalize.

private void doTestNormalize(String input, String expected) {
    MessageBytes mb = MessageBytes.newInstance();
    byte[] b = input.getBytes(StandardCharsets.UTF_8);
    // Need to allow an extra byte in case '/' is appended during processing
    byte[] b2 = new byte[b.length + 1];
    System.arraycopy(b, 0, b2, 0, b.length);
    mb.setBytes(b2, 0, b.length);
    boolean result = CoyoteAdapter.normalize(mb, false);
    mb.toString();
    if (expected == null) {
        Assert.assertFalse(result);
    } else {
        Assert.assertTrue(result);
        Assert.assertEquals(expected, mb.toString());
    }
}
Also used : MessageBytes(org.apache.tomcat.util.buf.MessageBytes)

Aggregations

MessageBytes (org.apache.tomcat.util.buf.MessageBytes)73 MimeHeaders (org.apache.tomcat.util.http.MimeHeaders)15 ByteChunk (org.apache.tomcat.util.buf.ByteChunk)14 IOException (java.io.IOException)11 Test (org.junit.Test)11 Context (org.apache.catalina.Context)10 LoggingBaseTest (org.apache.catalina.startup.LoggingBaseTest)8 Pattern (java.util.regex.Pattern)6 AbstractEndpoint (org.apache.tomcat.util.net.AbstractEndpoint)6 Principal (java.security.Principal)5 Wrapper (org.apache.catalina.Wrapper)5 CharChunk (org.apache.tomcat.util.buf.CharChunk)5 Host (org.apache.catalina.Host)4 ServletException (jakarta.servlet.ServletException)3 Cookie (jakarta.servlet.http.Cookie)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)3 HashSet (java.util.HashSet)3 ServletException (javax.servlet.ServletException)3 Cookie (javax.servlet.http.Cookie)3 Container (org.apache.catalina.Container)3