Examples with FilterDef org.apache.tomcat.util.descriptor.web.FilterDef used on opensource projects

Search in sources :

Example 6 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testInvokeAllProxiesAreInternal.

@Test
public void testInvokeAllProxiesAreInternal() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
    filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
    filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.addHeader("x-forwarded-for", "140.211.11.130, 192.168.0.10, 192.168.0.11");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
    assertNull("all proxies are internal, x-forwarded-for must be null", actualXForwardedFor);
    String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
    assertNull("all proxies are internal, x-forwarded-by must be null", actualXForwardedBy);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 7 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testInvokeAllProxiesAreTrusted.

@Test
public void testInvokeAllProxiesAreTrusted() throws Exception {
    // PREPARE
    RemoteIpFilter remoteIpFilter = new RemoteIpFilter();
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
    filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
    filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
    filterDef.setFilter(remoteIpFilter);
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
    assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
    String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
    assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 8 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithCustomValues.

@Test
public void testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithCustomValues() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
    filterDef.addInitParameter("remoteIpHeader", "x-my-forwarded-for");
    filterDef.addInitParameter("httpServerPort", "8080");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setSecure(true);
    request.setScheme("https");
    request.setHeader("x-my-forwarded-for", "140.211.11.130");
    request.setHeader("x-forwarded-proto", "http");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    boolean actualSecure = actualRequest.isSecure();
    assertFalse("request must be unsecured as header x-forwarded-proto said it is http", actualSecure);
    String actualScheme = actualRequest.getScheme();
    assertEquals("scheme must be http as header x-forwarded-proto said it is http", "http", actualScheme);
    int actualServerPort = actualRequest.getServerPort();
    assertEquals("wrong http server port", 8080, actualServerPort);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 9 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testInvokeNotAllowedRemoteAddr.

@Test
public void testInvokeNotAllowedRemoteAddr() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
    filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
    filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("not-allowed-internal-proxy");
    request.setRemoteHost("not-allowed-internal-proxy-host");
    request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
    assertEquals("x-forwarded-for must be unchanged", "140.211.11.130, proxy1, proxy2", actualXForwardedFor);
    String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
    assertNull("x-forwarded-by must be null", actualXForwardedBy);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "not-allowed-internal-proxy", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "not-allowed-internal-proxy-host", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 10 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testInvokeAllProxiesAreTrustedOrInternal.

@Test
public void testInvokeAllProxiesAreTrustedOrInternal() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
    filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
    filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
    assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
    String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
    assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Aggregations

FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)32 Test (org.junit.Test)16 FilterMap (org.apache.tomcat.util.descriptor.web.FilterMap)14 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)11 Context (org.apache.catalina.Context)8 HashMap (java.util.HashMap)7 Tomcat (org.apache.catalina.startup.Tomcat)5 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)4 File (java.io.File)3 Container (org.apache.catalina.Container)3 JavaClassCacheEntry (org.apache.catalina.startup.ContextConfig.JavaClassCacheEntry)3 IOException (java.io.IOException)2 HttpURLConnection (java.net.HttpURLConnection)2 URL (java.net.URL)2 List (java.util.List)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 Wrapper (org.apache.catalina.Wrapper)2 ErrorPage (org.apache.tomcat.util.descriptor.web.ErrorPage)2 WebXml (org.apache.tomcat.util.descriptor.web.WebXml)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial