Examples with FilterDef org.apache.tomcat.util.descriptor.web.FilterDef used on opensource projects

Search in sources :

Example 21 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithDefaultValues.

@Test
public void testIncomingRequestIsSecuredButProtocolHeaderSaysItIsNotWithDefaultValues() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setSecure(true);
    request.setScheme("https");
    request.setHeader("x-forwarded-for", "140.211.11.130");
    request.setHeader("x-forwarded-proto", "http");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    boolean actualSecure = actualRequest.isSecure();
    assertFalse("request must be unsecured as header x-forwarded-proto said it is http", actualSecure);
    String actualScheme = actualRequest.getScheme();
    assertEquals("scheme must be http as header x-forwarded-proto said it is http", "http", actualScheme);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 22 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRestCsrfPreventionFilter2 method setUpApplication.

private void setUpApplication() throws Exception {
    context = tomcat.addContext(CONTEXT_PATH_LOGIN, System.getProperty("java.io.tmpdir"));
    context.setSessionTimeout(SHORT_SESSION_TIMEOUT_MINS);
    Tomcat.addServlet(context, SERVLET_NAME, new TesterServlet());
    context.addServletMappingDecoded(URI_PROTECTED, SERVLET_NAME);
    FilterDef filterDef = new FilterDef();
    filterDef.setFilterName(FILTER_NAME);
    filterDef.setFilterClass(RestCsrfPreventionFilter.class.getCanonicalName());
    filterDef.addInitParameter(FILTER_INIT_PARAM, REMOVE_CUSTOMER + "," + ADD_CUSTOMER);
    context.addFilterDef(filterDef);
    FilterMap filterMap = new FilterMap();
    filterMap.setFilterName(FILTER_NAME);
    filterMap.addURLPatternDecoded(URI_CSRF_PROTECTED);
    context.addFilterMap(filterMap);
    SecurityCollection collection = new SecurityCollection();
    collection.addPatternDecoded(URI_PROTECTED);
    SecurityConstraint sc = new SecurityConstraint();
    sc.addAuthRole(ROLE);
    sc.addCollection(collection);
    context.addConstraint(sc);
    LoginConfig lc = new LoginConfig();
    lc.setAuthMethod(METHOD);
    context.setLoginConfig(lc);
    AuthenticatorBase basicAuthenticator = new BasicAuthenticator();
    context.getPipeline().addValve(basicAuthenticator);
}
Also used : AuthenticatorBase(org.apache.catalina.authenticator.AuthenticatorBase) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) FilterMap(org.apache.tomcat.util.descriptor.web.FilterMap) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection)

Example 23 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestExpiresFilter method validate.

protected void validate(HttpServlet servlet, Integer expectedMaxAgeInSeconds, int expectedResponseStatusCode) throws Exception {
    // SETUP
    Tomcat tomcat = getTomcatInstance();
    Context root = tomcat.addContext("", TEMP_DIR);
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("ExpiresDefault", "access plus 1 minute");
    filterDef.addInitParameter("ExpiresByType text/xml;charset=utf-8", "access plus 3 minutes");
    filterDef.addInitParameter("ExpiresByType text/xml", "access plus 5 minutes");
    filterDef.addInitParameter("ExpiresByType text", "access plus 7 minutes");
    filterDef.addInitParameter("ExpiresExcludedResponseStatusCodes", "304, 503");
    filterDef.setFilterClass(ExpiresFilter.class.getName());
    filterDef.setFilterName(ExpiresFilter.class.getName());
    root.addFilterDef(filterDef);
    FilterMap filterMap = new FilterMap();
    filterMap.setFilterName(ExpiresFilter.class.getName());
    filterMap.addURLPatternDecoded("*");
    root.addFilterMap(filterMap);
    Tomcat.addServlet(root, servlet.getClass().getName(), servlet);
    root.addServletMappingDecoded("/test", servlet.getClass().getName());
    tomcat.start();
    try {
        Calendar.getInstance(TimeZone.getTimeZone("GMT"));
        long timeBeforeInMillis = System.currentTimeMillis();
        // TEST
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("http://localhost:" + tomcat.getConnector().getLocalPort() + "/test").openConnection();
        // VALIDATE
        Assert.assertEquals(expectedResponseStatusCode, httpURLConnection.getResponseCode());
        StringBuilder msg = new StringBuilder();
        for (Entry<String, List<String>> field : httpURLConnection.getHeaderFields().entrySet()) {
            for (String value : field.getValue()) {
                msg.append((field.getKey() == null ? "" : field.getKey() + ": ") + value + "\n");
            }
        }
        System.out.println(msg);
        Integer actualMaxAgeInSeconds;
        String cacheControlHeader = httpURLConnection.getHeaderField("Cache-Control");
        if (cacheControlHeader == null) {
            actualMaxAgeInSeconds = null;
        } else {
            actualMaxAgeInSeconds = null;
            StringTokenizer cacheControlTokenizer = new StringTokenizer(cacheControlHeader, ",");
            while (cacheControlTokenizer.hasMoreTokens() && actualMaxAgeInSeconds == null) {
                String cacheDirective = cacheControlTokenizer.nextToken();
                StringTokenizer cacheDirectiveTokenizer = new StringTokenizer(cacheDirective, "=");
                if (cacheDirectiveTokenizer.countTokens() == 2) {
                    String key = cacheDirectiveTokenizer.nextToken().trim();
                    String value = cacheDirectiveTokenizer.nextToken().trim();
                    if (key.equalsIgnoreCase("max-age")) {
                        actualMaxAgeInSeconds = Integer.valueOf(value);
                    }
                }
            }
        }
        if (expectedMaxAgeInSeconds == null) {
            Assert.assertNull("actualMaxAgeInSeconds '" + actualMaxAgeInSeconds + "' should be null", actualMaxAgeInSeconds);
            return;
        }
        Assert.assertNotNull(actualMaxAgeInSeconds);
        int deltaInSeconds = Math.abs(actualMaxAgeInSeconds.intValue() - expectedMaxAgeInSeconds.intValue());
        Assert.assertTrue("actualMaxAgeInSeconds: " + actualMaxAgeInSeconds + ", expectedMaxAgeInSeconds: " + expectedMaxAgeInSeconds + ", request time: " + timeBeforeInMillis + " for content type " + httpURLConnection.getContentType(), deltaInSeconds < 3);
    } finally {
        tomcat.stop();
    }
}
Also used : Context(org.apache.catalina.Context) Tomcat(org.apache.catalina.startup.Tomcat) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) FilterMap(org.apache.tomcat.util.descriptor.web.FilterMap) URL(java.net.URL) StartingPoint(org.apache.catalina.filters.ExpiresFilter.StartingPoint) StringTokenizer(java.util.StringTokenizer) HttpURLConnection(java.net.HttpURLConnection) List(java.util.List)

Example 24 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestExpiresFilter method testConfiguration.

@Test
public void testConfiguration() throws Exception {
    Tomcat tomcat = getTomcatInstance();
    Context root = tomcat.addContext("", TEMP_DIR);
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("ExpiresDefault", "access plus 1 month");
    filterDef.addInitParameter("ExpiresByType text/html", "access plus 1 month 15 days 2 hours");
    filterDef.addInitParameter("ExpiresByType image/gif", "modification plus 5 hours 3 minutes");
    filterDef.addInitParameter("ExpiresByType image/jpg", "A10000");
    filterDef.addInitParameter("ExpiresByType video/mpeg", "M20000");
    filterDef.addInitParameter("ExpiresExcludedResponseStatusCodes", "304, 503");
    ExpiresFilter expiresFilter = new ExpiresFilter();
    filterDef.setFilter(expiresFilter);
    filterDef.setFilterClass(ExpiresFilter.class.getName());
    filterDef.setFilterName(ExpiresFilter.class.getName());
    root.addFilterDef(filterDef);
    FilterMap filterMap = new FilterMap();
    filterMap.setFilterName(ExpiresFilter.class.getName());
    filterMap.addURLPatternDecoded("*");
    tomcat.start();
    try {
        // VERIFY EXCLUDED RESPONSE STATUS CODES
        int[] excludedResponseStatusCodes = expiresFilter.getExcludedResponseStatusCodesAsInts();
        Assert.assertEquals(2, excludedResponseStatusCodes.length);
        Assert.assertEquals(304, excludedResponseStatusCodes[0]);
        Assert.assertEquals(503, excludedResponseStatusCodes[1]);
        // VERIFY DEFAULT CONFIGURATION
        ExpiresConfiguration expiresConfigurationDefault = expiresFilter.getDefaultExpiresConfiguration();
        Assert.assertEquals(StartingPoint.ACCESS_TIME, expiresConfigurationDefault.getStartingPoint());
        Assert.assertEquals(1, expiresConfigurationDefault.getDurations().size());
        Assert.assertEquals(DurationUnit.MONTH, expiresConfigurationDefault.getDurations().get(0).getUnit());
        Assert.assertEquals(1, expiresConfigurationDefault.getDurations().get(0).getAmount());
        // VERIFY TEXT/HTML
        ExpiresConfiguration expiresConfigurationTextHtml = expiresFilter.getExpiresConfigurationByContentType().get("text/html");
        Assert.assertEquals(StartingPoint.ACCESS_TIME, expiresConfigurationTextHtml.getStartingPoint());
        Assert.assertEquals(3, expiresConfigurationTextHtml.getDurations().size());
        Duration oneMonth = expiresConfigurationTextHtml.getDurations().get(0);
        Assert.assertEquals(DurationUnit.MONTH, oneMonth.getUnit());
        Assert.assertEquals(1, oneMonth.getAmount());
        Duration fifteenDays = expiresConfigurationTextHtml.getDurations().get(1);
        Assert.assertEquals(DurationUnit.DAY, fifteenDays.getUnit());
        Assert.assertEquals(15, fifteenDays.getAmount());
        Duration twoHours = expiresConfigurationTextHtml.getDurations().get(2);
        Assert.assertEquals(DurationUnit.HOUR, twoHours.getUnit());
        Assert.assertEquals(2, twoHours.getAmount());
        // VERIFY IMAGE/GIF
        ExpiresConfiguration expiresConfigurationImageGif = expiresFilter.getExpiresConfigurationByContentType().get("image/gif");
        Assert.assertEquals(StartingPoint.LAST_MODIFICATION_TIME, expiresConfigurationImageGif.getStartingPoint());
        Assert.assertEquals(2, expiresConfigurationImageGif.getDurations().size());
        Duration fiveHours = expiresConfigurationImageGif.getDurations().get(0);
        Assert.assertEquals(DurationUnit.HOUR, fiveHours.getUnit());
        Assert.assertEquals(5, fiveHours.getAmount());
        Duration threeMinutes = expiresConfigurationImageGif.getDurations().get(1);
        Assert.assertEquals(DurationUnit.MINUTE, threeMinutes.getUnit());
        Assert.assertEquals(3, threeMinutes.getAmount());
        // VERIFY IMAGE/JPG
        ExpiresConfiguration expiresConfigurationImageJpg = expiresFilter.getExpiresConfigurationByContentType().get("image/jpg");
        Assert.assertEquals(StartingPoint.ACCESS_TIME, expiresConfigurationImageJpg.getStartingPoint());
        Assert.assertEquals(1, expiresConfigurationImageJpg.getDurations().size());
        Duration tenThousandSeconds = expiresConfigurationImageJpg.getDurations().get(0);
        Assert.assertEquals(DurationUnit.SECOND, tenThousandSeconds.getUnit());
        Assert.assertEquals(10000, tenThousandSeconds.getAmount());
        // VERIFY VIDEO/MPEG
        ExpiresConfiguration expiresConfiguration = expiresFilter.getExpiresConfigurationByContentType().get("video/mpeg");
        Assert.assertEquals(StartingPoint.LAST_MODIFICATION_TIME, expiresConfiguration.getStartingPoint());
        Assert.assertEquals(1, expiresConfiguration.getDurations().size());
        Duration twentyThousandSeconds = expiresConfiguration.getDurations().get(0);
        Assert.assertEquals(DurationUnit.SECOND, twentyThousandSeconds.getUnit());
        Assert.assertEquals(20000, twentyThousandSeconds.getAmount());
    } finally {
        tomcat.stop();
    }
}
Also used : Context(org.apache.catalina.Context) Tomcat(org.apache.catalina.startup.Tomcat) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) ExpiresConfiguration(org.apache.catalina.filters.ExpiresFilter.ExpiresConfiguration) Duration(org.apache.catalina.filters.ExpiresFilter.Duration) FilterMap(org.apache.tomcat.util.descriptor.web.FilterMap) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 25 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class ApplicationContext method addFilter.

private FilterRegistration.Dynamic addFilter(String filterName, String filterClass, Filter filter) throws IllegalStateException {
    if (filterName == null || filterName.equals("")) {
        throw new IllegalArgumentException(sm.getString("applicationContext.invalidFilterName", filterName));
    }
    if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
        //TODO Spec breaking enhancement to ignore this restriction
        throw new IllegalStateException(sm.getString("applicationContext.addFilter.ise", getContextPath()));
    }
    FilterDef filterDef = context.findFilterDef(filterName);
    // a name
    if (filterDef == null) {
        filterDef = new FilterDef();
        filterDef.setFilterName(filterName);
        context.addFilterDef(filterDef);
    } else {
        if (filterDef.getFilterName() != null && filterDef.getFilterClass() != null) {
            return null;
        }
    }
    if (filter == null) {
        filterDef.setFilterClass(filterClass);
    } else {
        filterDef.setFilterClass(filter.getClass().getName());
        filterDef.setFilter(filter);
    }
    return new ApplicationFilterRegistration(filterDef, context);
}
Also used : FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef)

Aggregations

FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)32 Test (org.junit.Test)16 FilterMap (org.apache.tomcat.util.descriptor.web.FilterMap)14 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)11 Context (org.apache.catalina.Context)8 HashMap (java.util.HashMap)7 Tomcat (org.apache.catalina.startup.Tomcat)5 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)4 File (java.io.File)3 Container (org.apache.catalina.Container)3 JavaClassCacheEntry (org.apache.catalina.startup.ContextConfig.JavaClassCacheEntry)3 IOException (java.io.IOException)2 HttpURLConnection (java.net.HttpURLConnection)2 URL (java.net.URL)2 List (java.util.List)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 Wrapper (org.apache.catalina.Wrapper)2 ErrorPage (org.apache.tomcat.util.descriptor.web.ErrorPage)2 WebXml (org.apache.tomcat.util.descriptor.web.WebXml)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial