Lines 47-52
Link Here
|
47 |
private String remoteHost; |
47 |
private String remoteHost; |
48 |
private String scheme; |
48 |
private String scheme; |
49 |
private boolean secure; |
49 |
private boolean secure; |
|
|
50 |
private String serverName; |
50 |
private int serverPort; |
51 |
private int serverPort; |
51 |
private String forwardedFor; |
52 |
private String forwardedFor; |
52 |
private String forwardedBy; |
53 |
private String forwardedBy; |
Lines 63-68
Link Here
|
63 |
return scheme; |
64 |
return scheme; |
64 |
} |
65 |
} |
65 |
|
66 |
|
|
|
67 |
public String getServerName() { |
68 |
return serverName; |
69 |
} |
70 |
|
66 |
public int getServerPort() { |
71 |
public int getServerPort() { |
67 |
return serverPort; |
72 |
return serverPort; |
68 |
} |
73 |
} |
Lines 85-90
Link Here
|
85 |
this.remoteAddr = request.getRemoteAddr(); |
90 |
this.remoteAddr = request.getRemoteAddr(); |
86 |
this.scheme = request.getScheme(); |
91 |
this.scheme = request.getScheme(); |
87 |
this.secure = request.isSecure(); |
92 |
this.secure = request.isSecure(); |
|
|
93 |
this.serverName = request.getServerName(); |
88 |
this.serverPort = request.getServerPort(); |
94 |
this.serverPort = request.getServerPort(); |
89 |
this.forwardedFor = request.getHeader("x-forwarded-for"); |
95 |
this.forwardedFor = request.getHeader("x-forwarded-for"); |
90 |
this.forwardedBy = request.getHeader("x-forwarded-by"); |
96 |
this.forwardedBy = request.getHeader("x-forwarded-by"); |
Lines 659-665
Link Here
|
659 |
assertEquals("x-forwarded-proto is null", "https", actualScheme); |
665 |
assertEquals("x-forwarded-proto is null", "https", actualScheme); |
660 |
|
666 |
|
661 |
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); |
667 |
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); |
662 |
assertEquals("x-forwarded-proto is null", 8443, actualServerPort); |
668 |
assertEquals("x-forwarded-port is null", 8443, actualServerPort); |
663 |
|
669 |
|
664 |
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); |
670 |
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); |
665 |
assertTrue("x-forwarded-proto is null", actualSecure); |
671 |
assertTrue("x-forwarded-proto is null", actualSecure); |
Lines 675-680
Link Here
|
675 |
} |
681 |
} |
676 |
|
682 |
|
677 |
@Test |
683 |
@Test |
|
|
684 |
public void testInvokeXforwardedHost() throws Exception { |
685 |
|
686 |
// PREPARE |
687 |
RemoteIpValve remoteIpValve = new RemoteIpValve(); |
688 |
remoteIpValve.setHostHeader("x-forwarded-host"); |
689 |
remoteIpValve.setProtocolHeader("x-forwarded-proto"); |
690 |
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); |
691 |
remoteIpValve.setNext(remoteAddrAndHostTrackerValve); |
692 |
|
693 |
Request request = new MockRequest(); |
694 |
request.setCoyoteRequest(new org.apache.coyote.Request()); |
695 |
// client ip |
696 |
request.setRemoteAddr("192.168.0.10"); |
697 |
request.setRemoteHost("192.168.0.10"); |
698 |
// protocol |
699 |
request.setSecure(false); |
700 |
request.setServerPort(8080); |
701 |
request.getCoyoteRequest().scheme().setString("http"); |
702 |
// host and port |
703 |
request.getCoyoteRequest().serverName().setString("10.0.0.1"); |
704 |
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-host").setString("example.com:8443"); |
705 |
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); |
706 |
|
707 |
// TEST |
708 |
remoteIpValve.invoke(request, null); |
709 |
|
710 |
// VERIFY |
711 |
// protocol |
712 |
String actualServerName = remoteAddrAndHostTrackerValve.getServerName(); |
713 |
assertEquals("tracked serverName", "example.com", actualServerName); |
714 |
|
715 |
String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); |
716 |
assertEquals("tracked scheme", "https", actualScheme); |
717 |
|
718 |
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); |
719 |
assertEquals("tracked serverPort", 8443, actualServerPort); |
720 |
|
721 |
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); |
722 |
assertTrue("tracked secure", actualSecure); |
723 |
|
724 |
String actualPostInvokeServerName = request.getServerName(); |
725 |
assertEquals("postInvoke serverName", "10.0.0.1", actualPostInvokeServerName); |
726 |
|
727 |
boolean actualPostInvokeSecure = request.isSecure(); |
728 |
assertFalse("postInvoke secure", actualPostInvokeSecure); |
729 |
|
730 |
int actualPostInvokeServerPort = request.getServerPort(); |
731 |
assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); |
732 |
|
733 |
String actualPostInvokeScheme = request.getScheme(); |
734 |
assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); |
735 |
} |
736 |
|
737 |
@Test |
738 |
public void testInvokeXforwardedHostAndPort() throws Exception { |
739 |
|
740 |
// PREPARE |
741 |
RemoteIpValve remoteIpValve = new RemoteIpValve(); |
742 |
remoteIpValve.setHostHeader("x-forwarded-host"); |
743 |
remoteIpValve.setPortHeader("x-forwarded-port"); |
744 |
remoteIpValve.setProtocolHeader("x-forwarded-proto"); |
745 |
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); |
746 |
remoteIpValve.setNext(remoteAddrAndHostTrackerValve); |
747 |
|
748 |
Request request = new MockRequest(); |
749 |
request.setCoyoteRequest(new org.apache.coyote.Request()); |
750 |
// client ip |
751 |
request.setRemoteAddr("192.168.0.10"); |
752 |
request.setRemoteHost("192.168.0.10"); |
753 |
// protocol |
754 |
request.setSecure(false); |
755 |
request.setServerPort(8080); |
756 |
request.getCoyoteRequest().scheme().setString("http"); |
757 |
// host and port |
758 |
request.getCoyoteRequest().serverName().setString("10.0.0.1"); |
759 |
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-host").setString("example.com"); |
760 |
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-port").setString("8443"); |
761 |
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); |
762 |
|
763 |
// TEST |
764 |
remoteIpValve.invoke(request, null); |
765 |
|
766 |
// VERIFY |
767 |
// protocol |
768 |
String actualServerName = remoteAddrAndHostTrackerValve.getServerName(); |
769 |
assertEquals("tracked serverName", "example.com", actualServerName); |
770 |
|
771 |
String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); |
772 |
assertEquals("tracked scheme", "https", actualScheme); |
773 |
|
774 |
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); |
775 |
assertEquals("tracked serverPort", 8443, actualServerPort); |
776 |
|
777 |
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); |
778 |
assertTrue("tracked secure", actualSecure); |
779 |
|
780 |
String actualPostInvokeServerName = request.getServerName(); |
781 |
assertEquals("postInvoke serverName", "10.0.0.1", actualPostInvokeServerName); |
782 |
|
783 |
boolean actualPostInvokeSecure = request.isSecure(); |
784 |
assertFalse("postInvoke secure", actualPostInvokeSecure); |
785 |
|
786 |
int actualPostInvokeServerPort = request.getServerPort(); |
787 |
assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); |
788 |
|
789 |
String actualPostInvokeScheme = request.getScheme(); |
790 |
assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); |
791 |
} |
792 |
|
793 |
@Test |
678 |
public void testInvokeNotAllowedRemoteAddr() throws Exception { |
794 |
public void testInvokeNotAllowedRemoteAddr() throws Exception { |
679 |
// PREPARE |
795 |
// PREPARE |
680 |
RemoteIpValve remoteIpValve = new RemoteIpValve(); |
796 |
RemoteIpValve remoteIpValve = new RemoteIpValve(); |