Java Code Examples for org.apache.catalina.connector.Request#setSecure()
The following examples show how to use
org.apache.catalina.connector.Request#setSecure() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SslAcceleratorValve.java From scipio-erp with Apache License 2.0 | 5 votes |
public @Override void invoke(Request req, Response resp) throws IOException, ServletException { if (sslAcceleratorPort != null && req.getLocalPort() == sslAcceleratorPort.intValue()) { req.setSecure(true); } if (getNext() != null) { getNext().invoke(req, resp); } }
Example 2
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpsForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("x-forwarded-proto says https", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("x-forwarded-proto says https", 443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertTrue("x-forwarded-proto says https", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 3
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // null "x-forwarded-proto" request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("x-forwarded-proto is null", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("x-forwarded-proto is null", 8080, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertFalse("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 4
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("http"); request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy(); Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("x-forwarded-proto says http", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("x-forwarded-proto says http", 80, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertFalse("x-forwarded-proto says http", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 5
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
private void performXForwardedProtoWithMultipleForwardsTest(String incomingHeaderValue, boolean arrivesAsSecure, boolean shouldBeSecure) throws Exception { // PREPARE String incomingScheme = arrivesAsSecure ? "https" : "http"; String expectedScheme = shouldBeSecure ? "https" : "http"; int incommingServerPort = arrivesAsSecure ? 8443 : 8080; int expectedServerPort = shouldBeSecure ? 443 : 80; RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString(incomingHeaderValue); request.setSecure(arrivesAsSecure); request.setServerPort(incommingServerPort); request.getCoyoteRequest().scheme().setString(incomingScheme); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy(); Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedScheme, actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedServerPort, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertEquals("x-forwarded-proto says " + expectedScheme, Boolean.valueOf(shouldBeSecure), Boolean.valueOf(actualSecure)); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertEquals("postInvoke secure", Boolean.valueOf(arrivesAsSecure), Boolean.valueOf(actualPostInvokeSecure)); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", incommingServerPort, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", incomingScheme, actualPostInvokeScheme); }
Example 6
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // Don't declare "x-forwarded-proto" request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("x-forwarded-proto is null", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("x-forwarded-proto is null", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertTrue("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 7
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedHost() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setHostHeader("x-forwarded-host"); remoteIpValve.setPortHeader("x-forwarded-port"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); // protocol request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // host and port request.getCoyoteRequest().serverName().setString("10.0.0.1"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-host").setString("example.com:8443"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-port").setString("8443"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // protocol String actualServerName = remoteAddrAndHostTrackerValve.getServerName(); Assert.assertEquals("tracked serverName", "example.com", actualServerName); String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("tracked scheme", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("tracked serverPort", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertTrue("tracked secure", actualSecure); String actualPostInvokeServerName = request.getServerName(); Assert.assertEquals("postInvoke serverName", "10.0.0.1", actualPostInvokeServerName); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 8
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedHostAndPort() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setHostHeader("x-forwarded-host"); remoteIpValve.setPortHeader("x-forwarded-port"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); // protocol request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // host and port request.getCoyoteRequest().serverName().setString("10.0.0.1"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-host").setString("example.com"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-port").setString("8443"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // protocol String actualServerName = remoteAddrAndHostTrackerValve.getServerName(); Assert.assertEquals("tracked serverName", "example.com", actualServerName); String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("tracked scheme", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("tracked serverPort", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertTrue("tracked secure", actualSecure); String actualPostInvokeServerName = request.getServerName(); Assert.assertEquals("postInvoke serverName", "10.0.0.1", actualPostInvokeServerName); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 9
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpsForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto says https", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto says https", 443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertTrue("x-forwarded-proto says https", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 10
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // null "x-forwarded-proto" request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8080, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 11
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("http"); request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto says http", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto says http", 80, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto says http", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 12
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // Don't declare "x-forwarded-proto" request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertTrue("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 13
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpsForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https"); request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto says https", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto says https", 443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertTrue("x-forwarded-proto says https", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 14
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // null "x-forwarded-proto" request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8080, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 15
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("http"); request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto says http", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto says http", 80, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto says http", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 16
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // Don't declare "x-forwarded-proto" request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertTrue("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }