Java Code Examples for org.apache.catalina.connector.Request#getRemoteHost()

The following examples show how to use org.apache.catalina.connector.Request#getRemoteHost() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AccessLogValve.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up
@Override
public void addElement(StringBuilder buf, Date date, Request request,
        Response response, long time) {
    String value = null;
    if (requestAttributesEnabled) {
        Object host = request.getAttribute(REMOTE_HOST_ATTRIBUTE);
        if (host != null) {
            value = host.toString();
        }
    }
    if (value == null || value.length() == 0) {
        value = request.getRemoteHost();
    }
    if (value == null || value.length() == 0) {
        value = "-";
    }
    buf.append(value);
}
 
Example 2
Source File: MongoAccessLogValve.java    From tomcat-mongo-access-log with Apache License 2.0 6 votes vote down vote up
@Override
public void addElement(StringBuilder buf, DBObject result, Date date, Request request,
        Response response, long time) {
    String value = null;
    if (requestAttributesEnabled) {
        Object host = request.getAttribute(REMOTE_HOST_ATTRIBUTE);
        if (host != null) {
            value = host.toString();
        }
    }
    if (value == null || value.length() == 0) {
        value = request.getRemoteHost();
    }
    if (value == null || value.length() == 0) {
        value = "-";
    }
    result.put("remoteHost", value);
}
 
Example 3
Source File: TestRemoteIpValve.java    From tomcatsrc with Apache License 2.0 5 votes vote down vote up
@Test
public void testInvokeAllProxiesAreInternal() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, 192.168.0.10, 192.168.0.11");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("all proxies are internal, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("all proxies are internal, x-forwarded-by must be null", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
 
Example 4
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
@Test
public void testInvokeAllProxiesAreInternal() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, 192.168.0.10, 192.168.0.11");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("all proxies are internal, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("all proxies are internal, x-forwarded-by must be null", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
 
Example 5
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
@Test
public void testInvokeUntrustedProxyInTheChain() throws Exception {
    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
        .setString("140.211.11.130, proxy1, untrusted-proxy, proxy2");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertEquals("ip/host after untrusted-proxy must appear in  x-forwarded-by", "proxy2", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
 
Example 6
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
@Test
public void testInvokeNotAllowedRemoteAddr() throws Exception {
    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("not-allowed-internal-proxy");
    request.setRemoteHost("not-allowed-internal-proxy-host");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertEquals("x-forwarded-for must be unchanged", "140.211.11.130, proxy1, proxy2", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("x-forwarded-by must be null", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "not-allowed-internal-proxy", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "not-allowed-internal-proxy-host", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy-host", actualPostInvokeRemoteHost);
}
 
Example 7
Source File: TestRemoteIpValve.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Test
public void testInvokeUntrustedProxyInTheChain() throws Exception {
    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
        .setString("140.211.11.130, proxy1, untrusted-proxy, proxy2");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
    Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor);

    String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
    Assert.assertEquals("ip/host after untrusted-proxy must appear in  x-forwarded-by", "proxy2", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    Assert.assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
 
Example 8
Source File: TestRemoteIpValve.java    From tomcatsrc with Apache License 2.0 5 votes vote down vote up
@Test
public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws Exception {
    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10, 192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1, proxy2, proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("x-forwarded-by must be null", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "192.168.0.10", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "remote-host-original-value", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);

}
 
Example 9
Source File: TestRemoteIpValve.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Test
public void testInvokeNotAllowedRemoteAddr() throws Exception {
    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("not-allowed-internal-proxy");
    request.setRemoteHost("not-allowed-internal-proxy-host");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    Assert.assertEquals("x-forwarded-for must be unchanged", "140.211.11.130, proxy1, proxy2", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    Assert.assertNull("x-forwarded-by must be null", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("remoteAddr", "not-allowed-internal-proxy", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    Assert.assertEquals("remoteHost", "not-allowed-internal-proxy-host", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    Assert.assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    Assert.assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy-host", actualPostInvokeRemoteHost);
}
 
Example 10
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeXforwardedProtoSaysHttpsForIncomingHttpRequest() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https");
    request.setSecure(false);
    request.setServerPort(8080);
    request.getCoyoteRequest().scheme().setString("http");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    assertEquals("x-forwarded-proto says https", "https", actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    assertEquals("x-forwarded-proto says https", 443, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    assertTrue("x-forwarded-proto says https", actualSecure);

    boolean actualPostInvokeSecure = request.isSecure();
    assertFalse("postInvoke secure", actualPostInvokeSecure);

    int actualPostInvokeServerPort = request.getServerPort();
    assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
}
 
Example 11
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    // null "x-forwarded-proto"
    request.setSecure(false);
    request.setServerPort(8080);
    request.getCoyoteRequest().scheme().setString("http");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    assertEquals("x-forwarded-proto is null", "http", actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    assertEquals("x-forwarded-proto is null", 8080, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    assertFalse("x-forwarded-proto is null", actualSecure);

    boolean actualPostInvokeSecure = request.isSecure();
    assertFalse("postInvoke secure", actualPostInvokeSecure);

    int actualPostInvokeServerPort = request.getServerPort();
    assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
}
 
Example 12
Source File: JDBCAccessLogValve.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
@Override
public void log(Request request, Response response, long time) {
    if (!getState().isAvailable()) {
        return;
    }

    final String EMPTY = "" ;

    String remoteHost;
    if(resolveHosts) {
        if (requestAttributesEnabled) {
            Object host = request.getAttribute(REMOTE_HOST_ATTRIBUTE);
            if (host == null) {
                remoteHost = request.getRemoteHost();
            } else {
                remoteHost = (String) host;
            }
        } else {
            remoteHost = request.getRemoteHost();
        }
    } else {
        if (requestAttributesEnabled) {
            Object addr = request.getAttribute(REMOTE_ADDR_ATTRIBUTE);
            if (addr == null) {
                remoteHost = request.getRemoteAddr();
            } else {
                remoteHost = (String) addr;
            }
        } else {
            remoteHost = request.getRemoteAddr();
        }
    }
    String user = request.getRemoteUser();
    String query=request.getRequestURI();

    long bytes = response.getBytesWritten(true);
    if(bytes < 0) {
        bytes = 0;
    }
    int status = response.getStatus();
    String virtualHost = EMPTY;
    String method = EMPTY;
    String referer = EMPTY;
    String userAgent = EMPTY;
    String logPattern = pattern;
    if (logPattern.equals("combined")) {
        virtualHost = request.getServerName();
        method = request.getMethod();
        referer = request.getHeader("referer");
        userAgent = request.getHeader("user-agent");
    }
    synchronized (this) {
      int numberOfTries = 2;
      while (numberOfTries>0) {
        try {
            open();

            ps.setString(1, remoteHost);
            ps.setString(2, user);
            ps.setTimestamp(3, new Timestamp(getCurrentTimeMillis()));
            ps.setString(4, query);
            ps.setInt(5, status);

            if(useLongContentLength) {
                ps.setLong(6, bytes);
            } else {
                if (bytes > Integer.MAX_VALUE) {
                    bytes = -1 ;
                }
                ps.setInt(6, (int) bytes);
            }
            if (logPattern.equals("combined")) {
                  ps.setString(7, virtualHost);
                  ps.setString(8, method);
                  ps.setString(9, referer);
                  ps.setString(10, userAgent);
            }
            ps.executeUpdate();
            return;
          } catch (SQLException e) {
            // Log the problem for posterity
              container.getLogger().error(sm.getString("jdbcAccessLogValve.exception"), e);

            // Close the connection so that it gets reopened next time
            if (conn != null) {
                close();
            }
          }
          numberOfTries--;
       }
    }

}
 
Example 13
Source File: TestRemoteIpValve.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("http");
    request.setSecure(true);
    request.setServerPort(8443);
    request.getCoyoteRequest().scheme().setString("https");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    assertEquals("x-forwarded-proto says http", "http", actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    assertEquals("x-forwarded-proto says http", 80, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    assertFalse("x-forwarded-proto says http", actualSecure);

    boolean actualPostInvokeSecure = request.isSecure();
    assertTrue("postInvoke secure", actualPostInvokeSecure);

    int actualPostInvokeServerPort = request.getServerPort();
    assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    assertEquals("postInvoke scheme", "https", actualPostInvokeScheme);
}
 
Example 14
Source File: TestRemoteIpValve.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
private void performXForwardedProtoWithMultipleForwardsTest(String incomingHeaderValue,
        boolean arrivesAsSecure, boolean shouldBeSecure) throws Exception {

    // PREPARE
    String incomingScheme = arrivesAsSecure ? "https" : "http";
    String expectedScheme = shouldBeSecure ? "https" : "http";
    int incommingServerPort = arrivesAsSecure ? 8443 : 8080;
    int expectedServerPort = shouldBeSecure ? 443 : 80;
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString(incomingHeaderValue);
    request.setSecure(arrivesAsSecure);
    request.setServerPort(incommingServerPort);
    request.getCoyoteRequest().scheme().setString(incomingScheme);

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
    Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
    Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedScheme, actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    Assert.assertEquals("x-forwarded-proto says " + expectedScheme, expectedServerPort, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    Assert.assertEquals("x-forwarded-proto says " + expectedScheme,
            Boolean.valueOf(shouldBeSecure), Boolean.valueOf(actualSecure));

    boolean actualPostInvokeSecure = request.isSecure();
    Assert.assertEquals("postInvoke secure",
            Boolean.valueOf(arrivesAsSecure), Boolean.valueOf(actualPostInvokeSecure));

    int actualPostInvokeServerPort = request.getServerPort();
    Assert.assertEquals("postInvoke serverPort", incommingServerPort, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    Assert.assertEquals("postInvoke scheme", incomingScheme, actualPostInvokeScheme);
}
 
Example 15
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    // Don't declare "x-forwarded-proto"
    request.setSecure(true);
    request.setServerPort(8443);
    request.getCoyoteRequest().scheme().setString("https");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    assertEquals("x-forwarded-proto is null", "https", actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    assertEquals("x-forwarded-proto is null", 8443, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    assertTrue("x-forwarded-proto is null", actualSecure);

    boolean actualPostInvokeSecure = request.isSecure();
    assertTrue("postInvoke secure", actualPostInvokeSecure);

    int actualPostInvokeServerPort = request.getServerPort();
    assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    assertEquals("postInvoke scheme", "https", actualPostInvokeScheme);
}
 
Example 16
Source File: TestRemoteIpValve.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeXforwardedProtoSaysHttpsForIncomingHttpRequest() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https");
    request.setSecure(false);
    request.setServerPort(8080);
    request.getCoyoteRequest().scheme().setString("http");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    assertEquals("x-forwarded-proto says https", "https", actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    assertEquals("x-forwarded-proto says https", 443, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    assertTrue("x-forwarded-proto says https", actualSecure);

    boolean actualPostInvokeSecure = request.isSecure();
    assertFalse("postInvoke secure", actualPostInvokeSecure);

    int actualPostInvokeServerPort = request.getServerPort();
    assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
}
 
Example 17
Source File: TestRemoteIpValve.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
@Test
public void test172dash12InternalProxies() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("172\\.1[6-9]{1}\\.\\d{1,3}\\.\\d{1,3}|172\\.2[0-9]{1}\\.\\d{1,3}\\.\\d{1,3}|172\\.3[0-1]{1}\\.\\d{1,3}\\.\\d{1,3}");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("172.16.0.5");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("209.244.0.3");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
    Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("remoteAddr", "209.244.0.3", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    Assert.assertEquals("remoteHost", "209.244.0.3", actualRemoteHost);

    String actualPostInvokeRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("postInvoke remoteAddr", "209.244.0.3", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);

    boolean isSecure = remoteAddrAndHostTrackerValve.isSecure();
    Assert.assertTrue("request from internal proxy should be marked secure", isSecure);

    String scheme = remoteAddrAndHostTrackerValve.getScheme();
    Assert.assertEquals("Scheme should be marked to https.","https",scheme);

    request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("172.25.250.250");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("209.244.0.3");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
    Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);

    actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("remoteAddr", "209.244.0.3", actualRemoteAddr);

    actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    Assert.assertEquals("remoteHost", "209.244.0.3", actualRemoteHost);

    actualPostInvokeRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    Assert.assertEquals("postInvoke remoteAddr", "209.244.0.3", actualPostInvokeRemoteAddr);

    actualPostInvokeRemoteHost = request.getRemoteHost();
    Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);

    isSecure = remoteAddrAndHostTrackerValve.isSecure();
    Assert.assertTrue("request from internal proxy should be marked secure", isSecure);

    scheme = remoteAddrAndHostTrackerValve.getScheme();
    Assert.assertEquals("Scheme should be marked to https.","https",scheme);


}
 
Example 18
Source File: TestRemoteIpValve.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeAllProxiesAreTrustedOrInternal() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
        .setString("140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
 
Example 19
Source File: TestRemoteIpValve.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setInternalProxies("127\\.0\\.0\\.1|192\\.168\\..*|another-internal-proxy");
    remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProxiesHeader("x-forwarded-by");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy1");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy2");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
 
Example 20
Source File: TestRemoteIpValve.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
@Test
public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception {

    // PREPARE
    RemoteIpValve remoteIpValve = new RemoteIpValve();
    remoteIpValve.setRemoteIpHeader("x-forwarded-for");
    remoteIpValve.setProtocolHeader("x-forwarded-proto");
    RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
    remoteIpValve.setNext(remoteAddrAndHostTrackerValve);

    Request request = new MockRequest();
    request.setCoyoteRequest(new org.apache.coyote.Request());
    // client ip
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("192.168.0.10");
    request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
    // protocol
    // Don't declare "x-forwarded-proto"
    request.setSecure(true);
    request.setServerPort(8443);
    request.getCoyoteRequest().scheme().setString("https");

    // TEST
    remoteIpValve.invoke(request, null);

    // VERIFY
    // client ip
    String actualXForwardedFor = request.getHeader("x-forwarded-for");
    assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor);

    String actualXForwardedBy = request.getHeader("x-forwarded-by");
    assertNull("no intermediate trusted proxy", actualXForwardedBy);

    String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);

    String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);

    String actualPostInvokeRemoteAddr = request.getRemoteAddr();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);

    String actualPostInvokeRemoteHost = request.getRemoteHost();
    assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost);

    // protocol
    String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
    assertEquals("x-forwarded-proto is null", "https", actualScheme);

    int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
    assertEquals("x-forwarded-proto is null", 8443, actualServerPort);

    boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
    assertTrue("x-forwarded-proto is null", actualSecure);

    boolean actualPostInvokeSecure = request.isSecure();
    assertTrue("postInvoke secure", actualPostInvokeSecure);

    int actualPostInvokeServerPort = request.getServerPort();
    assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort);

    String actualPostInvokeScheme = request.getScheme();
    assertEquals("postInvoke scheme", "https", actualPostInvokeScheme);
}