Java Code Examples for org.apache.catalina.connector.Request#setCoyoteRequest()
The following examples show how to use
org.apache.catalina.connector.Request#setCoyoteRequest() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: BasicAuthAuthenticatorTest.java From carbon-device-mgt with Apache License 2.0 | 6 votes |
@Test(description = "This method tests the behaviour of canHandle method when different wrong values given for a " + "request") public void testCanHandleWithoutRequireParameters() throws NoSuchFieldException, IllegalAccessException, ClassNotFoundException, NoSuchMethodException, InvocationTargetException, InstantiationException { request = new Request(); context = new StandardContext(); request.setContext(context); Assert.assertFalse(basicAuthAuthenticator.canHandle(request), "Without proper headers and parameters, the request can be handled by BasicAuthAuthenticator."); context.addParameter("basicAuth", "true"); request.setContext(context); Assert.assertFalse(basicAuthAuthenticator.canHandle(request), "Without proper Authentication headers request can be handled by BasicAuthAuthenticator."); coyoteRequest = new org.apache.coyote.Request(); mimeHeaders = new MimeHeaders(); bytes = mimeHeaders.addValue(BaseWebAppAuthenticatorFrameworkTest.AUTHORIZATION_HEADER); bytes.setString("test"); headersField.set(coyoteRequest, mimeHeaders); request.setCoyoteRequest(coyoteRequest); Assert.assertFalse(basicAuthAuthenticator.canHandle(request), "With a different authorization header Basic Authenticator can handle the request"); }
Example 2
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Test public void testInvokeAllProxiesAreTrusted() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy(); Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 3
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
@Test public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10, 192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1, proxy2, proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("x-forwarded-by must be null", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "192.168.0.10", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "remote-host-original-value", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 4
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Test public void testRequestAttributesForAccessLog() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort", Integer.valueOf(8080), request.getAttribute(AccessLog.SERVER_PORT_ATTRIBUTE)); Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr", "140.211.11.130", request.getAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE)); Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost", "140.211.11.130", request.getAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE)); }
Example 5
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Test public void testRequestAttributesForAccessLog() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort", Integer.valueOf(8080), request.getAttribute(AccessLog.SERVER_PORT_ATTRIBUTE)); Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr", "140.211.11.130", request.getAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE)); Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost", "140.211.11.130", request.getAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE)); }
Example 6
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Test public void testInvokeUntrustedProxyInTheChain() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for") .setString("140.211.11.130, proxy1, untrusted-proxy, proxy2"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor); String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy(); Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 7
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Test public void testInvokeNotAllowedRemoteAddr() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("not-allowed-internal-proxy"); request.setRemoteHost("not-allowed-internal-proxy-host"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = request.getHeader("x-forwarded-for"); Assert.assertEquals("x-forwarded-for must be unchanged", "140.211.11.130, proxy1, proxy2", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); Assert.assertNull("x-forwarded-by must be null", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "not-allowed-internal-proxy", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "not-allowed-internal-proxy-host", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy-host", actualPostInvokeRemoteHost); }
Example 8
Source File: BSTAuthenticatorTest.java From carbon-device-mgt with Apache License 2.0 | 5 votes |
@Test(description = "This method tests the authenticate method of BST Authenticator when all the relevant " + "details", dependsOnMethods = "testInitWithRemote") public void testAuthenticate() throws NoSuchFieldException, IllegalAccessException, IOException { Request request = createSoapRequest("CorrectBST.xml"); org.apache.coyote.Request coyoteRequest = request.getCoyoteRequest(); Field uriMB = org.apache.coyote.Request.class.getDeclaredField("uriMB"); uriMB.setAccessible(true); MessageBytes bytes = MessageBytes.newInstance(); bytes.setString("test"); uriMB.set(coyoteRequest, bytes); request.setCoyoteRequest(coyoteRequest); bstAuthenticator.canHandle(request); AuthenticationInfo authenticationInfo = bstAuthenticator.authenticate(request, null); Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.CONTINUE, "Authentication status of authentication info is wrong"); Assert.assertEquals(authenticationInfo.getUsername(), "admin", "User name in the authentication info is different than original user"); OAuth2TokenValidationResponseDTO unAuthorizedValidationRespose = new OAuth2TokenValidationResponseDTO(); unAuthorizedValidationRespose.setValid(false); unAuthorizedValidationRespose.setErrorMsg("User is not authorized"); Mockito.doReturn(oAuth2ClientApplicationDTO).when(oAuth2TokenValidationService) .findOAuthConsumerIfTokenIsValid(Mockito.any()); oAuth2ClientApplicationDTO.setAccessTokenValidationResponse(unAuthorizedValidationRespose); AuthenticatorFrameworkDataHolder.getInstance().setOAuth2TokenValidationService(oAuth2TokenValidationService); authenticationInfo = bstAuthenticator.authenticate(request, null); Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE, "Un-authorized user got authenticated with BST"); }
Example 9
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Test public void testInvokeAllProxiesAreInternal() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, 192.168.0.10, 192.168.0.11"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("all proxies are internal, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("all proxies are internal, x-forwarded-by must be null", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 10
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
@Test public void testInvokeAllProxiesAreTrustedUnusedInternal() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("proxy3"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy(); Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2, proxy3", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "proxy3", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 11
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
@Test public void testInvokeAllProxiesAreTrusted() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 12
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // null "x-forwarded-proto" request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); Assert.assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); Assert.assertEquals("x-forwarded-proto is null", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); Assert.assertEquals("x-forwarded-proto is null", 8080, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); Assert.assertFalse("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); Assert.assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); Assert.assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); Assert.assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }
Example 13
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("http"); request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto says http", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto says http", 80, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto says http", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 14
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("http"); request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto says http", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto says http", 80, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto says http", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 15
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeAllProxiesAreTrustedOrInternal() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for") .setString("140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 16
Source File: TestRemoteIpValve.java From tomcatsrc with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // Don't declare "x-forwarded-proto" request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertTrue("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 17
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // Don't declare "x-forwarded-proto" request.setSecure(true); request.setServerPort(8443); request.getCoyoteRequest().scheme().setString("https"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "https", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8443, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertTrue("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertTrue("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8443, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "https", actualPostInvokeScheme); }
Example 18
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("127\\.0\\.0\\.1|192\\.168\\..*|another-internal-proxy"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy1"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy2"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 19
Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 4 votes |
@Test public void testInvokeAllProxiesAreTrustedOrInternal() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11"); remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3"); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProxiesHeader("x-forwarded-by"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("remote-host-original-value"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for") .setString("140.211.11.130, proxy1, proxy2, 192.168.0.10, 192.168.0.11"); // TEST remoteIpValve.invoke(request, null); // VERIFY String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor(); Assert.assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy(); Assert.assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); Assert.assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); Assert.assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost); }
Example 20
Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
@Test public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws Exception { // PREPARE RemoteIpValve remoteIpValve = new RemoteIpValve(); remoteIpValve.setRemoteIpHeader("x-forwarded-for"); remoteIpValve.setProtocolHeader("x-forwarded-proto"); RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve(); remoteIpValve.setNext(remoteAddrAndHostTrackerValve); Request request = new MockRequest(); request.setCoyoteRequest(new org.apache.coyote.Request()); // client ip request.setRemoteAddr("192.168.0.10"); request.setRemoteHost("192.168.0.10"); request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130"); // protocol // null "x-forwarded-proto" request.setSecure(false); request.setServerPort(8080); request.getCoyoteRequest().scheme().setString("http"); // TEST remoteIpValve.invoke(request, null); // VERIFY // client ip String actualXForwardedFor = request.getHeader("x-forwarded-for"); assertNull("no intermediate non-trusted proxy, x-forwarded-for must be null", actualXForwardedFor); String actualXForwardedBy = request.getHeader("x-forwarded-by"); assertNull("no intermediate trusted proxy", actualXForwardedBy); String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr(); assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr); String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost(); assertEquals("remoteHost", "140.211.11.130", actualRemoteHost); String actualPostInvokeRemoteAddr = request.getRemoteAddr(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr); String actualPostInvokeRemoteHost = request.getRemoteHost(); assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteHost); // protocol String actualScheme = remoteAddrAndHostTrackerValve.getScheme(); assertEquals("x-forwarded-proto is null", "http", actualScheme); int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort(); assertEquals("x-forwarded-proto is null", 8080, actualServerPort); boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure(); assertFalse("x-forwarded-proto is null", actualSecure); boolean actualPostInvokeSecure = request.isSecure(); assertFalse("postInvoke secure", actualPostInvokeSecure); int actualPostInvokeServerPort = request.getServerPort(); assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort); String actualPostInvokeScheme = request.getScheme(); assertEquals("postInvoke scheme", "http", actualPostInvokeScheme); }