Author: kkolinko
Date: Sat Nov 7 01:44:50 2015
New Revision: 1713064
URL: http://svn.apache.org/viewvc?rev=1713064&view=rev
Log:
Update test class aligning with Tomcat 7.
Modified:
tomcat/tc6.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
Modified:
tomcat/tc6.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
URL:
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java?rev=1713064&r1=1713063&r2=1713064&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
(original)
+++ tomcat/tc6.0.x/trunk/test/org/apache/catalina/valves/TestRemoteIpValve.java
Sat Nov 7 01:44:50 2015
@@ -5,9 +5,9 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,32 +24,37 @@ import java.util.List;
import javax.servlet.ServletException;
-import junit.framework.TestCase;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
-import org.apache.catalina.valves.ValveBase;
/**
* {@link RemoteIpValve} Tests
*/
-public class TestRemoteIpValve extends TestCase {
-
+public class TestRemoteIpValve {
+
static class RemoteAddrAndHostTrackerValve extends ValveBase {
private String remoteAddr;
private String remoteHost;
private String scheme;
private boolean secure;
private int serverPort;
-
+
public String getRemoteAddr() {
return remoteAddr;
}
-
+
public String getRemoteHost() {
return remoteHost;
}
-
+
public String getScheme() {
return scheme;
}
@@ -61,7 +66,7 @@ public class TestRemoteIpValve extends T
public boolean isSecure() {
return secure;
}
-
+
@Override
public void invoke(Request request, Response response) throws
IOException, ServletException {
this.remoteHost = request.getRemoteHost();
@@ -71,24 +76,40 @@ public class TestRemoteIpValve extends T
this.serverPort = request.getServerPort();
}
}
-
- public void testCommaDelimitedListToStringArray() {
+
+ public static class MockRequest extends Request {
+ @Override
+ public void setAttribute(String name, Object value) {
+ getCoyoteRequest().getAttributes().put(name, value);
+ }
+
+ @Override
+ public Object getAttribute(String name) {
+ return getCoyoteRequest().getAttribute(name);
+ }
+ }
+
+ @Test
+ public void testListToCommaDelimitedString() {
List<String> elements = Arrays.asList("element1", "element2",
"element3");
String actual = RemoteIpValve.listToCommaDelimitedString(elements);
assertEquals("element1, element2, element3", actual);
}
-
- public void testCommaDelimitedListToStringArrayEmptyList() {
+
+ @Test
+ public void testListToCommaDelimitedStringEmptyList() {
List<String> elements = new ArrayList<String>();
String actual = RemoteIpValve.listToCommaDelimitedString(elements);
assertEquals("", actual);
}
-
+
+ @Test
public void testCommaDelimitedListToStringArrayNullList() {
String actual = RemoteIpValve.listToCommaDelimitedString(null);
assertEquals("", actual);
}
-
+
+ @Test
public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws
Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
@@ -98,38 +119,39 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("x-forwarded-for must be null", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("x-forwarded-by must be null", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "192.168.0.10", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "remote-host-original-value",
actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value",
actualPostInvokeRemoteHost);
-
+
}
-
+
+ @Test
public void testInvokeAllProxiesAreTrusted() throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10,
192\\.168\\.0\\.11");
@@ -138,38 +160,39 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130,
proxy1, proxy2");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("all proxies are trusted, x-forwarded-for must be null",
actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertEquals("all proxies are trusted, they must appear in
x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value",
actualPostInvokeRemoteHost);
}
-
+
+ @Test
public void testInvokeAllProxiesAreTrustedOrInternal() throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10,
192\\.168\\.0\\.11");
@@ -178,39 +201,40 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
.setString("140.211.11.130, proxy1, proxy2, 192.168.0.10,
192.168.0.11");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("all proxies are trusted, x-forwarded-for must be null",
actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertEquals("all proxies are trusted, they must appear in
x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value",
actualPostInvokeRemoteHost);
}
-
+
+ @Test
public void testInvokeAllProxiesAreInternal() throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10,
192\\.168\\.0\\.11");
@@ -219,38 +243,39 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130,
192.168.0.10, 192.168.0.11");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("all proxies are internal, x-forwarded-for must be null",
actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("all proxies are internal, x-forwarded-by must be null",
actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value",
actualPostInvokeRemoteHost);
}
-
+
+ @Test
public void testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp()
throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("127\\.0\\.0\\.1, 192\\.168\\..*,
another-internal-proxy");
@@ -259,46 +284,49 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
-
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130,
proxy1, proxy2");
-
+
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130");
+
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy1");
+
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("proxy2");
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("all proxies are trusted, x-forwarded-for must be null",
actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertEquals("all proxies are trusted, they must appear in
x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value",
actualPostInvokeRemoteHost);
}
-
+
+ @Test
public void testInvokeXforwardedProtoSaysHttpsForIncomingHttpRequest()
throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
@@ -309,42 +337,42 @@ public class TestRemoteIpValve extends T
request.setSecure(false);
request.setServerPort(8080);
request.getCoyoteRequest().scheme().setString("http");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
// client ip
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("no intermediate non-trusted proxy, x-forwarded-for must be
null", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("no intermediate trusted proxy", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteHost);
-
+
// protocol
String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
assertEquals("x-forwarded-proto says https", "https", actualScheme);
-
+
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
assertEquals("x-forwarded-proto says https", 443, actualServerPort);
-
+
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
- assertEquals("x-forwarded-proto says https", true, actualSecure);
+ assertTrue("x-forwarded-proto says https", actualSecure);
boolean actualPostInvokeSecure = request.isSecure();
- assertEquals("postInvoke secure", false, actualPostInvokeSecure);
+ assertFalse("postInvoke secure", actualPostInvokeSecure);
int actualPostInvokeServerPort = request.getServerPort();
assertEquals("postInvoke serverPort", 8080,
actualPostInvokeServerPort);
@@ -352,17 +380,18 @@ public class TestRemoteIpValve extends T
String actualPostInvokeScheme = request.getScheme();
assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
}
-
+
+ @Test
public void testInvokeXforwardedProtoIsNullForIncomingHttpRequest() throws
Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
@@ -373,42 +402,42 @@ public class TestRemoteIpValve extends T
request.setSecure(false);
request.setServerPort(8080);
request.getCoyoteRequest().scheme().setString("http");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
// client ip
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("no intermediate non-trusted proxy, x-forwarded-for must be
null", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("no intermediate trusted proxy", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteHost);
-
+
// protocol
String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
assertEquals("x-forwarded-proto is null", "http", actualScheme);
-
+
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
assertEquals("x-forwarded-proto is null", 8080, actualServerPort);
-
+
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
- assertEquals("x-forwarded-proto is null", false, actualSecure);
+ assertFalse("x-forwarded-proto is null", actualSecure);
boolean actualPostInvokeSecure = request.isSecure();
- assertEquals("postInvoke secure", false, actualPostInvokeSecure);
+ assertFalse("postInvoke secure", actualPostInvokeSecure);
int actualPostInvokeServerPort = request.getServerPort();
assertEquals("postInvoke serverPort", 8080,
actualPostInvokeServerPort);
@@ -416,17 +445,18 @@ public class TestRemoteIpValve extends T
String actualPostInvokeScheme = request.getScheme();
assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
}
-
+
+ @Test
public void testInvokeXforwardedProtoSaysHttpForIncomingHttpsRequest()
throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
@@ -437,42 +467,42 @@ public class TestRemoteIpValve extends T
request.setSecure(true);
request.setServerPort(8443);
request.getCoyoteRequest().scheme().setString("https");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
// client ip
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("no intermediate non-trusted proxy, x-forwarded-for must be
null", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("no intermediate trusted proxy", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteHost);
-
+
// protocol
String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
assertEquals("x-forwarded-proto says http", "http", actualScheme);
-
+
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
assertEquals("x-forwarded-proto says http", 80, actualServerPort);
-
+
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
- assertEquals("x-forwarded-proto says http", false, actualSecure);
+ assertFalse("x-forwarded-proto says http", actualSecure);
boolean actualPostInvokeSecure = request.isSecure();
- assertEquals("postInvoke secure", true, actualPostInvokeSecure);
+ assertTrue("postInvoke secure", actualPostInvokeSecure);
int actualPostInvokeServerPort = request.getServerPort();
assertEquals("postInvoke serverPort", 8443,
actualPostInvokeServerPort);
@@ -480,17 +510,18 @@ public class TestRemoteIpValve extends T
String actualPostInvokeScheme = request.getScheme();
assertEquals("postInvoke scheme", "https", actualPostInvokeScheme);
}
-
+
+ @Test
public void testInvokeXforwardedProtoIsNullForIncomingHttpsRequest()
throws Exception {
-
+
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProtocolHeader("x-forwarded-proto");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
// client ip
request.setRemoteAddr("192.168.0.10");
@@ -501,42 +532,42 @@ public class TestRemoteIpValve extends T
request.setSecure(true);
request.setServerPort(8443);
request.getCoyoteRequest().scheme().setString("https");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
// client ip
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("no intermediate non-trusted proxy, x-forwarded-for must be
null", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("no intermediate trusted proxy", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteHost);
-
+
// protocol
String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
assertEquals("x-forwarded-proto is null", "https", actualScheme);
-
+
int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
assertEquals("x-forwarded-proto is null", 8443, actualServerPort);
-
+
boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
- assertEquals("x-forwarded-proto is null", true, actualSecure);
+ assertTrue("x-forwarded-proto is null", actualSecure);
boolean actualPostInvokeSecure = request.isSecure();
- assertEquals("postInvoke secure", true, actualPostInvokeSecure);
+ assertTrue("postInvoke secure", actualPostInvokeSecure);
int actualPostInvokeServerPort = request.getServerPort();
assertEquals("postInvoke serverPort", 8443,
actualPostInvokeServerPort);
@@ -544,7 +575,8 @@ public class TestRemoteIpValve extends T
String actualPostInvokeScheme = request.getScheme();
assertEquals("postInvoke scheme", "https", actualPostInvokeScheme);
}
-
+
+ @Test
public void testInvokeNotAllowedRemoteAddr() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
@@ -554,36 +586,37 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("not-allowed-internal-proxy");
request.setRemoteHost("not-allowed-internal-proxy-host");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130,
proxy1, proxy2");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertEquals("x-forwarded-for must be unchanged", "140.211.11.130,
proxy1, proxy2", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertNull("x-forwarded-by must be null", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "not-allowed-internal-proxy",
actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "not-allowed-internal-proxy-host",
actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "not-allowed-internal-proxy",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr",
"not-allowed-internal-proxy-host", actualPostInvokeRemoteHost);
}
-
+
+ @Test
public void testInvokeUntrustedProxyInTheChain() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
@@ -593,53 +626,55 @@ public class TestRemoteIpValve extends T
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new
RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
-
- Request request = new Request();
+
+ Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
.setString("140.211.11.130, proxy1, untrusted-proxy, proxy2");
-
+
// TEST
remoteIpValve.invoke(request, null);
-
+
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertEquals("ip/host before untrusted-proxy must appear in
x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor);
-
+
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertEquals("ip/host after untrusted-proxy must appear in
x-forwarded-by", "proxy2", actualXForwardedBy);
-
+
String actualRemoteAddr =
remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);
-
+
String actualRemoteHost =
remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost);
-
+
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10",
actualPostInvokeRemoteAddr);
-
+
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value",
actualPostInvokeRemoteHost);
}
-
- public void testListToCommaDelimitedString() {
+
+ @Test
+ public void testCommaDelimitedListToStringArray() {
String[] actual =
RemoteIpValve.commaDelimitedListToStringArray("element1, element2, element3");
String[] expected = new String[] {
"element1", "element2", "element3"
};
assertArrayEquals(expected, actual);
}
-
- public void testListToCommaDelimitedStringMixedSpaceChars() {
+
+ @Test
+ public void testCommaDelimitedListToStringArrayMixedSpaceChars() {
String[] actual =
RemoteIpValve.commaDelimitedListToStringArray("element1 , element2,\t
element3");
String[] expected = new String[] {
"element1", "element2", "element3"
};
assertArrayEquals(expected, actual);
}
-
+
private void assertArrayEquals(String[] expected, String[] actual) {
if (expected == null) {
assertNull(actual);
@@ -651,7 +686,7 @@ public class TestRemoteIpValve extends T
e.addAll(Arrays.asList(expected));
List<String> a = new ArrayList<String>();
a.addAll(Arrays.asList(actual));
-
+
for (String entry : e) {
assertTrue(a.remove(entry));
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
