Author: kkolinko
Date: Sat Jan 15 19:33:06 2011
New Revision: 1059398
URL: http://svn.apache.org/viewvc?rev=1059398&view=rev
Log:
Update JMX descriptions, tests, documentation and examples in documentation for
using a single regex for attributes in RemoteIpFilter, RemoteIpValve.
Modified:
tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml
tomcat/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
tomcat/trunk/webapps/docs/config/filter.xml
Modified: tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java?rev=1059398&r1=1059397&r2=1059398&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java (original)
+++ tomcat/trunk/java/org/apache/catalina/filters/RemoteIpFilter.java Sat Jan
15 19:33:06 2011
@@ -99,10 +99,13 @@ import org.apache.juli.logging.LogFactor
* </tr>
* <tr>
* <td>internalProxies</td>
- * <td>List of internal proxies ip adress. If they appear in the
<code>remoteIpHeader</code> value, they will be trusted and will not appear
+ * <td>Regular expression that matches the IP addresses of internal proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will not appear
* in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPInternalProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link
java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
*
<td>10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
<br/>
* By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12
has not been enabled by default because it is complex to
* describe with regular expressions</td>
@@ -118,10 +121,12 @@ import org.apache.juli.logging.LogFactor
* </tr>
* <tr>
* <td>trustedProxies</td>
- * <td>List of trusted proxies ip adress. If they appear in the
<code>remoteIpHeader</code> value, they will be trusted and will appear in
- * the <code>proxiesHeader</code> value</td>
+ * <td>Regular expression that matches the IP addresses of trusted proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will appear in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPTrustedProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link
java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
* <td> </td>
* </tr>
* <tr>
@@ -174,16 +179,20 @@ import org.apache.juli.logging.LogFactor
* <filter-name>RemoteIpFilter</filter-name>
*
<filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- *
<param-name>internalProxies</param-name><param-value>192\.168\.0\.10,
192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- *
<param-name>protocolHeader</param-name><param-value>x-forwarded-proto</param-value>
+ * <param-name>protocolHeader</param-name>
+ * <param-value>x-forwarded-proto</param-value>
* </init-param>
* </filter>
*
@@ -251,16 +260,20 @@ import org.apache.juli.logging.LogFactor
* <filter-name>RemoteIpFilter</filter-name>
*
<filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- *
<param-name>internalProxies</param-name><param-value>192\.168\.0\.10,
192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- *
<param-name>trustedProxies</param-name><param-value>proxy1,
proxy2</param-value>
+ * <param-name>trustedProxies</param-name>
+ * <param-value>proxy1|proxy2</param-value>
* </init-param>
* </filter>
*
@@ -308,16 +321,20 @@ import org.apache.juli.logging.LogFactor
* <filter-name>RemoteIpFilter</filter-name>
*
<filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- *
<param-name>internalProxies</param-name><param-value>192\.168\.0\.10,
192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- *
<param-name>trustedProxies</param-name><param-value>proxy1,
proxy2</param-value>
+ * <param-name>trustedProxies</param-name>
+ * <param-value>proxy1|proxy2</param-value>
* </init-param>
* </filter>
*
@@ -366,16 +383,20 @@ import org.apache.juli.logging.LogFactor
* <filter-name>RemoteIpFilter</filter-name>
*
<filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class>
* <init-param>
- *
<param-name>internalProxies</param-name><param-value>192\.168\.0\.10,
192\.168\.0\.11</param-value>
+ * <param-name>internalProxies</param-name>
+ * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value>
+ * <param-name>remoteIpHeader</param-name>
+ * <param-value>x-forwarded-for</param-value>
* </init-param>
* <init-param>
- *
<param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value>
+ * <param-name>remoteIpProxiesHeader</param-name>
+ * <param-value>x-forwarded-by</param-value>
* </init-param>
* <init-param>
- *
<param-name>trustedProxies</param-name><param-value>proxy1,
proxy2</param-value>
+ * <param-name>trustedProxies</param-name>
+ * <param-value>proxy1|proxy2</param-value>
* </init-param>
* </filter>
*
@@ -892,7 +913,7 @@ public class RemoteIpFilter implements F
/**
* <p>
- * Regular expressions that defines the internal proxies.
+ * Regular expression that defines the internal proxies.
* </p>
* <p>
* Default value :
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1059398&r1=1059397&r2=1059398&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Sat Jan 15
19:33:06 2011
@@ -81,10 +81,13 @@ import org.apache.juli.logging.LogFactor
* </tr>
* <tr>
* <td>internalProxies</td>
- * <td>List of internal proxies ip adress. If they appear in the
<code>remoteIpHeader</code> value, they will be trusted and will not appear
+ * <td>Regular expression that matches the IP addresses of internal proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will not appear
* in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPInternalProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link
java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
*
<td>10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}<br/>
* By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12
has not been enabled by default because it is complex to
* describe with regular expressions</td>
@@ -100,10 +103,12 @@ import org.apache.juli.logging.LogFactor
* </tr>
* <tr>
* <td>trustedProxies</td>
- * <td>List of trusted proxies ip adress. If they appear in the
<code>remoteIpHeader</code> value, they will be trusted and will appear
- * in the <code>proxiesHeader</code> value</td>
+ * <td>Regular expression that matches the IP addresses of trusted proxies.
+ * If they appear in the <code>remoteIpHeader</code> value, they will be
+ * trusted and will appear in the <code>proxiesHeader</code> value</td>
* <td>RemoteIPTrustedProxy</td>
- * <td>Regular expression (in the syntax supported by the {@link
java.util.regex.Pattern} library)</td>
+ * <td>Regular expression (in the syntax supported by
+ * {@link java.util.regex.Pattern java.util.regex})</td>
* <td> </td>
* </tr>
* <tr>
@@ -158,7 +163,7 @@ import org.apache.juli.logging.LogFactor
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
* protocolHeader="x-forwarded-proto"
@@ -220,10 +225,10 @@ import org.apache.juli.logging.LogFactor
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
- * trustedProxies="proxy1, proxy2"
+ * trustedProxies="proxy1|proxy2"
* /></pre></code>
* <p>
* Request values:
@@ -262,10 +267,10 @@ import org.apache.juli.logging.LogFactor
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
- * trustedProxies="proxy1, proxy2"
+ * trustedProxies="proxy1|proxy2"
* /></pre></code>
* <p>
* Request values:
@@ -305,10 +310,10 @@ import org.apache.juli.logging.LogFactor
* <code><pre>
* <Valve
* className="org.apache.catalina.valves.RemoteIpValve"
- * internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ * internalProxies="192\.168\.0\.10|192\.168\.0\.11"
* remoteIpHeader="x-forwarded-for"
* remoteIpProxiesHeader="x-forwarded-by"
- * trustedProxies="proxy1, proxy2"
+ * trustedProxies="proxy1|proxy2"
* /></pre></code>
* <p>
* Request values:
@@ -449,7 +454,7 @@ public class RemoteIpValve extends Valve
/**
* @see #setInternalProxies(String)
- * @return comma delimited list of internal proxies
+ * @return Regular expression that defines the internal proxies
*/
public String getInternalProxies() {
if (internalProxies == null) {
@@ -492,7 +497,7 @@ public class RemoteIpValve extends Valve
/**
* @see #setTrustedProxies(String)
- * @return comma delimited list of trusted proxies
+ * @return Regular expression that defines the trusted proxies
*/
public String getTrustedProxies() {
if (trustedProxies == null) {
@@ -643,7 +648,7 @@ public class RemoteIpValve extends Valve
/**
* <p>
- * Regular expressions that defines the internal proxies.
+ * Regular expression that defines the internal proxies.
* </p>
* <p>
* Default value :
10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
Modified: tomcat/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml?rev=1059398&r1=1059397&r2=1059398&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml
(original)
+++ tomcat/trunk/java/org/apache/catalina/valves/mbeans-descriptors.xml Sat Jan
15 19:33:06 2011
@@ -355,7 +355,7 @@
writeable="false"/>
<attribute name="internalProxies"
- description="Comma delimited list of internal proxies"
+ description="Regular expression that matches IP addresses of
internal proxies"
type="java.lang.String"
writeable="false" />
@@ -385,7 +385,7 @@
writeable="false"/>
<attribute name="trustedProxies"
- description="Comma delimited list of trusted proxies"
+ description="Regular expression that matches IP addresses of
trusted proxies"
type="java.lang.String"
writeable="false" />
Modified: tomcat/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java?rev=1059398&r1=1059397&r2=1059398&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java
(original)
+++ tomcat/trunk/test/org/apache/catalina/filters/TestRemoteIpFilter.java Sat
Jan 15 19:33:06 2011
@@ -215,8 +215,8 @@ public class TestRemoteIpFilter extends
public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws
Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
- filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10,
192\\.168\\.0\\.11");
- filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+ filterDef.addInitParameter("internalProxies",
"192\\.168\\.0\\.10|192\\.168\\.0\\.11");
+ filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
@@ -247,7 +247,7 @@ public class TestRemoteIpFilter extends
// PREPARE
FilterDef filterDef = new FilterDef();
filterDef.addInitParameter("internalProxies",
"192\\.168\\.0\\.10|192\\.168\\.0\\.11");
- filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+ filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
@@ -375,8 +375,8 @@ public class TestRemoteIpFilter extends
public void testInvokeNotAllowedRemoteAddr() throws Exception {
// PREPARE
FilterDef filterDef = new FilterDef();
- filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10,
192\\.168\\.0\\.11");
- filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+ filterDef.addInitParameter("internalProxies",
"192\\.168\\.0\\.10|192\\.168\\.0\\.11");
+ filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
Modified: tomcat/trunk/webapps/docs/config/filter.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/filter.xml?rev=1059398&r1=1059397&r2=1059398&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/filter.xml (original)
+++ tomcat/trunk/webapps/docs/config/filter.xml Sat Jan 15 19:33:06 2011
@@ -796,7 +796,7 @@ FINE: Request "/docs/config/manager.html
</init-param>
<init-param>
<param-name>trustedProxies</param-name>
- <param-value>proxy1, proxy2</param-value>
+ <param-value>proxy1|proxy2</param-value>
</init-param>
</filter>
</source>
@@ -851,7 +851,7 @@ FINE: Request "/docs/config/manager.html
</init-param>
<init-param>
<param-name>trustedProxies</param-name>
- <param-value>proxy1, proxy2</param-value>
+ <param-value>proxy1|proxy2</param-value>
</init-param>
</filter>
</source>
@@ -909,7 +909,7 @@ FINE: Request "/docs/config/manager.html
</init-param>
<init-param>
<param-name>trustedProxies</param-name>
- <param-value>proxy1, proxy2</param-value>
+ <param-value>proxy1|proxy2</param-value>
</init-param>
</filter>
</source>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
