You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2018/07/20 17:43:52 UTC
knox git commit: KNOX-1395 - Change Derived Whitelist logic to not
use InetAddress of Localhost for getting Hostname
Repository: knox
Updated Branches:
refs/heads/v1.1.0 9afff79ca -> dd49dca59
KNOX-1395 - Change Derived Whitelist logic to not use InetAddress of Localhost for getting Hostname
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/dd49dca5
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/dd49dca5
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/dd49dca5
Branch: refs/heads/v1.1.0
Commit: dd49dca59d9394cd601197fd53d28b293a088d0f
Parents: 9afff79
Author: Larry McCay <lm...@apache.org>
Authored: Fri Jul 20 13:43:43 2018 -0400
Committer: Larry McCay <lm...@apache.org>
Committed: Fri Jul 20 13:43:43 2018 -0400
----------------------------------------------------------------------
CHANGES | 1 +
.../apache/knox/gateway/util/WhitelistUtils.java | 9 ---------
.../knox/gateway/util/WhitelistUtilsTest.java | 16 ++++------------
3 files changed, 5 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/dd49dca5/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 8843763..24641d6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -11,6 +11,7 @@ Release Notes - Apache Knox - Version 1.1.0
[KNOX-1040] - Initial changes to support simple descriptors and provider configurations in the Admin UI.
** Improvement
+ [KNOX-1395] - Change Derived Whitelist logic to not use InetAddress of Localhost for getting Hostname
[KNOX-1394] - OOTB gateway-site.xml to Default to Demo Whitelist Scenario
[KNOX-1381] - Fix logging
[KNOX-1378] - Declare SSO params using KnoxSSO service option knoxsso.expected.params
http://git-wip-us.apache.org/repos/asf/knox/blob/dd49dca5/gateway-spi/src/main/java/org/apache/knox/gateway/util/WhitelistUtils.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/util/WhitelistUtils.java b/gateway-spi/src/main/java/org/apache/knox/gateway/util/WhitelistUtils.java
index cd3013e..7e58c0e 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/util/WhitelistUtils.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/util/WhitelistUtils.java
@@ -75,15 +75,6 @@ public class WhitelistUtils {
// Check first for the X-Forwarded-Host header, and use it to determine the domain
String domain = getDomain(request.getHeader("X-Forwarded-Host"));
- // If the domain could not be derived from the X-Forwarded-Host header value, then use the localhost FQDN
- if (domain == null) {
- try {
- domain = getDomain(InetAddress.getLocalHost().getCanonicalHostName());
- } catch (UnknownHostException e) {
- //
- }
- }
-
// If a domain has still not yet been determined, try the requested host name
String requestedHost = null;
http://git-wip-us.apache.org/repos/asf/knox/blob/dd49dca5/gateway-spi/src/test/java/org/apache/knox/gateway/util/WhitelistUtilsTest.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/test/java/org/apache/knox/gateway/util/WhitelistUtilsTest.java b/gateway-spi/src/test/java/org/apache/knox/gateway/util/WhitelistUtilsTest.java
index b293a44..37d7d5c 100644
--- a/gateway-spi/src/test/java/org/apache/knox/gateway/util/WhitelistUtilsTest.java
+++ b/gateway-spi/src/test/java/org/apache/knox/gateway/util/WhitelistUtilsTest.java
@@ -20,17 +20,13 @@ import org.apache.knox.gateway.config.GatewayConfig;
import org.easymock.EasyMock;
import org.junit.Test;
-import javax.annotation.RegEx;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
-import java.net.InetAddress;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
-import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
@@ -65,12 +61,12 @@ public class WhitelistUtilsTest {
// Check localhost by name
String whitelist = doTestGetDispatchWhitelist(config, serviceRole);
assertNotNull(whitelist);
- assertEquals(shouldExpectLocalhost(), whitelist.contains("localhost"));
+ assertTrue("Expected whitelist to contain 'localhost' but was: " + whitelist, whitelist.contains("localhost"));
// Check localhost by loopback address
whitelist = doTestGetDispatchWhitelist(config, "127.0.0.1", serviceRole);
assertNotNull(whitelist);
- assertEquals(shouldExpectLocalhost(), whitelist.contains("localhost"));
+ assertTrue("Expected whitelist to contain 'localhost' but was: " + whitelist, whitelist.contains("localhost"));
}
@Test
@@ -154,12 +150,8 @@ public class WhitelistUtilsTest {
doTestGetDispatchWhitelist(createMockGatewayConfig(Collections.singletonList(serviceRole), WHITELIST),
serviceRole);
assertNotNull(whitelist);
- assertEquals(shouldExpectLocalhost(),
- RegExUtils.checkWhitelist(whitelist, "http://localhost:9099/"));
- }
-
- private static boolean shouldExpectLocalhost() throws Exception {
- return InetAddress.getLocalHost().getCanonicalHostName().equalsIgnoreCase("localhost");
+ assertTrue("Expected to match whitelist given the explicitly configured DEFAULT whitelist.",
+ RegExUtils.checkWhitelist(whitelist, "http://localhost:9099/"));
}
private String doTestGetDispatchWhitelist(GatewayConfig config, String serviceRole) {