You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by am...@apache.org on 2003/02/11 04:34:44 UTC
cvs commit: jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve RemoteAddrValveForm.java RemoteHostValveForm.java ValveUtil.java
amyroh 2003/02/10 19:34:43
Modified: webapps/admin build.xml
webapps/admin/WEB-INF/classes/org/apache/webapp/admin
ApplicationResources_en.properties
ApplicationResources_es.properties
webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve
RemoteAddrValveForm.java RemoteHostValveForm.java
ValveUtil.java
Log:
Port change.
Revision Changes Path
1.7 +8 -0 jakarta-tomcat-catalina/webapps/admin/build.xml
Index: build.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/admin/build.xml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- build.xml 28 Jan 2003 16:37:20 -0000 1.6
+++ build.xml 11 Feb 2003 03:34:43 -0000 1.7
@@ -29,6 +29,7 @@
<pathelement location="${struts.jar}"/>
<pathelement location="${commons-beanutils.jar}"/>
<pathelement location="${commons-digester.jar}"/>
+ <pathelement location="${regexp.jar}"/>
</path>
@@ -72,6 +73,9 @@
<available property="beanutils.present"
classname="org.apache.commons.beanutils.PropertyUtils"
classpath="${common-beanutils.jar}" />
+ <available property="regexp.present"
+ classname="org.apache.regexp.RE"
+ classpath="${regexp.jar}" />
<!-- JAR files availability flags -->
@@ -81,6 +85,7 @@
<available property="jsp-api.jar.present" file="${jsp-api.jar}" />
<available property="struts.jar.present" file="${struts.jar}" />
<available property="beanutils.jar.present" file="${commons-beanutils.jar}" />
+ <available property="regexp.jar.present" file="${regexp.jar}" />
<!-- Conditional compilation flags (determined from the flags above) -->
<condition property="compile.admin">
@@ -90,6 +95,7 @@
<equals arg1="${struts.present}" arg2="true" />
<equals arg1="${jmx.present}" arg2="true" />
<equals arg1="${modeler.present}" arg2="true" />
+ <equals arg1="${regexp.present}" arg2="true" />
<available file="${struts.lib}/struts-bean.tld" />
<available file="${struts.lib}/struts-html.tld" />
<available file="${struts.lib}/struts-logic.tld" />
@@ -136,6 +142,7 @@
<echo message="modeler.present=${modeler.present}" />
<echo message="servlet.present=${servlet.present}" />
<echo message="jsp.present=${jsp.present}" />
+ <echo message="regexp.present=${regexp.present}" />
<echo message="--- Required JARs ---" />
<echo message="jmx.jar.present=${jmx.jar.present}" />
@@ -144,6 +151,7 @@
<echo message="jsp-api.jar.present=${jsp-api.jar.present}" />
<echo message="struts.jar.present=${struts.jar.present}" />
<echo message="beanutils.jar.present=${beanutils.jar.present}" />
+ <echo message="regexp.jar.present=${regexp.jar.present}" />
<echo message="--- Optional JARs ---" />
1.9 +6 -0 jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources_en.properties
Index: ApplicationResources_en.properties
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources_en.properties,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- ApplicationResources_en.properties 23 Jan 2003 00:07:07 -0000 1.8
+++ ApplicationResources_en.properties 11 Feb 2003 03:34:43 -0000 1.9
@@ -253,6 +253,12 @@
valve.denyHosts=Deny these Hosts
valve.allowIPs=Allow IP addresses
valve.denyIPs=Deny IP addresses
+error.allowHost=<li>Allow is invalid. Need to include the admin's Hostname.</li>
+error.denyHost=<li>Deny is invalid. Need to exclude the admin's Hostname.</li>
+error.allowIP=<li>Allow is invalid. Need to include the admin's IP address.</li>
+error.denyIP=<li>Deny is invalid. Need to exclude the admin's IP address.</li>
+error.allow.deny.required=<li>Allow or deny is required.</li>
+error.syntax=<li>Syntax error in request filter pattern.</li>
error.resource.required=<li>Resource Name is required.</li>
error.resource.javaprefix=<li>Resource must have "java:" prefix.</li>
error.pathName.required=<li>Path Name is required.</li>
1.9 +6 -0 jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources_es.properties
Index: ApplicationResources_es.properties
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources_es.properties,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- ApplicationResources_es.properties 23 Jan 2003 00:07:07 -0000 1.8
+++ ApplicationResources_es.properties 11 Feb 2003 03:34:43 -0000 1.9
@@ -252,6 +252,12 @@
valve.denyHosts=Niegue estos Hosts
valve.allowIPs=Permitir estas direcciones IP
valve.denyIPs=Rechazar estas direcciones IP
+error.allowHost=<li>Permita es inv�lido. Necesidad de incluir el hostname del admin.</li>
+error.denyHost=<li>Niegue es inv�lido. Necesidad de excluir el hostname del admin.</li>
+error.allowIP=<li>Permita es inv�lido. Necesidad de incluir el IP ADDRESS del admin.</li>
+error.denyIP=<li>Niegue es inv�lido. Necesidad de excluir el IP ADDRESS del admin.</li>
+error.allow.deny.required=<li>Permita o niegue se requiere.</li>
+error.syntax=<li>Error del sintaxis en patr�n del filtro de la petici�n.</li>
error.resource.required=<li>Se requiere el nombre del recurso.</li>
error.resource.javaprefix=<li>El recurso debe tener prefijo de "java:"</li>
error.pathName.required=<li>Se requiere el nombre del path.</li>
1.2 +82 -10 jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve/RemoteAddrValveForm.java
Index: RemoteAddrValveForm.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve/RemoteAddrValveForm.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- RemoteAddrValveForm.java 18 Jul 2002 16:48:28 -0000 1.1
+++ RemoteAddrValveForm.java 11 Feb 2003 03:34:43 -0000 1.2
@@ -61,13 +61,16 @@
package org.apache.webapp.admin.valve;
+import java.lang.IllegalArgumentException;
+import java.net.InetAddress;
+import java.util.List;
import javax.servlet.http.HttpServletRequest;
+import org.apache.regexp.RE;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
-import java.net.InetAddress;
-import java.util.List;
+
import org.apache.webapp.admin.ApplicationServlet;
import org.apache.webapp.admin.LabelValueBean;
@@ -83,6 +86,7 @@
// ----------------------------------------------------- Instance Variables
+
/**
* The text for the allow IP addresses.
* A comma-separated list of regular expression patterns
@@ -94,6 +98,17 @@
* The text for the deny IP addresses.
*/
private String deny = "";
+
+ /**
+ * The set of <code>allow</code> regular expressions we will evaluate.
+ */
+ private RE allows[] = new RE[0];
+
+ /**
+ * The set of <code>deny</code> regular expressions we will evaluate.
+ */
+ private RE denies[] = new RE[0];
+
// ------------------------------------------------------------- Properties
@@ -135,6 +150,7 @@
// --------------------------------------------------------- Public Methods
+
/**
* Reset all properties to their default values.
*
@@ -146,6 +162,8 @@
super.reset(mapping, request);
this.allow = null;
this.deny = null;
+ this.allows = null;
+ this.denies = null;
}
@@ -188,10 +206,64 @@
String submit = request.getParameter("submit");
// front end validation when save is clicked.
- if (submit != null) {
- // validate allow/deny patterns?
- }
-
+ if (submit != null) {
+ // validate allow/deny patterns
+ if ((allow == null) || (allow.length() < 1)) {
+ if ((deny == null) || (deny.length() < 1)) {
+ errors.add("allow",
+ new ActionError("error.allow.deny.required"));
+ }
+ }
+ }
+
+ try {
+ allows = ValveUtil.precalculate(allow);
+ } catch (IllegalArgumentException e) {
+ errors.add("allow", new ActionError("error.syntax"));
+ return errors;
+ }
+
+ try {
+ denies = ValveUtil.precalculate(deny);
+ } catch (IllegalArgumentException e) {
+ errors.add("allow", new ActionError("error.syntax"));
+ return errors;
+ }
+
+ String ip = request.getRemoteAddr();
+
+ if (ip == null) {
+ return errors;
+ }
+
+ for (int i = 0; i < denies.length; i++) {
+ if (denies[i].match("127.0.0.1")) {
+ errors.add("deny",
+ new ActionError("error.denyIP"));
+ }
+ if (denies[i].match(ip)) {
+ for (int j = 0; j < allows.length; j++) {
+ if (!allows[j].match(ip)) {
+ errors.add("deny",
+ new ActionError("error.denyIP"));
+ }
+ }
+ }
+ }
+
+ boolean allowMatch = true;
+ if (allows.length > 0) {
+ allowMatch = false;
+ }
+ for (int i = 0; i < allows.length; i++) {
+ if (allows[i].match(ip)) {
+ allowMatch = true;
+ }
+ }
+ if (!allowMatch) {
+ errors.add("allow", new ActionError("error.allowIP"));
+ }
+
return errors;
}
}
1.2 +94 -8 jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve/RemoteHostValveForm.java
Index: RemoteHostValveForm.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve/RemoteHostValveForm.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- RemoteHostValveForm.java 18 Jul 2002 16:48:28 -0000 1.1
+++ RemoteHostValveForm.java 11 Feb 2003 03:34:43 -0000 1.2
@@ -61,13 +61,16 @@
package org.apache.webapp.admin.valve;
+import java.lang.IllegalArgumentException;
+import java.net.InetAddress;
+import java.util.List;
import javax.servlet.http.HttpServletRequest;
+
+import org.apache.regexp.RE;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
-import java.net.InetAddress;
-import java.util.List;
import org.apache.webapp.admin.ApplicationServlet;
import org.apache.webapp.admin.LabelValueBean;
@@ -83,6 +86,7 @@
// ----------------------------------------------------- Instance Variables
+
/**
* The text for the allow hosts IP addresses.
* A comma-separated list of regular expression patterns
@@ -95,6 +99,17 @@
*/
private String deny = "";
+ /**
+ * The set of <code>allow</code> regular expressions we will evaluate.
+ */
+ private RE allows[] = new RE[0];
+
+ /**
+ * The set of <code>deny</code> regular expressions we will evaluate.
+ */
+ private RE denies[] = new RE[0];
+
+
// ------------------------------------------------------------- Properties
/**
@@ -146,6 +161,8 @@
super.reset(mapping, request);
this.allow = null;
this.deny = null;
+ this.allows = null;
+ this.denies = null;
}
@@ -188,10 +205,79 @@
String submit = request.getParameter("submit");
// front end validation when save is clicked.
- if (submit != null) {
+ if (submit != null) {
// TBD
// validate allow/deny IPs
- }
+ if ((allow == null) || (allow.length() < 1)) {
+ if ((deny == null) || (deny.length() < 1)) {
+ errors.add("allow",
+ new ActionError("error.allow.deny.required"));
+ }
+ }
+ }
+
+ try {
+ allows = ValveUtil.precalculate(allow);
+ } catch (IllegalArgumentException e) {
+ errors.add("allow", new ActionError("error.syntax"));
+ return errors;
+ }
+
+ try {
+ denies = ValveUtil.precalculate(deny);
+ } catch (IllegalArgumentException e) {
+ errors.add("allow", new ActionError("error.syntax"));
+ return errors;
+ }
+
+ String host = request.getRemoteHost();
+ // check for IP address also in case DNS is not configured
+ // to give a host name for the client machine
+ String ip = request.getRemoteAddr();
+
+ if (host == null) {
+ return errors;
+ }
+
+ for (int i = 0; i < denies.length; i++) {
+ if (denies[i].match("localhost") ||
+ denies[i].match("127.0.0.1")) {
+ errors.add("deny",
+ new ActionError("error.denyHost"));
+ }
+ if (denies[i].match(host)) {
+ for (int j = 0; j < allows.length; j++) {
+ if (!allows[j].match(host)) {
+ errors.add("deny",
+ new ActionError("error.denyHost"));
+ }
+ }
+ } else if (denies[i].match(ip)) {
+ for (int j = 0; j < allows.length; j++) {
+ if (!allows[j].match(ip)) {
+ errors.add("deny",
+ new ActionError("error.denyHost"));
+ }
+ }
+ }
+ }
+
+ boolean allowMatch = true;
+
+ if ((allows != null) && (allows.length > 0)) {
+ allowMatch = false;
+ }
+
+ for (int i = 0; i < allows.length; i++) {
+ if (allows[i].match(host)) {
+ allowMatch = true;
+ }
+ }
+
+ if (!allowMatch) {
+ errors.add("allow", new ActionError("error.allowHost"));
+ }
+
return errors;
}
1.3 +52 -7 jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve/ValveUtil.java
Index: ValveUtil.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve/ValveUtil.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- ValveUtil.java 10 Feb 2003 04:27:10 -0000 1.2
+++ ValveUtil.java 11 Feb 2003 03:34:43 -0000 1.3
@@ -62,6 +62,7 @@
package org.apache.webapp.admin.valve;
import java.net.URLEncoder;
+import java.util.ArrayList;
import java.util.Iterator;
import java.util.Locale;
import java.io.IOException;
@@ -77,6 +78,8 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.regexp.RE;
+import org.apache.regexp.RESyntaxException;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
@@ -133,7 +136,7 @@
String operation = null;
String values[] = null;
String vObjectName = null;
-
+
try {
String objectName = DeleteLoggerAction.getObjectName(parent,
@@ -158,8 +161,7 @@
servlet.log(message);
response.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
return (null);
- }
-
+ }
// Ensure that the requested valve name is unique
// TBD -- do we need this check?
@@ -188,6 +190,7 @@
operation = "create" + valveType;
if ("AccessLogValve".equalsIgnoreCase(valveType))
operation = "createAccessLoggerValve";
+
vObjectName = (String)
mBServer.invoke(fname, operation, values, createStandardValveTypes);
@@ -238,4 +241,46 @@
session.removeAttribute(mapping.getAttribute());
return vObjectName;
}
+
+
+ /**
+ * Return an array of regular expression objects initialized from the
+ * specified argument, which must be <code>null</code> or a comma-delimited
+ * list of regular expression patterns.
+ *
+ * @param list The comma-separated list of patterns
+ *
+ * @exception IllegalArgumentException if one of the patterns has
+ * invalid syntax
+ */
+ public static RE[] precalculate(String list)
+ throws IllegalArgumentException {
+
+ if (list == null)
+ return (new RE[0]);
+ list = list.trim();
+ if (list.length() < 1)
+ return (new RE[0]);
+ list += ",";
+
+ ArrayList reList = new ArrayList();
+ while (list.length() > 0) {
+ int comma = list.indexOf(',');
+ if (comma < 0)
+ break;
+ String pattern = list.substring(0, comma).trim();
+ try {
+ reList.add(new RE(pattern));
+ } catch (RESyntaxException e) {
+ throw new IllegalArgumentException
+ ("Syntax error in request filter pattern");
+ }
+ list = list.substring(comma + 1);
+ }
+
+ RE reArray[] = new RE[reList.size()];
+ return ((RE[]) reList.toArray(reArray));
+
+ }
+
}
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org