You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2019/11/26 10:46:39 UTC

[syncope] branch master updated: [SYNCOPE-1518] Conditionally enabling Wicket's XForwardedRequestWrapperFactory

This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/master by this push:
     new 88c7f73  [SYNCOPE-1518] Conditionally enabling Wicket's XForwardedRequestWrapperFactory
88c7f73 is described below

commit 88c7f73e154a2de4bd6653c715528135e4a13274
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Tue Nov 26 11:29:21 2019 +0100

    [SYNCOPE-1518] Conditionally enabling Wicket's XForwardedRequestWrapperFactory
---
 .../org/apache/syncope/client/console/SyncopeWebApplication.java     | 5 +++++
 client/idrepo/console/src/main/resources/console.properties          | 1 +
 .../org/apache/syncope/client/enduser/SyncopeWebApplication.java     | 5 +++++
 client/idrepo/enduser/src/main/resources/enduser.properties          | 1 +
 fit/console-reference/src/main/resources/console.properties          | 1 +
 fit/core-reference/src/test/resources/console.properties             | 1 +
 fit/core-reference/src/test/resources/enduser.properties             | 1 +
 fit/enduser-reference/src/main/resources/enduser.properties          | 1 +
 8 files changed, 16 insertions(+)

diff --git a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
index 41f69d9..0b1cdb7 100644
--- a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
+++ b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/SyncopeWebApplication.java
@@ -49,6 +49,7 @@ import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
 import org.apache.wicket.authroles.authorization.strategies.role.metadata.MetaDataRoleAuthorizationStrategy;
 import org.apache.wicket.markup.html.WebPage;
 import org.apache.wicket.protocol.http.WebApplication;
+import org.apache.wicket.protocol.http.servlet.XForwardedRequestWrapperFactory;
 import org.apache.wicket.protocol.ws.WebSocketAwareCsrfPreventionRequestCycleListener;
 import org.apache.wicket.protocol.ws.api.WebSocketResponse;
 import org.apache.wicket.request.cycle.RequestCycle;
@@ -248,6 +249,10 @@ public class SyncopeWebApplication extends WicketBootSecuredWebApplication {
             }
         });
 
+        if (BooleanUtils.toBoolean(props.getProperty("x-forward"))) {
+            getFilterFactoryManager().add(new XForwardedRequestWrapperFactory());
+        }
+
         if (BooleanUtils.toBoolean(props.getProperty("csrf"))) {
             getRequestCycleListeners().add(new WebSocketAwareCsrfPreventionRequestCycleListener());
         }
diff --git a/client/idrepo/console/src/main/resources/console.properties b/client/idrepo/console/src/main/resources/console.properties
index c68e3ba..06c08b9 100644
--- a/client/idrepo/console/src/main/resources/console.properties
+++ b/client/idrepo/console/src/main/resources/console.properties
@@ -43,6 +43,7 @@ topology.corePoolSize=10
 topology.maxPoolSize=20
 topology.queueCapacity=50
 
+x-forward=true
 csrf=true
 
 security.headers.X-XSS-Protection=1; mode=block
diff --git a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
index 63b6654..1794cb5 100644
--- a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
+++ b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeWebApplication.java
@@ -66,6 +66,7 @@ import org.apache.wicket.markup.html.IHeaderContributor;
 import org.apache.wicket.markup.html.WebPage;
 import org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener;
 import org.apache.wicket.protocol.http.WebApplication;
+import org.apache.wicket.protocol.http.servlet.XForwardedRequestWrapperFactory;
 import org.apache.wicket.request.Request;
 import org.apache.wicket.request.Response;
 import org.apache.wicket.request.component.IRequestablePage;
@@ -299,6 +300,10 @@ public class SyncopeWebApplication extends WicketBootStandardWebApplication {
 
         });
 
+        if (BooleanUtils.toBoolean(props.getProperty("x-forward"))) {
+            getFilterFactoryManager().add(new XForwardedRequestWrapperFactory());
+        }
+
         if (BooleanUtils.toBoolean(props.getProperty("csrf"))) {
             getRequestCycleListeners().add(new CsrfPreventionRequestCycleListener());
         }
diff --git a/client/idrepo/enduser/src/main/resources/enduser.properties b/client/idrepo/enduser/src/main/resources/enduser.properties
index 27e3053..1d62418 100644
--- a/client/idrepo/enduser/src/main/resources/enduser.properties
+++ b/client/idrepo/enduser/src/main/resources/enduser.properties
@@ -22,6 +22,7 @@ adminUser=${adminUser}
 useGZIPCompression=true
 maxUploadFileSizeMB=5
 
+x-forward=true
 captcha=true
 csrf=true
 
diff --git a/fit/console-reference/src/main/resources/console.properties b/fit/console-reference/src/main/resources/console.properties
index 0b51e78..c8ece6f 100644
--- a/fit/console-reference/src/main/resources/console.properties
+++ b/fit/console-reference/src/main/resources/console.properties
@@ -43,6 +43,7 @@ topology.corePoolSize=50
 topology.maxPoolSize=100
 topology.queueCapacity=10
 
+x-forward=true
 csrf=true
 
 security.headers.X-XSS-Protection=1; mode=block
diff --git a/fit/core-reference/src/test/resources/console.properties b/fit/core-reference/src/test/resources/console.properties
index 0c6250c..2162ddb 100644
--- a/fit/core-reference/src/test/resources/console.properties
+++ b/fit/core-reference/src/test/resources/console.properties
@@ -43,6 +43,7 @@ executor.corePoolSize=50
 executor.maxPoolSize=100
 executor.queueCapacity=10
 
+x-forward=true
 csrf=false
 
 security.headers.X-XSS-Protection=1; mode=block
diff --git a/fit/core-reference/src/test/resources/enduser.properties b/fit/core-reference/src/test/resources/enduser.properties
index fc07dfa..6c48a20 100644
--- a/fit/core-reference/src/test/resources/enduser.properties
+++ b/fit/core-reference/src/test/resources/enduser.properties
@@ -21,6 +21,7 @@ anonymousKey=${anonymousKey}
 adminUser=${adminUser}
 useGZIPCompression=true
 
+x-forward=true
 captcha=false
 csrf=false
 
diff --git a/fit/enduser-reference/src/main/resources/enduser.properties b/fit/enduser-reference/src/main/resources/enduser.properties
index 27e3053..1d62418 100644
--- a/fit/enduser-reference/src/main/resources/enduser.properties
+++ b/fit/enduser-reference/src/main/resources/enduser.properties
@@ -22,6 +22,7 @@ adminUser=${adminUser}
 useGZIPCompression=true
 maxUploadFileSizeMB=5
 
+x-forward=true
 captcha=true
 csrf=true