You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by is...@apache.org on 2023/05/22 04:34:57 UTC
[tomcat] branch 10.1.x updated: Added unit test for RemoteCIDRFilter
This is an automated email from the ASF dual-hosted git repository.
isapir pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 41a57ed90e Added unit test for RemoteCIDRFilter
41a57ed90e is described below
commit 41a57ed90ef6f26ba298301afd7ad4bb9703cce5
Author: Igal Sapir <is...@apache.org>
AuthorDate: Sun May 21 21:34:44 2023 -0700
Added unit test for RemoteCIDRFilter
---
.../catalina/filters/TestRemoteCIDRFilter.java | 185 +++++++++++++++++++++
.../catalina/filters/TestRemoteIpFilter.java | 5 +
2 files changed, 190 insertions(+)
diff --git a/test/org/apache/catalina/filters/TestRemoteCIDRFilter.java b/test/org/apache/catalina/filters/TestRemoteCIDRFilter.java
new file mode 100644
index 0000000000..96370a5f04
--- /dev/null
+++ b/test/org/apache/catalina/filters/TestRemoteCIDRFilter.java
@@ -0,0 +1,185 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.catalina.filters;
+
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletResponse;
+import org.apache.catalina.Context;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.startup.Tomcat;
+import org.apache.catalina.startup.TomcatBaseTest;
+import org.apache.tomcat.unittest.TesterResponse;
+import org.apache.tomcat.unittest.TesterServletContext;
+import org.apache.tomcat.util.descriptor.web.FilterDef;
+import org.apache.tomcat.util.descriptor.web.FilterMap;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.Map;
+
+public class TestRemoteCIDRFilter extends TomcatBaseTest {
+
+ @Test
+ public void testAllowOnly() throws Exception {
+ Tomcat tomcat = getTomcatInstance();
+ Context root = tomcat.addContext("", TEMP_DIR);
+ tomcat.start();
+
+ TestRemoteIpFilter.MockFilterChain filterChain = new TestRemoteIpFilter.MockFilterChain();
+
+ FilterDef filterDef = new FilterDef();
+ filterDef.addInitParameter("allow", "192.168.10.0/24, 192.168.20.0/24");
+ Filter filter = createTestFilter(filterDef, RemoteCIDRFilter.class, root, "*");
+
+ String ipAddr;
+ Request request;
+ TesterResponse response;
+ int expected;
+
+ for (int i=0; i < 256; i++) {
+ for (int j=0; j < 256; j += 11) {
+ ipAddr = String.format("192.168.%s.%s", i, j);
+ request = new TestRemoteIpFilter.MockHttpServletRequest(ipAddr);
+ response = new TestRateLimitFilter.TesterResponseWithStatus();
+ expected = (i == 10 || i == 20) ? HttpServletResponse.SC_OK : HttpServletResponse.SC_FORBIDDEN;
+ filter.doFilter(request, response, filterChain);
+ Assert.assertEquals(expected, response.getStatus());
+ }
+ }
+ }
+
+ @Test
+ public void testDenyOnly() throws Exception {
+ Tomcat tomcat = getTomcatInstance();
+ Context root = tomcat.addContext("", TEMP_DIR);
+ tomcat.start();
+
+ TestRemoteIpFilter.MockFilterChain filterChain = new TestRemoteIpFilter.MockFilterChain();
+
+ FilterDef filterDef = new FilterDef();
+ filterDef.addInitParameter("deny", "192.168.10.0/24, 192.168.20.0/24");
+ Filter filter = createTestFilter(filterDef, RemoteCIDRFilter.class, root, "*");
+
+ String ipAddr;
+ Request request;
+ TesterResponse response;
+ int expected;
+
+ for (int i=0; i < 256; i++) {
+ for (int j=0; j < 256; j += 11) {
+ ipAddr = String.format("192.168.%s.%s", i, j);
+ request = new TestRemoteIpFilter.MockHttpServletRequest(ipAddr);
+ response = new TestRateLimitFilter.TesterResponseWithStatus();
+ expected = (i != 10 && i != 20) ? HttpServletResponse.SC_OK : HttpServletResponse.SC_FORBIDDEN;
+ filter.doFilter(request, response, filterChain);
+ Assert.assertEquals(expected, response.getStatus());
+ }
+ }
+ }
+
+ @Test
+ public void testAllowDeny() throws Exception {
+ Tomcat tomcat = getTomcatInstance();
+ Context root = tomcat.addContext("", TEMP_DIR);
+ tomcat.start();
+
+ TestRemoteIpFilter.MockFilterChain filterChain = new TestRemoteIpFilter.MockFilterChain();
+
+ FilterDef filterDef = new FilterDef();
+ filterDef.addInitParameter("allow", "10.10.0.0/16");
+ filterDef.addInitParameter("deny", "10.10.10.0/24, 10.10.20.0/24");
+ Filter filter = createTestFilter(filterDef, RemoteCIDRFilter.class, root, "*");
+
+ String ipAddr;
+ Request request;
+ TesterResponse response;
+ int expected;
+
+ for (int i=0; i < 256; i++) {
+ for (int j=0; j < 256; j += 11) {
+ ipAddr = String.format("10.10.%s.%s", i, j);
+ request = new TestRemoteIpFilter.MockHttpServletRequest(ipAddr);
+ response = new TestRateLimitFilter.TesterResponseWithStatus();
+ expected = (i != 10 && i != 20) ? HttpServletResponse.SC_OK : HttpServletResponse.SC_FORBIDDEN;
+ filter.doFilter(request, response, filterChain);
+ Assert.assertEquals(expected, response.getStatus());
+ }
+ }
+ }
+
+ private Filter createTestFilter(FilterDef filterDef, Class testFilterClass, Context root, String urlPattern) throws ServletException {
+
+ RemoteCIDRFilter remoteCIDRFilter = new RemoteCIDRFilter();
+
+ filterDef.setFilterClass(testFilterClass.getName());
+ filterDef.setFilterName(testFilterClass.getName());
+ filterDef.setFilter(remoteCIDRFilter);
+ root.addFilterDef(filterDef);
+
+ root.addFilterDef(filterDef);
+
+ FilterMap filterMap = new FilterMap();
+ filterMap.setFilterName(testFilterClass.getName());
+ filterMap.addURLPatternDecoded(urlPattern);
+ root.addFilterMap(filterMap);
+
+ FilterConfig filterConfig = generateFilterConfig(filterDef);
+
+ remoteCIDRFilter.init(filterConfig);
+
+ return remoteCIDRFilter;
+ }
+
+ private static FilterConfig generateFilterConfig(FilterDef filterDef) {
+
+ TesterServletContext mockServletContext = new TesterServletContext();
+ Map<String,String> parameters = filterDef.getParameterMap();
+
+ FilterConfig filterConfig = new FilterConfig() {
+
+ @Override
+ public String getFilterName() {
+ return filterDef.getFilterName();
+ }
+
+ @Override
+ public ServletContext getServletContext() {
+ return mockServletContext;
+ }
+
+ @Override
+ public String getInitParameter(String name) {
+
+ return parameters.get(name);
+ }
+
+ @Override
+ public Enumeration<String> getInitParameterNames() {
+ return Collections.enumeration(parameters.keySet());
+ }
+ };
+
+ return filterConfig;
+ }
+
+}
diff --git a/test/org/apache/catalina/filters/TestRemoteIpFilter.java b/test/org/apache/catalina/filters/TestRemoteIpFilter.java
index 8e9b2915bd..39fec8d49c 100644
--- a/test/org/apache/catalina/filters/TestRemoteIpFilter.java
+++ b/test/org/apache/catalina/filters/TestRemoteIpFilter.java
@@ -124,6 +124,11 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
setCoyoteRequest(new org.apache.coyote.Request());
}
+ public MockHttpServletRequest(String ipAddress) {
+ this();
+ this.setRemoteAddr(ipAddress);
+ }
+
public void setHeader(String name, String value) {
getCoyoteRequest().getMimeHeaders().setValue(name).setString(value);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org