integrati

Amila Jayasekara Wed, 21 Mar 2012 06:11:56 -0700

On Wed, Mar 21, 2012 at 6:35 PM, Afkham Azeez <[email protected]> wrote:
> Why did you consider 127.0.0.1 as an invalid remote address? Now we are
> getting stacktraces in integration tests due to this.


I am not considering 127.0.0.1 as an invalid address. But I have a
test case which tries to pass an invalid remote address. See
"testInvalidRemoteAddress" test in following commit. You may be seen
this due to this test case. But if you are getting this for normal
127.0.0.1, please let me know.

Thanks
AmilaJ

>
> On Tue, Mar 13, 2012 at 2:26 PM, <[email protected]> wrote:
>>
>> Author: amilaj
>> Date: Tue Mar 13 04:56:42 2012
>> New Revision: 122514
>> URL: http://wso2.org/svn/browse/wso2?view=rev&revision=122514
>>
>> Log:
>> Add code to validate remote address. Also added a test case
>>
>> Modified:
>>
>> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
>>
>> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
>>
>> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
>>
>> Modified:
>> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
>> URL:
>> http://wso2.org/svn/browse/wso2/carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java?rev=122514&r1=122513&r2=122514&view=diff
>>
>> ==============================================================================
>> ---
>> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
>>  (original)
>> +++
>> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
>>  Tue Mar 13 04:56:42 2012
>> @@ -42,10 +42,14 @@
>>  import javax.servlet.http.Cookie;
>>  import javax.servlet.http.HttpServletRequest;
>>  import javax.servlet.http.HttpSession;
>> +import java.net.InetAddress;
>> +import java.net.UnknownHostException;
>>  import java.text.SimpleDateFormat;
>>  import java.util.Calendar;
>>  import java.util.Date;
>>  import java.util.UUID;
>> +import java.util.regex.Matcher;
>> +import java.util.regex.Pattern;
>>
>>  /**
>>  * /**
>> @@ -63,6 +67,13 @@
>>     private static final int DEFAULT_PRIORITY_LEVEL = 5;
>>     private static final String AUTHENTICATOR_NAME =
>> "DefaultCarbonAuthenticator";
>>
>> +    private static final String IP_ADDRESS_PATTERN =
>> +            "^([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\." +
>> +                    "([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\." +
>> +                    "([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\." +
>> +                    "([01]?\\d\\d?|2[0-4]\\d|25[0-5])$";
>> +
>> +
>>     public boolean login(String username, String password, String
>> remoteAddress)
>>             throws AuthenticationException {
>>         HttpSession httpSession = getHttpSession();
>> @@ -76,6 +87,8 @@
>>                 return false;
>>             }
>>
>> +            validateRemoteAddress(remoteAddress);
>> +
>>             RegistryService registryService =
>> CarbonServicesServiceComponent.getRegistryService();
>>             RealmService realmService =
>> CarbonServicesServiceComponent.getRealmService();
>>
>> @@ -116,6 +129,40 @@
>>         }
>>     }
>>
>> +    private void validateRemoteAddress(String address) throws
>> AuthenticationException {
>> +
>> +        if (address == null || address.isEmpty()) {
>> +            return;
>> +        }
>> +
>> +        address = address.replaceAll("\\s+", "");
>> +        address = address.trim();
>> +
>> +        if (!isValidIPAddress(address)) {
>> +            if (!isValidDNSAddress(address)) {
>> +                throw new AuthenticationException("Authentication Failed
>> : Invalid remote address passed - " + address);
>> +            }
>> +        }
>> +    }
>> +
>> +    private boolean isValidDNSAddress(String address) {
>> +        try {
>> +            InetAddress ipAddress = InetAddress.getByName(address);
>> +            return isValidIPAddress(ipAddress.getHostAddress());
>> +        } catch (UnknownHostException e) {
>> +            log.warn("Could not find IP address for domain name : " +
>> address);
>> +        }
>> +
>> +        return false;
>> +    }
>> +
>> +    private boolean isValidIPAddress(String ipAddress) {
>> +
>> +      Pattern pattern = Pattern.compile(IP_ADDRESS_PATTERN);
>> +      Matcher matcher = pattern.matcher(ipAddress);
>> +      return matcher.matches();
>> +    }
>> +
>>     public RememberMeData loginWithRememberMeOption(String username,
>> String password, String remoteAddress)
>>             throws AuthenticationException {
>>         boolean isLoggedIn = this.login(username, password,
>> remoteAddress);
>>
>> Modified:
>> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
>> URL:
>> http://wso2.org/svn/browse/wso2/carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java?rev=122514&r1=122513&r2=122514&view=diff
>>
>> ==============================================================================
>> ---
>> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
>>     (original)
>> +++
>> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
>>     Tue Mar 13 04:56:42 2012
>> @@ -67,10 +67,27 @@
>>      */
>>     @Deprecated
>>     public String login() throws Exception {
>> +
>> +        return login(NetworkUtils.getLocalHostname());
>> +    }
>> +
>> +     /**
>> +     * @param hostName The client host name.
>> +      * @deprecated Now we do not need to call AuthenticationAdmin.login
>> method before calling an admin service.
>> +     * We can directly call an admin service after setting basic auth
>> security headers. To set basic auth
>> +     * security headers please use
>> CarbonUtils.setBasicAccessSecurityHeaders method.
>> +     * @see CarbonUtils.setBasicAccessSecurityHeaders(String, String,
>> ServiceClient);
>> +     * Log in to a Carbon server
>> +     *
>> +     * @return The session cookie on successful login
>> +     * @throws Exception If an error occurs while logging in
>> +     */
>> +    @Deprecated
>> +    public String login(String hostName) throws Exception  {
>> +
>>
>> ClientConnectionUtil.waitForPort(Integer.parseInt(FrameworkSettings.HTTPS_PORT)
>> + portOffset);
>>         AuthenticationAdminStub authAdminStub = getAuthAdminStub();
>>
>> -        String hostName = NetworkUtils.getLocalHostname();
>>         if (log.isDebugEnabled()) {
>>             log.debug("UserName : " + FrameworkSettings.USER_NAME + "
>> Password : " +
>>                       FrameworkSettings.PASSWORD + " HostName : " +
>> hostName);
>> @@ -88,6 +105,7 @@
>>         }
>>         log.info("Successfully logged in : " + sessionCookie);
>>         return sessionCookie;
>> +
>>     }
>>
>>     public boolean loginWithBasicAuth() {
>>
>> Modified:
>> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
>> URL:
>> http://wso2.org/svn/browse/wso2/carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java?rev=122514&r1=122513&r2=122514&view=diff
>>
>> ==============================================================================
>> ---
>> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
>> (original)
>> +++
>> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
>> Tue Mar 13 04:56:42 2012
>> @@ -20,6 +20,7 @@
>>  import org.apache.axis2.AxisFault;
>>  import org.apache.commons.logging.Log;
>>  import org.apache.commons.logging.LogFactory;
>> +import org.testng.Assert;
>>  import org.testng.annotations.BeforeMethod;
>>  import org.testng.annotations.Test;
>>  import org.wso2.carbon.integration.framework.ClientConnectionUtil;
>> @@ -49,12 +50,26 @@
>>     }
>>
>>     @Test(groups = {"carbon.core"}, threadPoolSize = 10, invocationCount =
>> 10,
>> -            description = "Test server information retrieval from the
>> ServerAdmin service",
>> -            enabled = false)
>> +            description = "Test server information retrieval from the
>> ServerAdmin service")
>>     public void testRetrieveServerInfo() throws Exception {
>>         ServerAdminClient serverAdmin =
>> LoginLogoutUtil.getServerAdminClient(0);
>>         assertNotNull(serverAdmin.getServerData(), "Carbon server data
>> cannot be null");
>>     }
>>
>> +    @Test(groups = {"carbon.core"})
>> +    public void testInvalidRemoteAddress() {
>> +        ClientConnectionUtil.waitForPort(9443);
>> +
>> +        // This should throw an exception
>> +        try {
>> +            sessionCookie = util.login("127.0.0.1\n[2012-03-13
>> 00:56:13,923]  " +
>> +                    "INFO
>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  " +
>> +                    "'admin' logged in at [2012-03-13 00:56:13,0923] from
>> IP address 127.0.0.1");
>> +            Assert.fail("Should not be able to login");
>> +        } catch (Exception e) {
>> +            Assert.assertTrue(true);
>> +        }
>> +    }
>> +
>>
>>  }
>> _______________________________________________
>> Carbon-commits mailing list
>> [email protected]
>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-commits
>
>
>
>
> --
> Afkham Azeez
> Director of Architecture; WSO2, Inc.; http://wso2.com
> Member; Apache Software Foundation; http://www.apache.org/
>
> email: [email protected] cell: +94 77 3320919
> blog: http://blog.afkham.org
> twitter: http://twitter.com/afkham_azeez
> linked-in: http://lk.linkedin.com/in/afkhamazeez
>
> Lean . Enterprise . Middleware
>



-- 
Mobile : +94773330538
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Carbon-commits] [Carbon-kernel] svn commit r122514 - in carbon/kernel/trunk: core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication distribution/integration/framework/src/main/java/org/wso2/carbon/integrati

Reply via email to