This is what we get when we run integration tests in Carbon kernel
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} -
[2012-03-21 18:32:20,621] ERROR
{org.wso2.carbon.core.services.authentication.AuthenticationAdmin} -
Authentication Failed : Invalid remote address passed -
127.0.0.1[2012-03-1300:56:13,923]INFO{org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}-'admin'loggedinat[2012-03-1300:56:13,0923]fromIPaddress127.0.0.1
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} -
org.wso2.carbon.core.common.AuthenticationException: Authentication Failed
: Invalid remote address passed -
127.0.0.1[2012-03-1300:56:13,923]INFO{org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}-'admin'loggedinat[2012-03-1300:56:13,0923]fromIPaddress127.0.0.1
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.wso2.carbon.core.services.authentication.AuthenticationAdmin.validateRemoteAddress(AuthenticationAdmin.java:143)
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.wso2.carbon.core.services.authentication.AuthenticationAdmin.login(AuthenticationAdmin.java:90)
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
java.lang.reflect.Method.invoke(Method.java:597)
[2012-03-21 18:32:20,622] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:205)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:46)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:54)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:155)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:987)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1600)
[2012-03-21 18:32:20,623] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
[2012-03-21 18:32:20,624] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
[2012-03-21 18:32:20,624] INFO
{org.wso2.carbon.integration.framework.utils.InputStreamHandler} - at
java.lang.Thread.run(Thread.java:680)
On Wed, Mar 21, 2012 at 6:41 PM, Amila Jayasekara <[email protected]> wrote:
> On Wed, Mar 21, 2012 at 6:35 PM, Afkham Azeez <[email protected]> wrote:
> > Why did you consider 127.0.0.1 as an invalid remote address? Now we are
> > getting stacktraces in integration tests due to this.
>
> I am not considering 127.0.0.1 as an invalid address. But I have a
> test case which tries to pass an invalid remote address. See
> "testInvalidRemoteAddress" test in following commit. You may be seen
> this due to this test case. But if you are getting this for normal
> 127.0.0.1, please let me know.
>
> Thanks
> AmilaJ
>
> >
> > On Tue, Mar 13, 2012 at 2:26 PM, <[email protected]> wrote:
> >>
> >> Author: amilaj
> >> Date: Tue Mar 13 04:56:42 2012
> >> New Revision: 122514
> >> URL: http://wso2.org/svn/browse/wso2?view=rev&revision=122514
> >>
> >> Log:
> >> Add code to validate remote address. Also added a test case
> >>
> >> Modified:
> >>
> >>
> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
> >>
> >>
> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
> >>
> >>
> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
> >>
> >> Modified:
> >>
> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
> >> URL:
> >>
> http://wso2.org/svn/browse/wso2/carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java?rev=122514&r1=122513&r2=122514&view=diff
> >>
> >>
> ==============================================================================
> >> ---
> >>
> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
> >> (original)
> >> +++
> >>
> carbon/kernel/trunk/core/org.wso2.carbon.core.services/src/main/java/org/wso2/carbon/core/services/authentication/AuthenticationAdmin.java
> >> Tue Mar 13 04:56:42 2012
> >> @@ -42,10 +42,14 @@
> >> import javax.servlet.http.Cookie;
> >> import javax.servlet.http.HttpServletRequest;
> >> import javax.servlet.http.HttpSession;
> >> +import java.net.InetAddress;
> >> +import java.net.UnknownHostException;
> >> import java.text.SimpleDateFormat;
> >> import java.util.Calendar;
> >> import java.util.Date;
> >> import java.util.UUID;
> >> +import java.util.regex.Matcher;
> >> +import java.util.regex.Pattern;
> >>
> >> /**
> >> * /**
> >> @@ -63,6 +67,13 @@
> >> private static final int DEFAULT_PRIORITY_LEVEL = 5;
> >> private static final String AUTHENTICATOR_NAME =
> >> "DefaultCarbonAuthenticator";
> >>
> >> + private static final String IP_ADDRESS_PATTERN =
> >> + "^([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\." +
> >> + "([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\." +
> >> + "([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\." +
> >> + "([01]?\\d\\d?|2[0-4]\\d|25[0-5])$";
> >> +
> >> +
> >> public boolean login(String username, String password, String
> >> remoteAddress)
> >> throws AuthenticationException {
> >> HttpSession httpSession = getHttpSession();
> >> @@ -76,6 +87,8 @@
> >> return false;
> >> }
> >>
> >> + validateRemoteAddress(remoteAddress);
> >> +
> >> RegistryService registryService =
> >> CarbonServicesServiceComponent.getRegistryService();
> >> RealmService realmService =
> >> CarbonServicesServiceComponent.getRealmService();
> >>
> >> @@ -116,6 +129,40 @@
> >> }
> >> }
> >>
> >> + private void validateRemoteAddress(String address) throws
> >> AuthenticationException {
> >> +
> >> + if (address == null || address.isEmpty()) {
> >> + return;
> >> + }
> >> +
> >> + address = address.replaceAll("\\s+", "");
> >> + address = address.trim();
> >> +
> >> + if (!isValidIPAddress(address)) {
> >> + if (!isValidDNSAddress(address)) {
> >> + throw new AuthenticationException("Authentication
> Failed
> >> : Invalid remote address passed - " + address);
> >> + }
> >> + }
> >> + }
> >> +
> >> + private boolean isValidDNSAddress(String address) {
> >> + try {
> >> + InetAddress ipAddress = InetAddress.getByName(address);
> >> + return isValidIPAddress(ipAddress.getHostAddress());
> >> + } catch (UnknownHostException e) {
> >> + log.warn("Could not find IP address for domain name : " +
> >> address);
> >> + }
> >> +
> >> + return false;
> >> + }
> >> +
> >> + private boolean isValidIPAddress(String ipAddress) {
> >> +
> >> + Pattern pattern = Pattern.compile(IP_ADDRESS_PATTERN);
> >> + Matcher matcher = pattern.matcher(ipAddress);
> >> + return matcher.matches();
> >> + }
> >> +
> >> public RememberMeData loginWithRememberMeOption(String username,
> >> String password, String remoteAddress)
> >> throws AuthenticationException {
> >> boolean isLoggedIn = this.login(username, password,
> >> remoteAddress);
> >>
> >> Modified:
> >>
> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
> >> URL:
> >>
> http://wso2.org/svn/browse/wso2/carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java?rev=122514&r1=122513&r2=122514&view=diff
> >>
> >>
> ==============================================================================
> >> ---
> >>
> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
> >> (original)
> >> +++
> >>
> carbon/kernel/trunk/distribution/integration/framework/src/main/java/org/wso2/carbon/integration/framework/LoginLogoutUtil.java
> >> Tue Mar 13 04:56:42 2012
> >> @@ -67,10 +67,27 @@
> >> */
> >> @Deprecated
> >> public String login() throws Exception {
> >> +
> >> + return login(NetworkUtils.getLocalHostname());
> >> + }
> >> +
> >> + /**
> >> + * @param hostName The client host name.
> >> + * @deprecated Now we do not need to call
> AuthenticationAdmin.login
> >> method before calling an admin service.
> >> + * We can directly call an admin service after setting basic auth
> >> security headers. To set basic auth
> >> + * security headers please use
> >> CarbonUtils.setBasicAccessSecurityHeaders method.
> >> + * @see CarbonUtils.setBasicAccessSecurityHeaders(String, String,
> >> ServiceClient);
> >> + * Log in to a Carbon server
> >> + *
> >> + * @return The session cookie on successful login
> >> + * @throws Exception If an error occurs while logging in
> >> + */
> >> + @Deprecated
> >> + public String login(String hostName) throws Exception {
> >> +
> >>
> >>
> ClientConnectionUtil.waitForPort(Integer.parseInt(FrameworkSettings.HTTPS_PORT)
> >> + portOffset);
> >> AuthenticationAdminStub authAdminStub = getAuthAdminStub();
> >>
> >> - String hostName = NetworkUtils.getLocalHostname();
> >> if (log.isDebugEnabled()) {
> >> log.debug("UserName : " + FrameworkSettings.USER_NAME + "
> >> Password : " +
> >> FrameworkSettings.PASSWORD + " HostName : " +
> >> hostName);
> >> @@ -88,6 +105,7 @@
> >> }
> >> log.info("Successfully logged in : " + sessionCookie);
> >> return sessionCookie;
> >> +
> >> }
> >>
> >> public boolean loginWithBasicAuth() {
> >>
> >> Modified:
> >>
> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
> >> URL:
> >>
> http://wso2.org/svn/browse/wso2/carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java?rev=122514&r1=122513&r2=122514&view=diff
> >>
> >>
> ==============================================================================
> >> ---
> >>
> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
> >> (original)
> >> +++
> >>
> carbon/kernel/trunk/distribution/integration/tests/src/test/java/org/wso2/carbon/integration/tests/ServerAdminTestCase.java
> >> Tue Mar 13 04:56:42 2012
> >> @@ -20,6 +20,7 @@
> >> import org.apache.axis2.AxisFault;
> >> import org.apache.commons.logging.Log;
> >> import org.apache.commons.logging.LogFactory;
> >> +import org.testng.Assert;
> >> import org.testng.annotations.BeforeMethod;
> >> import org.testng.annotations.Test;
> >> import org.wso2.carbon.integration.framework.ClientConnectionUtil;
> >> @@ -49,12 +50,26 @@
> >> }
> >>
> >> @Test(groups = {"carbon.core"}, threadPoolSize = 10,
> invocationCount =
> >> 10,
> >> - description = "Test server information retrieval from the
> >> ServerAdmin service",
> >> - enabled = false)
> >> + description = "Test server information retrieval from the
> >> ServerAdmin service")
> >> public void testRetrieveServerInfo() throws Exception {
> >> ServerAdminClient serverAdmin =
> >> LoginLogoutUtil.getServerAdminClient(0);
> >> assertNotNull(serverAdmin.getServerData(), "Carbon server data
> >> cannot be null");
> >> }
> >>
> >> + @Test(groups = {"carbon.core"})
> >> + public void testInvalidRemoteAddress() {
> >> + ClientConnectionUtil.waitForPort(9443);
> >> +
> >> + // This should throw an exception
> >> + try {
> >> + sessionCookie = util.login("127.0.0.1\n[2012-03-13
> >> 00:56:13,923] " +
> >> + "INFO
> >> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - " +
> >> + "'admin' logged in at [2012-03-13 00:56:13,0923]
> from
> >> IP address 127.0.0.1");
> >> + Assert.fail("Should not be able to login");
> >> + } catch (Exception e) {
> >> + Assert.assertTrue(true);
> >> + }
> >> + }
> >> +
> >>
> >> }
> >> _______________________________________________
> >> Carbon-commits mailing list
> >> [email protected]
> >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-commits
> >
> >
> >
> >
> > --
> > Afkham Azeez
> > Director of Architecture; WSO2, Inc.; http://wso2.com
> > Member; Apache Software Foundation; http://www.apache.org/
> >
> > email: [email protected] cell: +94 77 3320919
> > blog: http://blog.afkham.org
> > twitter: http://twitter.com/afkham_azeez
> > linked-in: http://lk.linkedin.com/in/afkhamazeez
> >
> > Lean . Enterprise . Middleware
> >
>
>
>
> --
> Mobile : +94773330538
>
--
*Afkham Azeez*
Director of Architecture; WSO2, Inc.; http://wso2.com
Member; Apache Software Foundation; http://www.apache.org/
* <http://www.apache.org/>**
email: **[email protected]* <[email protected]>* cell: +94 77 3320919
blog: **http://blog.afkham.org* <http://blog.afkham.org>*
twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
*
linked-in: **http://lk.linkedin.com/in/afkhamazeez*
*
*
*Lean . Enterprise . Middleware*
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
