[Dive4elements-commits] [PATCH] Allow requests from localhost in GGInA filter

Wald Commits scm-commit at wald.intevation.org
Fri Nov 16 11:57:13 CET 2012


# HG changeset patch
# User Björn Ricks <bjoern.ricks at intevation.de>
# Date 1353063403 -3600
# Node ID 9a24324853715e200ed4bc8e685bb7f18bafc5a8
# Parent  105dd4cc33a6ad06b677c01ba1e7157c26716f59
Allow requests from localhost in GGInA filter

Fix print-server and possible other services by allowing request from out
current machine.

diff -r 105dd4cc33a6 -r 9a2432485371 flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java
--- a/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java	Thu Nov 15 17:45:15 2012 +0100
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java	Fri Nov 16 11:56:43 2012 +0100
@@ -7,6 +7,8 @@
 import de.intevation.flys.client.server.features.Features;
 
 import java.io.IOException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
 import java.util.Enumeration;
 
 import javax.servlet.Filter;
@@ -34,11 +36,9 @@
     private String redirecturl;
     private ServletContext sc;
 
-    public static final String LOGIN_JSP     = "/login.jsp";
-    public static final String LOGIN_SERVLET = "/flys/login";
-    public static final String FLYS_CSS      = "/FLYS.css";
-    public static final String MAP_PRINT     = "/flys/map-print";
-    public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf";
+    private static final String LOGIN_JSP     = "/login.jsp";
+    private static final String LOGIN_SERVLET = "/flys/login";
+    private static final String FLYS_CSS      = "/FLYS.css";
 
 
     /**
@@ -87,14 +87,18 @@
 
         logger.debug("Request for: " + requesturi);
 
+        // Allow acces to localhost
+        if (isLocalAddress(req)) {
+            logger.debug("Request to localhost");
+            chain.doFilter(req, resp);
+            return;
+        }
+
         // Allow access to login pages
-        // TODO Maybe replace with Filter <url-pattern>
         String path = this.sc.getContextPath();
         if (requesturi.equals(path + LOGIN_JSP)
                 || requesturi.equals(path + LOGIN_SERVLET)
-                || requesturi.equals(path + FLYS_CSS)
-                || requesturi.equals(path + MAP_PRINT)
-                || requesturi.equals(path + MAPFISH_PRINT)) {
+                || requesturi.equals(path + FLYS_CSS)) {
             logger.debug("Request for login " + requesturi);
             chain.doFilter(req, resp);
             return;
@@ -178,5 +182,21 @@
         return AuthenticationFactory.getInstance(this.authmethod).auth(
                 user.getName(), user.getPassword(), encoding, features);
     }
+
+    /**
+     * Returns true if the request is from our machine
+     * @param req The ServletRequest
+     * @return true if the request is from a loopback interface or from one of
+     *  the interface addresses of the machine
+     */
+    private boolean isLocalAddress(ServletRequest req) {
+        try {
+            InetAddress addr = InetAddress.getByName(req.getRemoteAddr());
+            return addr.isAnyLocalAddress() || addr.isLoopbackAddress();
+        } catch (UnknownHostException e) {
+            logger.error(e, e);
+            return false;
+        }
+    }
 }
 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :


More information about the Dive4elements-commits mailing list