[Dive4elements-commits] [PATCH] Allow requests from localhost in GGInA filter
Wald Commits
scm-commit at wald.intevation.org
Fri Nov 16 11:57:13 CET 2012
# HG changeset patch
# User Björn Ricks <bjoern.ricks at intevation.de>
# Date 1353063403 -3600
# Node ID 9a24324853715e200ed4bc8e685bb7f18bafc5a8
# Parent 105dd4cc33a6ad06b677c01ba1e7157c26716f59
Allow requests from localhost in GGInA filter
Fix print-server and possible other services by allowing request from out
current machine.
diff -r 105dd4cc33a6 -r 9a2432485371 flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java
--- a/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Thu Nov 15 17:45:15 2012 +0100
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Fri Nov 16 11:56:43 2012 +0100
@@ -7,6 +7,8 @@
import de.intevation.flys.client.server.features.Features;
import java.io.IOException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
import java.util.Enumeration;
import javax.servlet.Filter;
@@ -34,11 +36,9 @@
private String redirecturl;
private ServletContext sc;
- public static final String LOGIN_JSP = "/login.jsp";
- public static final String LOGIN_SERVLET = "/flys/login";
- public static final String FLYS_CSS = "/FLYS.css";
- public static final String MAP_PRINT = "/flys/map-print";
- public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf";
+ private static final String LOGIN_JSP = "/login.jsp";
+ private static final String LOGIN_SERVLET = "/flys/login";
+ private static final String FLYS_CSS = "/FLYS.css";
/**
@@ -87,14 +87,18 @@
logger.debug("Request for: " + requesturi);
+ // Allow acces to localhost
+ if (isLocalAddress(req)) {
+ logger.debug("Request to localhost");
+ chain.doFilter(req, resp);
+ return;
+ }
+
// Allow access to login pages
- // TODO Maybe replace with Filter <url-pattern>
String path = this.sc.getContextPath();
if (requesturi.equals(path + LOGIN_JSP)
|| requesturi.equals(path + LOGIN_SERVLET)
- || requesturi.equals(path + FLYS_CSS)
- || requesturi.equals(path + MAP_PRINT)
- || requesturi.equals(path + MAPFISH_PRINT)) {
+ || requesturi.equals(path + FLYS_CSS)) {
logger.debug("Request for login " + requesturi);
chain.doFilter(req, resp);
return;
@@ -178,5 +182,21 @@
return AuthenticationFactory.getInstance(this.authmethod).auth(
user.getName(), user.getPassword(), encoding, features);
}
+
+ /**
+ * Returns true if the request is from our machine
+ * @param req The ServletRequest
+ * @return true if the request is from a loopback interface or from one of
+ * the interface addresses of the machine
+ */
+ private boolean isLocalAddress(ServletRequest req) {
+ try {
+ InetAddress addr = InetAddress.getByName(req.getRemoteAddr());
+ return addr.isAnyLocalAddress() || addr.isLoopbackAddress();
+ } catch (UnknownHostException e) {
+ logger.error(e, e);
+ return false;
+ }
+ }
}
// vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :
More information about the Dive4elements-commits
mailing list