# HG changeset patch # User Björn Ricks # Date 1353063403 -3600 # Node ID 9a24324853715e200ed4bc8e685bb7f18bafc5a8 # Parent 105dd4cc33a6ad06b677c01ba1e7157c26716f59 Allow requests from localhost in GGInA filter Fix print-server and possible other services by allowing request from out current machine. diff -r 105dd4cc33a6 -r 9a2432485371 flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java --- a/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Thu Nov 15 17:45:15 2012 +0100 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Fri Nov 16 11:56:43 2012 +0100 @@ -7,6 +7,8 @@ import de.intevation.flys.client.server.features.Features; import java.io.IOException; +import java.net.InetAddress; +import java.net.UnknownHostException; import java.util.Enumeration; import javax.servlet.Filter; @@ -34,11 +36,9 @@ private String redirecturl; private ServletContext sc; - public static final String LOGIN_JSP = "/login.jsp"; - public static final String LOGIN_SERVLET = "/flys/login"; - public static final String FLYS_CSS = "/FLYS.css"; - public static final String MAP_PRINT = "/flys/map-print"; - public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf"; + private static final String LOGIN_JSP = "/login.jsp"; + private static final String LOGIN_SERVLET = "/flys/login"; + private static final String FLYS_CSS = "/FLYS.css"; /** @@ -87,14 +87,18 @@ logger.debug("Request for: " + requesturi); + // Allow acces to localhost + if (isLocalAddress(req)) { + logger.debug("Request to localhost"); + chain.doFilter(req, resp); + return; + } + // Allow access to login pages - // TODO Maybe replace with Filter String path = this.sc.getContextPath(); if (requesturi.equals(path + LOGIN_JSP) || requesturi.equals(path + LOGIN_SERVLET) - || requesturi.equals(path + FLYS_CSS) - || requesturi.equals(path + MAP_PRINT) - || requesturi.equals(path + MAPFISH_PRINT)) { + || requesturi.equals(path + FLYS_CSS)) { logger.debug("Request for login " + requesturi); chain.doFilter(req, resp); return; @@ -178,5 +182,21 @@ return AuthenticationFactory.getInstance(this.authmethod).auth( user.getName(), user.getPassword(), encoding, features); } + + /** + * Returns true if the request is from our machine + * @param req The ServletRequest + * @return true if the request is from a loopback interface or from one of + * the interface addresses of the machine + */ + private boolean isLocalAddress(ServletRequest req) { + try { + InetAddress addr = InetAddress.getByName(req.getRemoteAddr()); + return addr.isAnyLocalAddress() || addr.isLoopbackAddress(); + } catch (UnknownHostException e) { + logger.error(e, e); + return false; + } + } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :