Mercurial > dive4elements > river
changeset 4549:9a2432485371
Allow requests from localhost in GGInA filter
Fix print-server and possible other services by allowing request from out
current machine.
author | Björn Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Fri, 16 Nov 2012 11:56:43 +0100 |
parents | 105dd4cc33a6 |
children | ea40a5ded134 |
files | flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java |
diffstat | 1 files changed, 29 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Thu Nov 15 17:45:15 2012 +0100 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Fri Nov 16 11:56:43 2012 +0100 @@ -7,6 +7,8 @@ import de.intevation.flys.client.server.features.Features; import java.io.IOException; +import java.net.InetAddress; +import java.net.UnknownHostException; import java.util.Enumeration; import javax.servlet.Filter; @@ -34,11 +36,9 @@ private String redirecturl; private ServletContext sc; - public static final String LOGIN_JSP = "/login.jsp"; - public static final String LOGIN_SERVLET = "/flys/login"; - public static final String FLYS_CSS = "/FLYS.css"; - public static final String MAP_PRINT = "/flys/map-print"; - public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf"; + private static final String LOGIN_JSP = "/login.jsp"; + private static final String LOGIN_SERVLET = "/flys/login"; + private static final String FLYS_CSS = "/FLYS.css"; /** @@ -87,14 +87,18 @@ logger.debug("Request for: " + requesturi); + // Allow acces to localhost + if (isLocalAddress(req)) { + logger.debug("Request to localhost"); + chain.doFilter(req, resp); + return; + } + // Allow access to login pages - // TODO Maybe replace with Filter <url-pattern> String path = this.sc.getContextPath(); if (requesturi.equals(path + LOGIN_JSP) || requesturi.equals(path + LOGIN_SERVLET) - || requesturi.equals(path + FLYS_CSS) - || requesturi.equals(path + MAP_PRINT) - || requesturi.equals(path + MAPFISH_PRINT)) { + || requesturi.equals(path + FLYS_CSS)) { logger.debug("Request for login " + requesturi); chain.doFilter(req, resp); return; @@ -178,5 +182,21 @@ return AuthenticationFactory.getInstance(this.authmethod).auth( user.getName(), user.getPassword(), encoding, features); } + + /** + * Returns true if the request is from our machine + * @param req The ServletRequest + * @return true if the request is from a loopback interface or from one of + * the interface addresses of the machine + */ + private boolean isLocalAddress(ServletRequest req) { + try { + InetAddress addr = InetAddress.getByName(req.getRemoteAddr()); + return addr.isAnyLocalAddress() || addr.isLoopbackAddress(); + } catch (UnknownHostException e) { + logger.error(e, e); + return false; + } + } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :