diff options
author | Greg Wilkins | 2013-04-05 05:35:37 +0000 |
---|---|---|
committer | Greg Wilkins | 2013-04-05 05:35:37 +0000 |
commit | abcb4f163b7a21f0cb5949a49eb6409310797b52 (patch) | |
tree | 78c915ffc011846f0154aeffb8060e817c6c9d33 | |
parent | 6b3cb20720c12e83845a0fe8fa347376f240a9f2 (diff) | |
parent | cada28e8cfc0d5b561829296977af8b29b84ad48 (diff) | |
download | org.eclipse.jetty.project-abcb4f163b7a21f0cb5949a49eb6409310797b52.tar.gz org.eclipse.jetty.project-abcb4f163b7a21f0cb5949a49eb6409310797b52.tar.xz org.eclipse.jetty.project-abcb4f163b7a21f0cb5949a49eb6409310797b52.zip |
Merge remote-tracking branch 'origin/jetty-7' into jetty-8
Conflicts:
jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
-rw-r--r-- | jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java | 15 | ||||
-rw-r--r-- | jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java | 57 |
2 files changed, 64 insertions, 8 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java index 33318af13c..c1f147a4c2 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java @@ -31,6 +31,7 @@ import java.util.Set; import java.util.concurrent.CopyOnWriteArrayList; import java.util.concurrent.CopyOnWriteArraySet; +import org.eclipse.jetty.http.HttpSchemes; import javax.servlet.HttpConstraintElement; import javax.servlet.HttpMethodConstraintElement; import javax.servlet.ServletSecurityElement; @@ -704,7 +705,11 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr return true; if (connector.getIntegralPort() > 0) { - String url = connector.getIntegralScheme() + "://" + request.getServerName() + ":" + connector.getIntegralPort() + request.getRequestURI(); + String scheme=connector.getIntegralScheme(); + int port=connector.getIntegralPort(); + String url = (HttpSchemes.HTTPS.equalsIgnoreCase(scheme) && port==443) + ? "https://"+request.getServerName()+request.getRequestURI() + : scheme + "://" + request.getServerName() + ":" + port + request.getRequestURI(); if (request.getQueryString() != null) url += "?" + request.getQueryString(); response.setContentLength(0); @@ -723,11 +728,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr if (connector.getConfidentialPort() > 0) { - String url = connector.getConfidentialScheme() + "://" + request.getServerName() + ":" + connector.getConfidentialPort() - + request.getRequestURI(); + String scheme=connector.getConfidentialScheme(); + int port=connector.getConfidentialPort(); + String url = (HttpSchemes.HTTPS.equalsIgnoreCase(scheme) && port==443) + ? "https://"+request.getServerName()+request.getRequestURI() + : scheme + "://" + request.getServerName() + ":" + port + request.getRequestURI(); if (request.getQueryString() != null) url += "?" + request.getQueryString(); - response.setContentLength(0); response.sendRedirect(url); } diff --git a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java index 31e4cc31d7..2d17e2b7e7 100644 --- a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java +++ b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java @@ -142,7 +142,14 @@ public class ConstraintTest mapping5.setPathSpec("/forbid/post"); mapping5.setConstraint(constraint5); mapping5.setMethod("POST"); - + + Constraint constraint6 = new Constraint(); + constraint6.setAuthenticate(false); + constraint6.setName("data constraint"); + constraint6.setDataConstraint(2); + ConstraintMapping mapping6 = new ConstraintMapping(); + mapping6.setPathSpec("/data/*"); + mapping6.setConstraint(constraint6); Set<String> knownRoles=new HashSet<String>(); knownRoles.add("user"); @@ -150,7 +157,7 @@ public class ConstraintTest _security.setConstraintMappings(Arrays.asList(new ConstraintMapping[] { - mapping0, mapping1, mapping2, mapping3, mapping4, mapping5 + mapping0, mapping1, mapping2, mapping3, mapping4, mapping5,mapping6 }), knownRoles); } @@ -740,9 +747,9 @@ public class ConstraintTest response = _connector.getResponses("GET /ctx/forbid/info HTTP/1.0\r\n\r\n"); assertTrue(response.startsWith("HTTP/1.1 403 Forbidden")); - response = _connector.getResponses("GET /ctx/auth/info HTTP/1.0\r\n\r\n"); + response = _connector.getResponses("GET /ctx/auth/info HTTP/1.0\r\nHost:wibble.com:8888\r\n\r\n"); assertTrue(response.indexOf(" 302 Found") > 0); - assertTrue(response.indexOf("/ctx/testLoginPage") > 0); + assertTrue(response.indexOf("http://wibble.com:8888/ctx/testLoginPage") > 0); String session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx")); @@ -838,6 +845,48 @@ public class ConstraintTest assertTrue(response.startsWith("HTTP/1.1 200 OK")); } + + + @Test + public void testDataRedirection() throws Exception + { + _security.setAuthenticator(new BasicAuthenticator()); + _server.start(); + + String response; + + response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\n\r\n"); + assertTrue(response.startsWith("HTTP/1.1 403")); + + _connector.setConfidentialPort(8443); + _connector.setConfidentialScheme("https"); + + response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\n\r\n"); + assertTrue(response.startsWith("HTTP/1.1 302 Found")); + assertTrue(response.indexOf("Location") > 0); + assertTrue(response.indexOf(":8443/ctx/data/info") > 0); + + _connector.setConfidentialPort(443); + response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\n\r\n"); + assertTrue(response.startsWith("HTTP/1.1 302 Found")); + assertTrue(response.indexOf("Location") > 0); + assertTrue(response.indexOf(":443/ctx/data/info") < 0); + + _connector.setConfidentialPort(8443); + response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\nHost: wobble.com\r\n\r\n"); + assertTrue(response.startsWith("HTTP/1.1 302 Found")); + assertTrue(response.indexOf("Location") > 0); + assertTrue(response.indexOf("https://wobble.com:8443/ctx/data/info") > 0); + + _connector.setConfidentialPort(443); + response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\nHost: wobble.com\r\n\r\n"); + System.err.println(response); + assertTrue(response.startsWith("HTTP/1.1 302 Found")); + assertTrue(response.indexOf("Location") > 0); + assertTrue(response.indexOf(":443") < 0); + assertTrue(response.indexOf("https://wobble.com/ctx/data/info") > 0); + } + @Test public void testRoleRef() throws Exception { |