Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Wilkins2013-04-05 01:35:37 -0400
committerGreg Wilkins2013-04-05 01:35:37 -0400
commitabcb4f163b7a21f0cb5949a49eb6409310797b52 (patch)
tree78c915ffc011846f0154aeffb8060e817c6c9d33 /jetty-security
parent6b3cb20720c12e83845a0fe8fa347376f240a9f2 (diff)
parentcada28e8cfc0d5b561829296977af8b29b84ad48 (diff)
downloadorg.eclipse.jetty.project-abcb4f163b7a21f0cb5949a49eb6409310797b52.tar.gz
org.eclipse.jetty.project-abcb4f163b7a21f0cb5949a49eb6409310797b52.tar.xz
org.eclipse.jetty.project-abcb4f163b7a21f0cb5949a49eb6409310797b52.zip
Merge remote-tracking branch 'origin/jetty-7' into jetty-8
Conflicts: jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
Diffstat (limited to 'jetty-security')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java15
-rw-r--r--jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java57
2 files changed, 64 insertions, 8 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
index 33318af13c..c1f147a4c2 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
@@ -31,6 +31,7 @@ import java.util.Set;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.CopyOnWriteArraySet;
+import org.eclipse.jetty.http.HttpSchemes;
import javax.servlet.HttpConstraintElement;
import javax.servlet.HttpMethodConstraintElement;
import javax.servlet.ServletSecurityElement;
@@ -704,7 +705,11 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
return true;
if (connector.getIntegralPort() > 0)
{
- String url = connector.getIntegralScheme() + "://" + request.getServerName() + ":" + connector.getIntegralPort() + request.getRequestURI();
+ String scheme=connector.getIntegralScheme();
+ int port=connector.getIntegralPort();
+ String url = (HttpSchemes.HTTPS.equalsIgnoreCase(scheme) && port==443)
+ ? "https://"+request.getServerName()+request.getRequestURI()
+ : scheme + "://" + request.getServerName() + ":" + port + request.getRequestURI();
if (request.getQueryString() != null)
url += "?" + request.getQueryString();
response.setContentLength(0);
@@ -723,11 +728,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
if (connector.getConfidentialPort() > 0)
{
- String url = connector.getConfidentialScheme() + "://" + request.getServerName() + ":" + connector.getConfidentialPort()
- + request.getRequestURI();
+ String scheme=connector.getConfidentialScheme();
+ int port=connector.getConfidentialPort();
+ String url = (HttpSchemes.HTTPS.equalsIgnoreCase(scheme) && port==443)
+ ? "https://"+request.getServerName()+request.getRequestURI()
+ : scheme + "://" + request.getServerName() + ":" + port + request.getRequestURI();
if (request.getQueryString() != null)
url += "?" + request.getQueryString();
-
response.setContentLength(0);
response.sendRedirect(url);
}
diff --git a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java
index 31e4cc31d7..2d17e2b7e7 100644
--- a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java
+++ b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java
@@ -142,7 +142,14 @@ public class ConstraintTest
mapping5.setPathSpec("/forbid/post");
mapping5.setConstraint(constraint5);
mapping5.setMethod("POST");
-
+
+ Constraint constraint6 = new Constraint();
+ constraint6.setAuthenticate(false);
+ constraint6.setName("data constraint");
+ constraint6.setDataConstraint(2);
+ ConstraintMapping mapping6 = new ConstraintMapping();
+ mapping6.setPathSpec("/data/*");
+ mapping6.setConstraint(constraint6);
Set<String> knownRoles=new HashSet<String>();
knownRoles.add("user");
@@ -150,7 +157,7 @@ public class ConstraintTest
_security.setConstraintMappings(Arrays.asList(new ConstraintMapping[]
{
- mapping0, mapping1, mapping2, mapping3, mapping4, mapping5
+ mapping0, mapping1, mapping2, mapping3, mapping4, mapping5,mapping6
}), knownRoles);
}
@@ -740,9 +747,9 @@ public class ConstraintTest
response = _connector.getResponses("GET /ctx/forbid/info HTTP/1.0\r\n\r\n");
assertTrue(response.startsWith("HTTP/1.1 403 Forbidden"));
- response = _connector.getResponses("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
+ response = _connector.getResponses("GET /ctx/auth/info HTTP/1.0\r\nHost:wibble.com:8888\r\n\r\n");
assertTrue(response.indexOf(" 302 Found") > 0);
- assertTrue(response.indexOf("/ctx/testLoginPage") > 0);
+ assertTrue(response.indexOf("http://wibble.com:8888/ctx/testLoginPage") > 0);
String session = response.substring(response.indexOf("JSESSIONID=") + 11, response.indexOf(";Path=/ctx"));
@@ -838,6 +845,48 @@ public class ConstraintTest
assertTrue(response.startsWith("HTTP/1.1 200 OK"));
}
+
+
+ @Test
+ public void testDataRedirection() throws Exception
+ {
+ _security.setAuthenticator(new BasicAuthenticator());
+ _server.start();
+
+ String response;
+
+ response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\n\r\n");
+ assertTrue(response.startsWith("HTTP/1.1 403"));
+
+ _connector.setConfidentialPort(8443);
+ _connector.setConfidentialScheme("https");
+
+ response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\n\r\n");
+ assertTrue(response.startsWith("HTTP/1.1 302 Found"));
+ assertTrue(response.indexOf("Location") > 0);
+ assertTrue(response.indexOf(":8443/ctx/data/info") > 0);
+
+ _connector.setConfidentialPort(443);
+ response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\n\r\n");
+ assertTrue(response.startsWith("HTTP/1.1 302 Found"));
+ assertTrue(response.indexOf("Location") > 0);
+ assertTrue(response.indexOf(":443/ctx/data/info") < 0);
+
+ _connector.setConfidentialPort(8443);
+ response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\nHost: wobble.com\r\n\r\n");
+ assertTrue(response.startsWith("HTTP/1.1 302 Found"));
+ assertTrue(response.indexOf("Location") > 0);
+ assertTrue(response.indexOf("https://wobble.com:8443/ctx/data/info") > 0);
+
+ _connector.setConfidentialPort(443);
+ response = _connector.getResponses("GET /ctx/data/info HTTP/1.0\r\nHost: wobble.com\r\n\r\n");
+ System.err.println(response);
+ assertTrue(response.startsWith("HTTP/1.1 302 Found"));
+ assertTrue(response.indexOf("Location") > 0);
+ assertTrue(response.indexOf(":443") < 0);
+ assertTrue(response.indexOf("https://wobble.com/ctx/data/info") > 0);
+ }
+
@Test
public void testRoleRef() throws Exception
{

Back to the top