From: kkolinko Date: Sat, 15 Jan 2011 19:33:06 +0000 (+0000) Subject: Update JMX descriptions, tests, documentation and examples in documentation for using... X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=9d8f41aae6a66dd3bcf65d36aca1fca5539142c6;p=tomcat7.0 Update JMX descriptions, tests, documentation and examples in documentation for using a single regex for attributes in RemoteIpFilter, RemoteIpValve. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1059398 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/java/org/apache/catalina/filters/RemoteIpFilter.java b/java/org/apache/catalina/filters/RemoteIpFilter.java index a6bf9aaa8..ca833232e 100644 --- a/java/org/apache/catalina/filters/RemoteIpFilter.java +++ b/java/org/apache/catalina/filters/RemoteIpFilter.java @@ -99,10 +99,13 @@ import org.apache.juli.logging.LogFactory; * * * internalProxies - * List of internal proxies ip adress. If they appear in the remoteIpHeader value, they will be trusted and will not appear + * Regular expression that matches the IP addresses of internal proxies. + * If they appear in the remoteIpHeader value, they will be + * trusted and will not appear * in the proxiesHeader value * RemoteIPInternalProxy - * Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library) + * Regular expression (in the syntax supported by + * {@link java.util.regex.Pattern java.util.regex}) * 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
* By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12 has not been enabled by default because it is complex to * describe with regular expressions @@ -118,10 +121,12 @@ import org.apache.juli.logging.LogFactory; * * * trustedProxies - * List of trusted proxies ip adress. If they appear in the remoteIpHeader value, they will be trusted and will appear in - * the proxiesHeader value + * Regular expression that matches the IP addresses of trusted proxies. + * If they appear in the remoteIpHeader value, they will be + * trusted and will appear in the proxiesHeader value * RemoteIPTrustedProxy - * Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library) + * Regular expression (in the syntax supported by + * {@link java.util.regex.Pattern java.util.regex}) *   * * @@ -174,16 +179,20 @@ import org.apache.juli.logging.LogFactory; * <filter-name>RemoteIpFilter</filter-name> * <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class> * <init-param> - * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value> + * <param-name>internalProxies</param-name> + * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value> * </init-param> * <init-param> - * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value> + * <param-name>remoteIpHeader</param-name> + * <param-value>x-forwarded-for</param-value> * </init-param> * <init-param> - * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value> + * <param-name>remoteIpProxiesHeader</param-name> + * <param-value>x-forwarded-by</param-value> * </init-param> * <init-param> - * <param-name>protocolHeader</param-name><param-value>x-forwarded-proto</param-value> + * <param-name>protocolHeader</param-name> + * <param-value>x-forwarded-proto</param-value> * </init-param> * </filter> * @@ -251,16 +260,20 @@ import org.apache.juli.logging.LogFactory; * <filter-name>RemoteIpFilter</filter-name> * <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class> * <init-param> - * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value> + * <param-name>internalProxies</param-name> + * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value> * </init-param> * <init-param> - * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value> + * <param-name>remoteIpHeader</param-name> + * <param-value>x-forwarded-for</param-value> * </init-param> * <init-param> - * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value> + * <param-name>remoteIpProxiesHeader</param-name> + * <param-value>x-forwarded-by</param-value> * </init-param> * <init-param> - * <param-name>trustedProxies</param-name><param-value>proxy1, proxy2</param-value> + * <param-name>trustedProxies</param-name> + * <param-value>proxy1|proxy2</param-value> * </init-param> * </filter> * @@ -308,16 +321,20 @@ import org.apache.juli.logging.LogFactory; * <filter-name>RemoteIpFilter</filter-name> * <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class> * <init-param> - * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value> + * <param-name>internalProxies</param-name> + * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value> * </init-param> * <init-param> - * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value> + * <param-name>remoteIpHeader</param-name> + * <param-value>x-forwarded-for</param-value> * </init-param> * <init-param> - * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value> + * <param-name>remoteIpProxiesHeader</param-name> + * <param-value>x-forwarded-by</param-value> * </init-param> * <init-param> - * <param-name>trustedProxies</param-name><param-value>proxy1, proxy2</param-value> + * <param-name>trustedProxies</param-name> + * <param-value>proxy1|proxy2</param-value> * </init-param> * </filter> * @@ -366,16 +383,20 @@ import org.apache.juli.logging.LogFactory; * <filter-name>RemoteIpFilter</filter-name> * <filter-class>org.apache.catalina.filters.RemoteIpFilter</filter-class> * <init-param> - * <param-name>internalProxies</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value> + * <param-name>internalProxies</param-name> + * <param-value>192\.168\.0\.10|192\.168\.0\.11</param-value> * </init-param> * <init-param> - * <param-name>remoteIpHeader</param-name><param-value>x-forwarded-for</param-value> + * <param-name>remoteIpHeader</param-name> + * <param-value>x-forwarded-for</param-value> * </init-param> * <init-param> - * <param-name>remoteIpProxiesHeader</param-name><param-value>x-forwarded-by</param-value> + * <param-name>remoteIpProxiesHeader</param-name> + * <param-value>x-forwarded-by</param-value> * </init-param> * <init-param> - * <param-name>trustedProxies</param-name><param-value>proxy1, proxy2</param-value> + * <param-name>trustedProxies</param-name> + * <param-value>proxy1|proxy2</param-value> * </init-param> * </filter> * @@ -892,7 +913,7 @@ public class RemoteIpFilter implements Filter { /** *

- * Regular expressions that defines the internal proxies. + * Regular expression that defines the internal proxies. *

*

* Default value : 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3} diff --git a/java/org/apache/catalina/valves/RemoteIpValve.java b/java/org/apache/catalina/valves/RemoteIpValve.java index ac6768123..228f08058 100644 --- a/java/org/apache/catalina/valves/RemoteIpValve.java +++ b/java/org/apache/catalina/valves/RemoteIpValve.java @@ -81,10 +81,13 @@ import org.apache.juli.logging.LogFactory; * * * internalProxies - * List of internal proxies ip adress. If they appear in the remoteIpHeader value, they will be trusted and will not appear + * Regular expression that matches the IP addresses of internal proxies. + * If they appear in the remoteIpHeader value, they will be + * trusted and will not appear * in the proxiesHeader value * RemoteIPInternalProxy - * Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library) + * Regular expression (in the syntax supported by + * {@link java.util.regex.Pattern java.util.regex}) * 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
* By default, 10/8, 192.168/16, 169.254/16 and 127/8 are allowed ; 172.16/12 has not been enabled by default because it is complex to * describe with regular expressions @@ -100,10 +103,12 @@ import org.apache.juli.logging.LogFactory; * * * trustedProxies - * List of trusted proxies ip adress. If they appear in the remoteIpHeader value, they will be trusted and will appear - * in the proxiesHeader value + * Regular expression that matches the IP addresses of trusted proxies. + * If they appear in the remoteIpHeader value, they will be + * trusted and will appear in the proxiesHeader value * RemoteIPTrustedProxy - * Regular expression (in the syntax supported by the {@link java.util.regex.Pattern} library) + * Regular expression (in the syntax supported by + * {@link java.util.regex.Pattern java.util.regex}) *   * * @@ -158,7 +163,7 @@ import org.apache.juli.logging.LogFactory; * 

  * <Valve 
  *   className="org.apache.catalina.valves.RemoteIpValve"
- *   internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ *   internalProxies="192\.168\.0\.10|192\.168\.0\.11"
  *   remoteIpHeader="x-forwarded-for"
  *   remoteIpProxiesHeader="x-forwarded-by"
  *   protocolHeader="x-forwarded-proto"
@@ -220,10 +225,10 @@ import org.apache.juli.logging.LogFactory;
  * 
  * <Valve 
  *   className="org.apache.catalina.valves.RemoteIpValve"
- *   internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ *   internalProxies="192\.168\.0\.10|192\.168\.0\.11"
  *   remoteIpHeader="x-forwarded-for"
  *   remoteIpProxiesHeader="x-forwarded-by"
- *   trustedProxies="proxy1, proxy2"
+ *   trustedProxies="proxy1|proxy2"
  *   />

  * 

  * Request values:
@@ -262,10 +267,10 @@ import org.apache.juli.logging.LogFactory;
  * 
  * <Valve 
  *   className="org.apache.catalina.valves.RemoteIpValve"
- *   internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ *   internalProxies="192\.168\.0\.10|192\.168\.0\.11"
  *   remoteIpHeader="x-forwarded-for"
  *   remoteIpProxiesHeader="x-forwarded-by"
- *   trustedProxies="proxy1, proxy2"
+ *   trustedProxies="proxy1|proxy2"
  *   />

  * 

  * Request values:
@@ -305,10 +310,10 @@ import org.apache.juli.logging.LogFactory;
  * 
  * <Valve 
  *   className="org.apache.catalina.valves.RemoteIpValve"
- *   internalProxies="192\.168\.0\.10, 192\.168\.0\.11"
+ *   internalProxies="192\.168\.0\.10|192\.168\.0\.11"
  *   remoteIpHeader="x-forwarded-for"
  *   remoteIpProxiesHeader="x-forwarded-by"
- *   trustedProxies="proxy1, proxy2"
+ *   trustedProxies="proxy1|proxy2"
  *   />

  * 

  * Request values:
@@ -449,7 +454,7 @@ public class RemoteIpValve extends ValveBase {
     
     /**
      * @see #setInternalProxies(String)
-     * @return comma delimited list of internal proxies
+     * @return Regular expression that defines the internal proxies
      */
     public String getInternalProxies() {
         if (internalProxies == null) {
@@ -492,7 +497,7 @@ public class RemoteIpValve extends ValveBase {
 
     /**
      * @see #setTrustedProxies(String)
-     * @return comma delimited list of trusted proxies
+     * @return Regular expression that defines the trusted proxies
      */
     public String getTrustedProxies() {
         if (trustedProxies == null) {
@@ -643,7 +648,7 @@ public class RemoteIpValve extends ValveBase {
     
     /**
      * 

-     * Regular expressions that defines the internal proxies.
+     * Regular expression that defines the internal proxies.
      * 

      * 

      * Default value : 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254.\d{1,3}.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
diff --git a/java/org/apache/catalina/valves/mbeans-descriptors.xml b/java/org/apache/catalina/valves/mbeans-descriptors.xml
index 3137d3329..562e85929 100644
--- a/java/org/apache/catalina/valves/mbeans-descriptors.xml
+++ b/java/org/apache/catalina/valves/mbeans-descriptors.xml
@@ -355,7 +355,7 @@
                writeable="false"/>
                
     
     
@@ -385,7 +385,7 @@
                writeable="false"/>
 
     
                
diff --git a/test/org/apache/catalina/filters/TestRemoteIpFilter.java b/test/org/apache/catalina/filters/TestRemoteIpFilter.java
index a8cfd5d4f..31de47d91 100644
--- a/test/org/apache/catalina/filters/TestRemoteIpFilter.java
+++ b/test/org/apache/catalina/filters/TestRemoteIpFilter.java
@@ -215,8 +215,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
     public void testInvokeAllowedRemoteAddrWithNullRemoteIpHeader() throws Exception {
         // PREPARE
         FilterDef filterDef = new FilterDef();
-        filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10, 192\\.168\\.0\\.11");
-        filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+        filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
+        filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
         filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
         filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
 
@@ -247,7 +247,7 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
         // PREPARE
         FilterDef filterDef = new FilterDef();
         filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
-        filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+        filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
         filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
         filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
 
@@ -375,8 +375,8 @@ public class TestRemoteIpFilter extends TomcatBaseTest {
     public void testInvokeNotAllowedRemoteAddr() throws Exception {
         // PREPARE
         FilterDef filterDef = new FilterDef();
-        filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10, 192\\.168\\.0\\.11");
-        filterDef.addInitParameter("trustedProxies", "proxy1, proxy2, proxy3");
+        filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
+        filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
         filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
         filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
 
diff --git a/webapps/docs/config/filter.xml b/webapps/docs/config/filter.xml
index e54c00569..1ccc011aa 100644
--- a/webapps/docs/config/filter.xml
+++ b/webapps/docs/config/filter.xml
@@ -796,7 +796,7 @@ FINE: Request "/docs/config/manager.html" with response status "200" content-typ
        </init-param>
        <init-param>
          <param-name>trustedProxies</param-name>
-         <param-value>proxy1, proxy2</param-value>
+         <param-value>proxy1|proxy2</param-value>
        </init-param>
      </filter>
     
@@ -851,7 +851,7 @@ FINE: Request "/docs/config/manager.html" with response status "200" content-typ
        </init-param>
        <init-param>
          <param-name>trustedProxies</param-name>
-         <param-value>proxy1, proxy2</param-value>
+         <param-value>proxy1|proxy2</param-value>
        </init-param>
      </filter>
     
@@ -909,7 +909,7 @@ FINE: Request "/docs/config/manager.html" with response status "200" content-typ
        </init-param>
        <init-param>
          <param-name>trustedProxies</param-name>
-         <param-value>proxy1, proxy2</param-value>
+         <param-value>proxy1|proxy2</param-value>
        </init-param>
      </filter>