Author: markt
Date: Mon May 9 10:09:44 2011
New Revision: 1100940
URL: http://svn.apache.org/viewvc?rev=1100940&view=rev
Log:
Add additional configuration options to the RemoteIpValve to control ports.
These are required by my TCK test environment since I have multiple connectors
(with different ports) configured all using the one Valve.
If this has the desired effect, I'll port the changes to the RemoteIpFilter.
Modified:
tomcat/trunk/java/org/apache/catalina/valves/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
tomcat/trunk/webapps/docs/changelog.xml
tomcat/trunk/webapps/docs/config/valve.xml
Modified: tomcat/trunk/java/org/apache/catalina/valves/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/LocalStrings.properties?rev=1100940&r1=1100939&r2=1100940&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/valves/LocalStrings.properties Mon
May 9 10:09:44 2011
@@ -40,6 +40,7 @@ errorReportValve.rootCauseInLogs=The ful
# Remote IP valve
remoteIpValve.syntax=Invalid regular expressions [{0}] provided.
+remoteIpValve.invalidPortHeader=Invalid value [{0}] found for port in HTP
header [{1}]
sslValve.certError=Failed to process certificate string [{0}] to create a
java.security.cert.X509Certificate object
sslValve.invalidProvider=The SSL provider specified on the connector
associated with this request of [{0}] is invalid. The certificate data could
not be processed.
Modified: tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java?rev=1100940&r1=1100939&r2=1100940&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java (original)
+++ tomcat/trunk/java/org/apache/catalina/valves/RemoteIpValve.java Mon May 9
10:09:44 2011
@@ -403,6 +403,8 @@ public class RemoteIpValve extends Valve
*/
private int httpsServerPort = 443;
+ private boolean changeLocalPort = false;
+
/**
* @see #setInternalProxies(String)
*/
@@ -422,6 +424,8 @@ public class RemoteIpValve extends Valve
*/
private String protocolHeaderHttpsValue = "https";
+ private String portHeader = null;
+
/**
* @see #setProxiesHeader(String)
*/
@@ -461,6 +465,36 @@ public class RemoteIpValve extends Valve
return httpServerPort;
}
+ public boolean isChangeLocalPort() {
+ return changeLocalPort;
+ }
+
+ public void setChangeLocalPort(boolean changeLocalPort) {
+ this.changeLocalPort = changeLocalPort;
+ }
+
+ /**
+ * Obtain the name of the HTTP header used to override the value returned
+ * by {@link Request#getServerPort()} and (optionally depending on {link
+ * {@link #isChangeLocalPort()} {@link Request#getLocalPort()}.
+ *
+ * @return The HTTP header name
+ */
+ public String getPortHeader() {
+ return portHeader;
+ }
+
+ /**
+ * Set the name of the HTTP header used to override the value returned
+ * by {@link Request#getServerPort()} and (optionally depending on {link
+ * {@link #isChangeLocalPort()} {@link Request#getLocalPort()}.
+ *
+ * @param portHeader The HTTP header name
+ */
+ public void setPortHeader(String portHeader) {
+ this.portHeader = portHeader;
+ }
+
/**
* Return descriptive information about this Valve implementation.
*/
@@ -611,13 +645,13 @@ public class RemoteIpValve extends Valve
// use request.coyoteRequest.scheme instead of
request.setScheme() because request.setScheme() is no-op in Tomcat 6.0
request.getCoyoteRequest().scheme().setString("https");
- request.setServerPort(httpsServerPort);
+ setPorts(request, httpsServerPort);
} else {
request.setSecure(false);
// use request.coyoteRequest.scheme instead of
request.setScheme() because request.setScheme() is no-op in Tomcat 6.0
request.getCoyoteRequest().scheme().setString("http");
- request.setServerPort(httpServerPort);
+ setPorts(request, httpServerPort);
}
}
@@ -657,6 +691,26 @@ public class RemoteIpValve extends Valve
request.setServerPort(originalServerPort);
}
}
+
+ private void setPorts(Request request, int defaultPort) {
+ int port = defaultPort;
+ if (portHeader != null) {
+ String portHeaderValue = request.getHeader(portHeader);
+ if (portHeaderValue != null) {
+ try {
+ port = Integer.parseInt(portHeaderValue);
+ } catch (NumberFormatException nfe) {
+ log.debug(sm.getString(
+ "remoteIpValve.invalidPortHeader",
+ portHeaderValue, portHeader), nfe);
+ }
+ }
+ }
+ request.setServerPort(port);
+ if (changeLocalPort) {
+ request.getCoyoteRequest().setLocalPort(port);
+ }
+ }
/**
* <p>
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1100940&r1=1100939&r2=1100940&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Mon May 9 10:09:44 2011
@@ -65,6 +65,12 @@
Use correct class loader when loading Servlet classes in
StandardWrapper. (markt)
</fix>
+ <add>
+ Provide additional configuration options for the RemoteIpValve to allow
+ greater control over the values returned by
+ ServletRequest#getServerPort() and ServletRequest#getLocalPort() when
+ using this valve. (markt)
+ </add>
</changelog>
</subsection>
</section>
Modified: tomcat/trunk/webapps/docs/config/valve.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/valve.xml?rev=1100940&r1=1100939&r2=1100940&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/valve.xml (original)
+++ tomcat/trunk/webapps/docs/config/valve.xml Mon May 9 10:09:44 2011
@@ -1024,6 +1024,12 @@
default of <code>null</code> is used.</p>
</attribute>
+ <attribute name="portHeader" required="false">
+ <p>Name of the HTTP Header read by this valve that holds the port
+ used by the client to connect to the proxy. If not specified, the
+ default of <code>null</code> is used.</p>
+ </attribute>
+
<attribute name="protocolHeaderHttpsValue" required="false">
<p>Value of the <strong>protocolHeader</strong> to indicate that it is
an HTTPS request. If not specified, the default of <code>https</code>
is
@@ -1033,17 +1039,24 @@
<attribute name="httpServerPort" required="false">
<p>Value returned by <code>ServletRequest.getServerPort()</code>
when the <strong>protocolHeader</strong> indicates <code>http</code>
- protocol. If not specified, the default of <code>80</code> is
- used.</p>
+ protocol and no <strong>portHeader</strong> is present. If not
+ specified, the default of <code>80</code> is used.</p>
</attribute>
<attribute name="httpsServerPort" required="false">
<p>Value returned by <code>ServletRequest.getServerPort()</code>
when the <strong>protocolHeader</strong> indicates <code>https</code>
- protocol. If not specified, the default of <code>443</code> is
- used.</p>
+ protocol and no <strong>portHeader</strong> is present. If not
+ specified, the default of <code>443</code> is used.</p>
</attribute>
+ <attribute name="changeLocalPort" required="false">
+ <p>If <code>true</code>, the value returned by
+ <code>ServletRequest.getLocalPort()</code> and
+ <code>ServletRequest.getServerPort()</code> is modified by the this
+ valve. If not specified, the default of <code>false</code> is used.</p>
+ </attribute>
+
</attributes>
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
