This is an automated email from the ASF dual-hosted git repository. cziegeler pushed a commit to branch http-4.x in repository https://gitbox.apache.org/repos/asf/felix-dev.git
The following commit(s) were added to refs/heads/http-4.x by this push: new 47a95d2b63 FELIX-6688 - Context path of outer servlet container is not respected… (#305) 47a95d2b63 is described below commit 47a95d2b638c2b2142709f6f5b5fc1adf291b845 Author: Sagar Miglani <85228812+sagarmigl...@users.noreply.github.com> AuthorDate: Wed Apr 10 12:31:46 2024 +0530 FELIX-6688 - Context path of outer servlet container is not respected… (#305) * FELIX-6688 - Context path of outer servlet container is not respected for authentication * FELIX-6688 - Context path of outer servlet container is not respected for authentication --------- Co-authored-by: Sagar Miglani <s...@adobe.com> --- .../webconsole/internal/servlet/OsgiManager.java | 2 +- .../internal/servlet/OsgiManagerHttpContext.java | 13 ++++++-- .../servlet/OsgiManagerHttpContextTest.java | 37 ++++++++++++++++++++-- 3 files changed, 46 insertions(+), 6 deletions(-) diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java index d1292ed1ec..7d8e2d9360 100644 --- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java +++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java @@ -979,7 +979,7 @@ public class OsgiManager extends GenericServlet { if (this.servletContextRegistration == null) { final ServletContextHelper httpContext = new OsgiManagerHttpContext(this.bundleContext.getBundle(), - securityProviderTracker, realm); + securityProviderTracker, realm, this.webManagerRoot); final Dictionary<String, Object> props = new Hashtable<>(); if (httpServiceSelector != null) { props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_TARGET, httpServiceSelector); diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java index b12c9793b9..2fe9c2e654 100644 --- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java +++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java @@ -44,13 +44,16 @@ final class OsgiManagerHttpContext extends ServletContextHelper { private final Bundle bundle; + private final String webManagerRoot; + OsgiManagerHttpContext(final Bundle webConsoleBundle, final ServiceTracker<WebConsoleSecurityProvider, WebConsoleSecurityProvider> tracker, - final String realm) { + final String realm, final String webManagerRoot) { super(webConsoleBundle); this.tracker = tracker; this.realm = realm; this.bundle = webConsoleBundle; + this.webManagerRoot = webManagerRoot; } public URL getResource(final String name) { @@ -63,19 +66,23 @@ final class OsgiManagerHttpContext extends ServletContextHelper { @Override public boolean handleSecurity( final HttpServletRequest r, final HttpServletResponse response ) { + final WebConsoleSecurityProvider provider = tracker.getService(); + final String webManagerRoot = this.webManagerRoot; // for compatibility we have to adjust a few methods on the request final HttpServletRequest request = new HttpServletRequestWrapper(r) { @Override public String getContextPath() { - return ""; + int managerRootIndex = r.getContextPath().lastIndexOf(webManagerRoot); + return r.getContextPath().substring(0, managerRootIndex); } @Override public String getServletPath() { - return r.getContextPath(); + int managerRootIndex = r.getContextPath().lastIndexOf(webManagerRoot); + return r.getContextPath().substring(managerRootIndex); } @Override diff --git a/webconsole/src/test/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContextTest.java b/webconsole/src/test/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContextTest.java index 6b9a6c7848..9721a47600 100644 --- a/webconsole/src/test/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContextTest.java +++ b/webconsole/src/test/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContextTest.java @@ -19,11 +19,16 @@ package org.apache.felix.webconsole.internal.servlet; import org.apache.felix.webconsole.WebConsoleSecurityProvider; +import org.apache.felix.webconsole.WebConsoleSecurityProvider2; import org.junit.Test; +import org.mockito.ArgumentCaptor; import org.mockito.Mockito; import org.osgi.framework.Bundle; import org.osgi.framework.BundleContext; +import org.osgi.util.tracker.ServiceTracker; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.lang.reflect.Method; import static org.junit.Assert.assertEquals; @@ -33,7 +38,7 @@ public class OsgiManagerHttpContextTest { public void testAuthenticate() throws Exception { BundleContext bc = Mockito.mock(BundleContext.class); Bundle bundle = Mockito.mock(Bundle.class); - OsgiManagerHttpContext ctx = new OsgiManagerHttpContext(bundle, null, "blah"); + OsgiManagerHttpContext ctx = new OsgiManagerHttpContext(bundle, null, "blah", ""); Method authenticateMethod = OsgiManagerHttpContext.class.getDeclaredMethod( "authenticate", new Class [] {WebConsoleSecurityProvider.class, String.class, byte[].class}); @@ -55,7 +60,7 @@ public class OsgiManagerHttpContextTest { Mockito.when(bc.getProperty(OsgiManager.FRAMEWORK_PROP_SECURITY_PROVIDERS)).thenReturn("a"); Bundle bundle = Mockito.mock(Bundle.class); - OsgiManagerHttpContext ctx = new OsgiManagerHttpContext(bundle, null, "blah"); + OsgiManagerHttpContext ctx = new OsgiManagerHttpContext(bundle, null, "blah", ""); Method authenticateMethod = OsgiManagerHttpContext.class.getDeclaredMethod( "authenticate", new Class [] {WebConsoleSecurityProvider.class, String.class, byte[].class}); @@ -72,6 +77,34 @@ public class OsgiManagerHttpContextTest { assertEquals(false, authenticateMethod.invoke(ctx, sp, "foo", "bar".getBytes())); } + @Test + public void testPathsInHandleSecurity() throws Exception { + + Bundle bundle = Mockito.mock(Bundle.class); + WebConsoleSecurityProvider2 provider = Mockito.mock(WebConsoleSecurityProvider2.class); + ServiceTracker<WebConsoleSecurityProvider, WebConsoleSecurityProvider> tracker = Mockito.mock(ServiceTracker.class); + Mockito.when(tracker.getService()).thenReturn(provider); + + OsgiManagerHttpContext ctx = new OsgiManagerHttpContext(bundle, tracker, "blah", "/system/console"); + + HttpServletRequest request = Mockito.mock(HttpServletRequest.class); + HttpServletResponse response = Mockito.mock(HttpServletResponse.class); + Mockito.when(request.getContextPath()).thenReturn("/ctx/path/system/console"); + Mockito.when(request.getServletPath()).thenReturn("/bin/servlet"); + + + ctx.handleSecurity(request, response); + + ArgumentCaptor<HttpServletRequest> authenticationRequest = ArgumentCaptor.forClass(HttpServletRequest.class); + ArgumentCaptor<HttpServletResponse> authenticationResponse = ArgumentCaptor.forClass(HttpServletResponse.class); + Mockito.verify(provider, Mockito.times(1)).authenticate(authenticationRequest.capture(), authenticationResponse.capture()); + + assertEquals("/ctx/path", authenticationRequest.getValue().getContextPath()); + assertEquals("/system/console", authenticationRequest.getValue().getServletPath()); + assertEquals("/bin/servlet", authenticationRequest.getValue().getPathInfo()); + assertEquals(response, authenticationResponse.getValue()); + } + private static class TestSecurityProvider implements WebConsoleSecurityProvider { @Override public Object authenticate(String username, String password) {