AMBARI-18944 - Improve remoteIp in audit log (Wang Yaoxin via jonathanhurley)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/f4ea3091 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/f4ea3091 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/f4ea3091 Branch: refs/heads/branch-dev-patch-upgrade Commit: f4ea309196a2c02b88f5e5ce062200d50d888005 Parents: ae3ff2a Author: Jonathan Hurley <jhur...@hortonworks.com> Authored: Fri Dec 2 10:18:35 2016 -0500 Committer: Jonathan Hurley <jhur...@hortonworks.com> Committed: Fri Dec 2 10:19:41 2016 -0500 ---------------------------------------------------------------------- .../apache/ambari/server/utils/RequestUtils.java | 10 ++++++++++ .../ambari/server/utils/RequestUtilsTest.java | 18 ++++++++++++++++++ 2 files changed, 28 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/f4ea3091/ambari-server/src/main/java/org/apache/ambari/server/utils/RequestUtils.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/utils/RequestUtils.java b/ambari-server/src/main/java/org/apache/ambari/server/utils/RequestUtils.java index 0ac782f..dbb0f11 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/utils/RequestUtils.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/utils/RequestUtils.java @@ -50,6 +50,9 @@ public class RequestUtils { if (isRemoteAddressUnknown(ip)) { ip = request.getRemoteAddr(); } + if (containsMultipleRemoteAddresses(ip)) { + ip = ip.substring(0, ip.indexOf(",")); + } return ip; } @@ -76,6 +79,13 @@ public class RequestUtils { } /** + * Checks if ip contains multiple IP addresses + */ + private static boolean containsMultipleRemoteAddresses(String ip) { + return ip != null && ip.indexOf(",") > 0; + } + + /** * Checks if RequestContextHolder contains a valid HTTP request * @return */ http://git-wip-us.apache.org/repos/asf/ambari/blob/f4ea3091/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java b/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java index 595127e..f36858e 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/utils/RequestUtilsTest.java @@ -30,6 +30,7 @@ import org.junit.Test; public class RequestUtilsTest { public static final String REMOTE_ADDRESS = "12.13.14.15"; + public static final String REMOTE_ADDRESS_MULTIPLE = "12.13.14.15,12.13.14.16"; @Test public void testGetRemoteAddress() { @@ -49,6 +50,23 @@ public class RequestUtilsTest { } @Test + public void testGetMultipleRemoteAddress() { + // GIVEN + HttpServletRequest mockedRequest = createMock(HttpServletRequest.class); + expect(mockedRequest.getHeader("X-Forwarded-For")).andReturn(null); + expect(mockedRequest.getHeader("Proxy-Client-IP")).andReturn("unknown"); + expect(mockedRequest.getHeader("WL-Proxy-Client-IP")).andReturn(""); + expect(mockedRequest.getHeader("HTTP_CLIENT_IP")).andReturn("unknown"); + expect(mockedRequest.getHeader("HTTP_X_FORWARDED_FOR")).andReturn(REMOTE_ADDRESS_MULTIPLE); + replay(mockedRequest); + // WHEN + String remoteAddress = RequestUtils.getRemoteAddress(mockedRequest); + // THEN + assertEquals(REMOTE_ADDRESS, remoteAddress); + verify(mockedRequest); + } + + @Test public void testGetRemoteAddressFoundFirstHeader() { // GIVEN HttpServletRequest mockedRequest = createMock(HttpServletRequest.class);