brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From henev...@apache.org
Subject [7/8] git commit: refactor localhost ipv6 checks as per svet's comments
Date Mon, 15 Sep 2014 22:57:38 GMT
refactor localhost ipv6 checks as per svet's comments


Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/52e9103f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/52e9103f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/52e9103f

Branch: refs/heads/master
Commit: 52e9103f6c6f94f6dbc8250a919ddd58a9ad70ca
Parents: 16ac562
Author: Alex Heneveld <alex.heneveld@cloudsoftcorp.com>
Authored: Mon Sep 15 23:55:05 2014 +0100
Committer: Alex Heneveld <alex.heneveld@cloudsoftcorp.com>
Committed: Mon Sep 15 23:55:05 2014 +0100

----------------------------------------------------------------------
 ...ynUserWithRandomPasswordSecurityProvider.java |  8 +++-----
 .../main/java/brooklyn/util/net/Networking.java  | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/52e9103f/usage/rest-server/src/main/java/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
----------------------------------------------------------------------
diff --git a/usage/rest-server/src/main/java/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
b/usage/rest-server/src/main/java/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
index 8bd02cd..7034c61 100644
--- a/usage/rest-server/src/main/java/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
+++ b/usage/rest-server/src/main/java/brooklyn/rest/security/provider/BrooklynUserWithRandomPasswordSecurityProvider.java
@@ -25,6 +25,7 @@ import org.slf4j.LoggerFactory;
 
 import brooklyn.management.ManagementContext;
 import brooklyn.rest.security.BrooklynPropertiesSecurityFilter;
+import brooklyn.util.net.Networking;
 import brooklyn.util.text.Identifiers;
 
 public class BrooklynUserWithRandomPasswordSecurityProvider extends AbstractSecurityProvider
implements SecurityProvider {
@@ -52,11 +53,8 @@ public class BrooklynUserWithRandomPasswordSecurityProvider extends AbstractSecu
 
     private boolean isRemoteAddressLocalhost(HttpSession session) {
         Object remoteAddress = session.getAttribute(BrooklynPropertiesSecurityFilter.REMOTE_ADDRESS_SESSION_ATTRIBUTE);
-        return remoteAddress != null && (
-            "127.0.0.1".equals(remoteAddress) || 
-            "0:0:0:0:0:0:0:1".equals(remoteAddress) ||
-            "0:0:0:0:0:0:0:1%0".equals(remoteAddress)
-            );
+        if (!(remoteAddress instanceof String)) return false;
+        return Networking.isLocalhost((String)remoteAddress);
     }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/52e9103f/utils/common/src/main/java/brooklyn/util/net/Networking.java
----------------------------------------------------------------------
diff --git a/utils/common/src/main/java/brooklyn/util/net/Networking.java b/utils/common/src/main/java/brooklyn/util/net/Networking.java
index 8c2d4f1..fed78b0 100644
--- a/utils/common/src/main/java/brooklyn/util/net/Networking.java
+++ b/utils/common/src/main/java/brooklyn/util/net/Networking.java
@@ -369,6 +369,25 @@ public class Networking {
         return true;
     }
 
+    public static boolean isLocalhost(String remoteIp) {
+        if ("127.0.0.1".equals(remoteIp)) return true;
+        
+        
+        // IPv6 localhost "ip" strings may vary;
+        // comes back as 0:0:0:0:0:0:0:1%1 for me.
+        // following deals with the cases which seem likely.
+        // (svet suggests using InetAddress parsing but I -- Alex -- am not sure if that's
going to have it's own bugs)
+        
+        if (remoteIp.contains("%")) {
+            // trim any description %dex
+            remoteIp = remoteIp.substring(0, remoteIp.indexOf("%"));
+        }
+        if ("0:0:0:0:0:0:0:1".equals(remoteIp)) return true;
+        if ("::1".equals(remoteIp)) return true;
+        
+        return false;
+    }
+    
     public static boolean isReachable(HostAndPort endpoint) {
         try {
             Socket s = new Socket(endpoint.getHostText(), endpoint.getPort());


Mime
View raw message