KNOX-1392 - Default whitelist must handle cases when IP address is presented as the...
authorPhil Zampino <pzampino@apache.org>
Fri, 20 Jul 2018 00:15:08 +0000 (20:15 -0400)
committerPhil Zampino <pzampino@apache.org>
Fri, 20 Jul 2018 04:28:17 +0000 (00:28 -0400)
gateway-spi/src/main/java/org/apache/knox/gateway/util/WhitelistUtils.java
gateway-spi/src/test/java/org/apache/knox/gateway/util/WhitelistUtilsTest.java

index 4f7d34f..4828090 100644 (file)
@@ -37,6 +37,8 @@ public class WhitelistUtils {
 
   static final String DEFAULT_DISPATCH_WHITELIST_TEMPLATE = "^/.*$;^https?://%s:[0-9]+/?.*$";
 
+  private static final String IP_ADDRESS_REGEX = "^(?:[0-9]{1,3}\\.){3}[0-9]{1,3}$";
+
   private static final SpiGatewayMessages LOG = MessagesFactory.get(SpiGatewayMessages.class);
 
   private static final List<String> DEFAULT_SERVICE_ROLES = Arrays.asList("KNOXSSO");
@@ -99,12 +101,13 @@ public class WhitelistUtils {
 
   private static String deriveDomainBasedWhitelist(String hostname) {
     String whitelist = null;
-    int domainIndex = hostname.indexOf('.');
-    if (domainIndex > 0) {
-      String domain = hostname.substring(hostname.indexOf('.'));
-      String domainPattern = ".+" + domain.replaceAll("\\.", "\\\\.");
-      whitelist =
-              String.format(DEFAULT_DISPATCH_WHITELIST_TEMPLATE, "(" + domainPattern + ")");
+    if (!hostname.matches(IP_ADDRESS_REGEX)) {
+      int domainIndex = hostname.indexOf('.');
+      if (domainIndex > 0) {
+        String domain = hostname.substring(hostname.indexOf('.'));
+        String domainPattern = ".+" + domain.replaceAll("\\.", "\\\\.");
+        whitelist = String.format(DEFAULT_DISPATCH_WHITELIST_TEMPLATE, "(" + domainPattern + ")");
+      }
     }
     return whitelist;
   }
index ddf62f2..f052c48 100644 (file)
@@ -135,6 +135,16 @@ public class WhitelistUtilsTest {
   }
 
   @Test
+  public void testLocalhostAddressAsHostName() throws Exception {
+    final String serviceRole = "TEST";
+    // InetAddress#getCanonicalHostName() sometimes returns the IP address as the host name
+    String whitelist = doTestGetDispatchWhitelist(createMockGatewayConfig(Collections.singletonList(serviceRole), null),
+                                                  "192.168.1.100",
+                                                  serviceRole);
+    assertNull(whitelist);
+  }
+
+  @Test
   public void testExplicitlyConfiguredDefaultWhitelist() throws Exception {
     final String serviceRole = "TEST";
     final String WHITELIST   = "DEFAULT";