1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 package org.jumpmind.symmetric.web;
22
23 import javax.servlet.ServletException;
24 import javax.servlet.http.HttpServletResponse;
25
26 import org.jumpmind.symmetric.common.Constants;
27 import org.jumpmind.symmetric.test.AbstractWebTest;
28 import org.junit.Assert;
29 import org.junit.Test;
30 import org.springframework.mock.web.MockFilterChain;
31 import org.springframework.mock.web.MockFilterConfig;
32 import org.springframework.mock.web.MockHttpServletRequest;
33 import org.springframework.mock.web.MockHttpServletResponse;
34
35 /***
36 * This simply makes sure the SymmetricFilter is setup correctly.
37 */
38 public class InetAddressFilterTest extends AbstractWebTest {
39 public static final String[] HTTP_METHODS = { "GET", "POST", "DELETE", "PUT", "TRACE", "OPTIONS" };
40
41 public static final String[] URIS = { "/ack", "/push", "/pull" };
42
43 public static final String COMBO_ADDRESS_FILTER = "105.100-10.5.15, 206.123.*.90, 184.*.209.210-99, 64-1.78.81.*, 164-120.*.181-50.*, 15-10.240-155.181-50.211-2";
44
45
46
47
48
49 public static final String STATIC_ADDRESS_FILTER = "105.10.5.15, 206.123.45.90, 184.210.209.99, 64.78.81.11, 164.240.181.211";
50
51 public static final String MULTICAST_ADDRESS_FILTER = "224.0.10.1, 239.254.254.254";
52
53 public static final String CIDR_ADDRESS_FILTER = "10.10.1.32/27, 164.37.0.0/16";
54
55
56 @Test
57 public void testInetAddressFilterParameterServiceFilter() throws Exception {
58 Object[][] params = parameterServiceCheckAddrParams();
59 for (Object[] param : params) {
60 testInetAddressFilterParameterServiceFilter((String) param[0]);
61 }
62 }
63
64 private void testInetAddressFilterParameterServiceFilter(final String checkAddr) throws Exception {
65 final InetAddressFilter filter = getFilter();
66 final MockFilterConfig config = new MockFilterConfig(servletContext);
67 filter.init(config);
68
69 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
70 final MockHttpServletResponse response = new MockHttpServletResponse();
71 filter.doFilter(request, response, new MockFilterChain());
72 Assert.assertFalse(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
73
74 filter.destroy();
75 }
76
77 private Object[][] parameterServiceCheckAddrParams() {
78 return new Object[][] { { "10.4.201.179" }, { "10.1.200.4" }, { "10.4.100.43" }, { "11.100.121.83" },
79 { "11.100.148.221" }, { "11.100.100.9" }, { "100.50.253.172" }, { "100.50.0.3" }, { "100.50.94.254" } };
80 }
81
82 @Test
83 public void testInetAddressFilterCidrFilter() throws Exception {
84 Object[][] params = cidrFilterParams();
85 for (Object[] param : params) {
86 testInetAddressFilterCidrFilter((String) param[0], (String) param[1]);
87 }
88 }
89
90 private void testInetAddressFilterCidrFilter(final String filterString, final String checkAddr) throws Exception {
91 final InetAddressFilter filter = getFilter();
92 final MockFilterConfig config = new MockFilterConfig(servletContext);
93 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
94 filter.init(config);
95
96 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
97 final MockHttpServletResponse response = new MockHttpServletResponse();
98 filter.doFilter(request, response, new MockFilterChain());
99 Assert.assertFalse(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
100
101 filter.destroy();
102 }
103
104 private Object[][] cidrFilterParams() {
105 return new Object[][] { { CIDR_ADDRESS_FILTER, "10.10.1.44" }, { CIDR_ADDRESS_FILTER, "10.10.1.47" },
106 { CIDR_ADDRESS_FILTER, "10.10.1.63" }, { CIDR_ADDRESS_FILTER, "164.37.99.251" },
107 { CIDR_ADDRESS_FILTER, "164.37.2.59" } };
108 }
109
110 @Test
111 public void testInetAddressFilterInvalidCidrFilter() throws Exception {
112 Object[][] params = invalidCidrFilterParams();
113 for (Object[] param : params) {
114 testInetAddressFilterInvalidCidrFilter((String) param[0], (String) param[1]);
115 }
116 }
117
118 public void testInetAddressFilterInvalidCidrFilter(final String filterString, final String checkAddr)
119 throws Exception {
120 final InetAddressFilter filter = getFilter();
121 final MockFilterConfig config = new MockFilterConfig(servletContext);
122 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
123 filter.init(config);
124
125 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
126 final MockHttpServletResponse response = new MockHttpServletResponse();
127 filter.doFilter(request, response, new MockFilterChain());
128 Assert.assertTrue(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
129
130 filter.destroy();
131 }
132
133 public Object[][] invalidCidrFilterParams() {
134 return new Object[][] { { CIDR_ADDRESS_FILTER, "10.10.2.44" }, { CIDR_ADDRESS_FILTER, "10.10.1.221" },
135 { CIDR_ADDRESS_FILTER, "10.10.1.150" }, { CIDR_ADDRESS_FILTER, "164.50.99.251" },
136 { CIDR_ADDRESS_FILTER, "165.37.2.59" }, { CIDR_ADDRESS_FILTER, "164.50.2.59" },
137 { CIDR_ADDRESS_FILTER, "101.0.21.2" } };
138 }
139
140 @Test(expected=ServletException.class )
141 public void testInetAddressFilterInvalidAddressFilter() throws Exception {
142 Object[][] params = invalidFilterParams();
143 for (Object[] param : params) {
144 testInetAddressFilterInvalidAddressFilter((String) param[0]);
145 }
146 }
147
148 private void testInetAddressFilterInvalidAddressFilter(final String filterString) throws Exception {
149 final InetAddressFilter filter = getFilter();
150 final MockFilterConfig config = new MockFilterConfig(servletContext);
151 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
152 filter.init(config);
153
154
155
156
157
158
159
160 filter.destroy();
161 }
162
163 private Object[][] invalidFilterParams() {
164 return new Object[][] { { "256.0.5.6" }, { "432.553.2344.211" }, { "4D3.234.FX3" }, { "6.70. * .322" },
165 { "0.0.0.322" }, { "1-10.4.5.6" }, { "100.140-141.3.4" }, { "144.5.210-234.5" }, { "110.30.46.1-100" } };
166 }
167
168 @Test
169 public void testInetAddressFilterStaticAddressFilter() throws Exception {
170 Object[][] params = staticAddressInetAddressFilterParams();
171 for (Object[] param : params) {
172 testInetAddressFilterStaticAddressFilter((String) param[0], (String) param[1]);
173 }
174 }
175
176 private Object[][] staticAddressInetAddressFilterParams() {
177 return new Object[][] { { STATIC_ADDRESS_FILTER, "105.10.5.15" }, { STATIC_ADDRESS_FILTER, "206.123.45.90" },
178 { STATIC_ADDRESS_FILTER, "184.210.209.99" }, { STATIC_ADDRESS_FILTER, "64.78.81.11" },
179 { STATIC_ADDRESS_FILTER, "164.240.181.211" } };
180 }
181
182 private void testInetAddressFilterStaticAddressFilter(final String filterString, final String checkAddr)
183 throws Exception {
184 final InetAddressFilter filter = getFilter();
185 final MockFilterConfig config = new MockFilterConfig(servletContext);
186 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
187 filter.init(config);
188
189 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
190 final MockHttpServletResponse response = new MockHttpServletResponse();
191 filter.doFilter(request, response, new MockFilterChain());
192 Assert.assertFalse(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
193
194 filter.destroy();
195 }
196
197 @Test
198 public void testInvalidInetAddressFilterStaticAddressFilter() throws Exception {
199 Object[][] params = invalidStaticAddressInetAddressFilterParams();
200 for (Object[] p : params) {
201 testInvalidInetAddressFilterStaticAddressFilter((String) p[0], (String) p[1]);
202 }
203 }
204
205 private Object[][] invalidStaticAddressInetAddressFilterParams() {
206 return new Object[][] { { STATIC_ADDRESS_FILTER, "105.10.5.16" }, { STATIC_ADDRESS_FILTER, "206.124.45.90" },
207 { STATIC_ADDRESS_FILTER, "182.210.209.99" }, { STATIC_ADDRESS_FILTER, "64.78.81.10" },
208 { STATIC_ADDRESS_FILTER, "164.240.180.211" } };
209 }
210
211 private void testInvalidInetAddressFilterStaticAddressFilter(final String filterString, final String checkAddr)
212 throws Exception {
213 final InetAddressFilter filter = getFilter();
214 final MockFilterConfig config = new MockFilterConfig(servletContext);
215 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
216 filter.init(config);
217
218 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
219 final MockHttpServletResponse response = new MockHttpServletResponse();
220 filter.doFilter(request, response, new MockFilterChain());
221 Assert.assertTrue(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
222
223 filter.destroy();
224 }
225
226 @Test
227 public void testInetAddressFilterComboAddressFilter() throws Exception {
228 Object[][] params = comboAddressInetAddressFilterParams();
229 for (Object[] p : params) {
230 testInetAddressFilterComboAddressFilter((String) p[0], (String) p[1]);
231 }
232 }
233
234 private void testInetAddressFilterComboAddressFilter(final String filterString, final String checkAddr)
235 throws Exception {
236 final InetAddressFilter filter = getFilter();
237 final MockFilterConfig config = new MockFilterConfig(servletContext);
238 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
239 filter.init(config);
240
241 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
242 final MockHttpServletResponse response = new MockHttpServletResponse();
243 filter.doFilter(request, response, new MockFilterChain());
244 Assert.assertFalse(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
245
246 filter.destroy();
247 }
248
249 private Object[][] comboAddressInetAddressFilterParams() {
250 return new Object[][] { { COMBO_ADDRESS_FILTER, "105.11.5.15" }, { COMBO_ADDRESS_FILTER, "105.100.5.15" },
251 { COMBO_ADDRESS_FILTER, "105.32.5.15" }, { COMBO_ADDRESS_FILTER, "206.123.6.90" },
252 { COMBO_ADDRESS_FILTER, "206.123.0.90" }, { COMBO_ADDRESS_FILTER, "184.40.209.199" },
253 { COMBO_ADDRESS_FILTER, "184.239.209.210" }, { COMBO_ADDRESS_FILTER, "64.78.81.199" },
254 { COMBO_ADDRESS_FILTER, "5.78.81.254" }, { COMBO_ADDRESS_FILTER, "10.200.50.126" },
255 { COMBO_ADDRESS_FILTER, "120.100.69.12" }, { COMBO_ADDRESS_FILTER, "11.235.50.210" },
256 { COMBO_ADDRESS_FILTER, "15.240.181.139" }, { COMBO_ADDRESS_FILTER, "10.200.64.178" } };
257 }
258
259 @Test
260 public void testInvalidInetAddressFilterComboAddressFilter() throws Exception {
261 Object[][] params = invalidComboAddressInetAddressFilterParams();
262 for (Object[] p : params) {
263 testInvalidInetAddressFilterComboAddressFilter((String) p[0], (String) p[1]);
264 }
265 }
266
267 private void testInvalidInetAddressFilterComboAddressFilter(final String filterString, final String checkAddr)
268 throws Exception {
269 final InetAddressFilter filter = getFilter();
270 final MockFilterConfig config = new MockFilterConfig(servletContext);
271 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
272 filter.init(config);
273
274 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
275 final MockHttpServletResponse response = new MockHttpServletResponse();
276 filter.doFilter(request, response, new MockFilterChain());
277 Assert.assertTrue(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
278
279 filter.destroy();
280 }
281
282 private Object[][] invalidComboAddressInetAddressFilterParams() {
283 return new Object[][] { { COMBO_ADDRESS_FILTER, "184.1.209.98" }, { COMBO_ADDRESS_FILTER, "206.123.0.91" },
284 { COMBO_ADDRESS_FILTER, "105.101.5.15" }, { COMBO_ADDRESS_FILTER, "105.101.5.16" },
285 { COMBO_ADDRESS_FILTER, "65.78.81.2" }, { COMBO_ADDRESS_FILTER, "164.6.190.4" },
286 { COMBO_ADDRESS_FILTER, "184.5.209.211" }, { COMBO_ADDRESS_FILTER, "201.123.5.90" },
287 { COMBO_ADDRESS_FILTER, "11.7.49.7" }, { COMBO_ADDRESS_FILTER, "10.4.5.6" },
288 { COMBO_ADDRESS_FILTER, "105.9.5.15" }, { COMBO_ADDRESS_FILTER, "10.155.50.1" },
289 { COMBO_ADDRESS_FILTER, "15.240.181.212" }, { COMBO_ADDRESS_FILTER, "11.222.184.210" },
290 { COMBO_ADDRESS_FILTER, "16.232.143.202" } };
291 }
292
293 @Test
294 public void testInetAddressFilterDefaultMulticastAddressFilter() throws Exception {
295 Object[][] params = multicastAddressInetAddressFilterParams();
296 for (Object[] p : params) {
297 testInetAddressFilterDefaultMulticastAddressFilter((String) p[0], (String) p[1]);
298 }
299 }
300
301 private void testInetAddressFilterDefaultMulticastAddressFilter(final String filterString, final String checkAddr)
302 throws Exception {
303 final InetAddressFilter filter = getFilter();
304 final MockFilterConfig config = new MockFilterConfig(servletContext);
305 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
306 config.addInitParameter(InetAddressFilter.INET_ADDRESS_ALLOW_MULICAST, "false");
307 filter.init(config);
308
309 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
310 final MockHttpServletResponse response = new MockHttpServletResponse();
311 filter.doFilter(request, response, new MockFilterChain());
312 Assert.assertEquals("The " + filterString
313 + " filter did not return the expected response when " + checkAddr + " was checked.", response.getStatus(), HttpServletResponse.SC_FORBIDDEN);
314
315 filter.destroy();
316 }
317
318 private Object[][] multicastAddressInetAddressFilterParams() {
319 return new Object[][] { { MULTICAST_ADDRESS_FILTER, "224.0.10.1" },
320 { MULTICAST_ADDRESS_FILTER, "239.254.254.254" } };
321 }
322
323 @Test
324 public void testInetAddressFilterAllowMulticastInvalidAddressFilter() throws Exception {
325 Object[][] params = invalidMulticastAddressInetAddressFilterParams();
326 for (Object[] p : params) {
327 testInetAddressFilterAllowMulticastInvalidAddressFilter((String) p[0], (String) p[1]);
328 }
329 }
330
331 private void testInetAddressFilterAllowMulticastInvalidAddressFilter(final String filterString,
332 final String checkAddr) throws Exception {
333 final InetAddressFilter filter = getFilter();
334 final MockFilterConfig config = new MockFilterConfig(servletContext);
335 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
336 filter.init(config);
337
338 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
339 final MockHttpServletResponse response = new MockHttpServletResponse();
340 filter.doFilter(request, response, new MockFilterChain());
341 Assert.assertTrue(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
342
343 filter.destroy();
344 }
345
346 private Object[][] invalidMulticastAddressInetAddressFilterParams() {
347 return new Object[][] { { MULTICAST_ADDRESS_FILTER, "224.0.10.2" },
348 { MULTICAST_ADDRESS_FILTER, "239.254.254.250" } };
349 }
350
351 @Test
352 public void testInetAddressFilterAllowMulticastAddressFilter() throws Exception {
353
354 Object[][] params = multicastAddressInetAddressFilterParams();
355 for (Object[] p : params) {
356 testInetAddressFilterAllowMulticastAddressFilter((String) p[0], (String) p[1]);
357 }
358 }
359
360 private void testInetAddressFilterAllowMulticastAddressFilter(final String filterString, final String checkAddr)
361 throws Exception {
362 final InetAddressFilter filter = getFilter();
363 final MockFilterConfig config = new MockFilterConfig(servletContext);
364 config.addInitParameter(InetAddressFilter.INET_ADDRESS_FILTERS, filterString);
365 config.addInitParameter(InetAddressFilter.INET_ADDRESS_ALLOW_MULICAST, "true");
366 filter.init(config);
367
368 final MockHttpServletRequest request = createMockHttpServletRequest(checkAddr);
369 final MockHttpServletResponse response = new MockHttpServletResponse();
370 filter.doFilter(request, response, new MockFilterChain());
371 Assert.assertFalse(response.getStatus() == HttpServletResponse.SC_FORBIDDEN);
372
373 filter.destroy();
374 }
375
376 private MockHttpServletRequest createMockHttpServletRequest(final String remoteAddr) {
377
378
379 final String method = HTTP_METHODS[Math.abs((int) System.currentTimeMillis()) % HTTP_METHODS.length];
380 final String uri = URIS[Math.abs((int) System.currentTimeMillis()) % URIS.length];
381
382 final MockHttpServletRequest request = new MockHttpServletRequest(servletContext, method, uri);
383 request.setRemoteAddr(remoteAddr);
384 return request;
385 }
386
387 private InetAddressFilter getFilter() {
388 return (InetAddressFilter) applicationContext.getBean(Constants.INET_ADDRESS_FILTER);
389 }
390 }