Bug: 470790 Fixed alias checking of symlinked directories
This commit is contained in:
Greg Wilkins
parent
814000531f
commit
07c81d6ec7
|
|
@ -24,6 +24,8 @@ import java.lang.management.ManagementFactory;
|
|||
import org.eclipse.jetty.jmx.MBeanContainer;
|
||||
import org.eclipse.jetty.security.HashLoginService;
|
||||
import org.eclipse.jetty.server.Server;
|
||||
import org.eclipse.jetty.server.handler.AllowAllVerifier;
|
||||
import org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker;
|
||||
import org.eclipse.jetty.webapp.WebAppContext;
|
||||
|
||||
public class OneWebApp
|
||||
|
|
@ -51,26 +53,14 @@ public class OneWebApp
|
|||
WebAppContext webapp = new WebAppContext();
|
||||
webapp.setContextPath("/");
|
||||
File warFile = new File(
|
||||
"../../jetty-distribution/target/distribution/demo-base/webapps/test.war");
|
||||
"../../jetty-distribution/target/distribution/test/webapps/test/");
|
||||
webapp.setWar(warFile.getAbsolutePath());
|
||||
webapp.addAliasCheck(new AllowSymLinkAliasChecker());
|
||||
|
||||
// A WebAppContext is a ContextHandler as well so it needs to be set to
|
||||
// the server so it is aware of where to send the appropriate requests.
|
||||
server.setHandler(webapp);
|
||||
|
||||
// Configure a LoginService
|
||||
// Since this example is for our test webapp, we need to setup a
|
||||
// LoginService so this shows how to create a very simple hashmap based
|
||||
// one. The name of the LoginService needs to correspond to what is
|
||||
// configured in the webapp's web.xml and since it has a lifecycle of
|
||||
// its own we register it as a bean with the Jetty server object so it
|
||||
// can be started and stopped according to the lifecycle of the server
|
||||
// itself.
|
||||
HashLoginService loginService = new HashLoginService();
|
||||
loginService.setName("Test Realm");
|
||||
loginService.setConfig("src/test/resources/realm.properties");
|
||||
server.addBean(loginService);
|
||||
|
||||
// Start things up!
|
||||
server.start();
|
||||
|
||||
|
|
|
|||
|
|
@ -51,13 +51,25 @@ public class AllowSymLinkAliasChecker implements AliasCheck
|
|||
try
|
||||
{
|
||||
Path path = pathResource.getPath();
|
||||
Path alias = pathResource.getAliasPath();
|
||||
System.err.printf("getPath=%s%n",path);
|
||||
System.err.printf("getAliasPath=%s%n",alias);
|
||||
|
||||
// is the file itself a symlink?
|
||||
if (Files.isSymbolicLink(path) && Files.isSameFile(path,pathResource.getAliasPath()))
|
||||
{
|
||||
if (Files.isSymbolicLink(path))
|
||||
{
|
||||
alias = path.getParent().resolve(alias);
|
||||
if (LOG.isDebugEnabled())
|
||||
LOG.debug("Allow symlink {} --> {}",resource,pathResource.getAliasPath());
|
||||
return true;
|
||||
{
|
||||
LOG.debug("path ={}",path);
|
||||
LOG.debug("alias={}",alias);
|
||||
}
|
||||
if (Files.isSameFile(path,alias))
|
||||
{
|
||||
if (LOG.isDebugEnabled())
|
||||
LOG.debug("Allow symlink {} --> {}",resource,pathResource.getAliasPath());
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
// No, so let's check each element ourselves
|
||||
|
|
|
|||
|
|
@ -381,7 +381,7 @@ public class PathResource extends Resource
|
|||
@Override
|
||||
public boolean isDirectory()
|
||||
{
|
||||
return Files.isDirectory(path,NO_FOLLOW_LINKS);
|
||||
return Files.isDirectory(path,FOLLOW_LINKS);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -389,7 +389,7 @@ public class PathResource extends Resource
|
|||
{
|
||||
try
|
||||
{
|
||||
FileTime ft = Files.getLastModifiedTime(path,NO_FOLLOW_LINKS);
|
||||
FileTime ft = Files.getLastModifiedTime(path,FOLLOW_LINKS);
|
||||
return ft.toMillis();
|
||||
}
|
||||
catch (IOException e)
|
||||
|
|
|
|||
Loading…
Reference in New Issue