Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'jetty-11.0.x' of github.com:eclipse/jetty.project into jetty-11.0.x

This commit is contained in:
Joakim Erdfelt 2022-04-29 10:34:26 -05:00
parent c2a010202a 3f138362a9
commit d3e7b4bcb0
No known key found for this signature in database
GPG Key ID: 2D0E1FB8FE4B68B4
11 changed files with 118 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
documentation/jetty-documentation/src/main/asciidoc/operations-guide/begin/deploy.adoc
View File

@ -42,7 +42,7 @@ mywebapp.war
<1> Publicly accessible resources such as `+*.html+`, `+*.jsp+`, `+*.css+`, `+*.js+` files, etc. are placed in `+*.war+` or in sub-directories of the `+*.war+`.
<2> `WEB-INF` is a special directory used to store anything related to the web application that must not be publicly accessible, but may be accessed by other resources.
<3> `WEB-INF/classes` stores the web application compiled `+*.class+` files
<4> `WEB-INF/classes` stores the web application `+*.jar+` files
<4> `WEB-INF/lib` stores the web application `+*.jar+` files
<5> `WEB-INF/web.xml` is the web application deployment descriptor defines the components and the configuration of your web application.
====

2
jetty-gcloud/pom.xml
View File

@ -13,7 +13,7 @@
<name>Jetty :: GCloud</name>
<properties>
<gcloud.version>2.3.1</gcloud.version>
<gcloud.version>2.4.0</gcloud.version>
</properties>
<modules>

19
jetty-http/src/main/java/org/eclipse/jetty/http/pathmap/PathMappings.java
View File

@ -18,7 +18,6 @@ import java.util.ArrayList;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.TreeSet;
import java.util.function.Predicate;
@ -199,23 +198,21 @@ public class PathMappings<E> implements Iterable<MappedResource<E>>, Dumpable
public static PathSpec asPathSpec(String pathSpecString)
{
if ((pathSpecString == null) || (pathSpecString.length() < 1))
{
if (pathSpecString == null)
throw new RuntimeException("Path Spec String must start with '^', '/', or '*.': got [" + pathSpecString + "]");
}
if (pathSpecString.length() == 0)
return new ServletPathSpec("");
return pathSpecString.charAt(0) == '^' ? new RegexPathSpec(pathSpecString) : new ServletPathSpec(pathSpecString);
}
public E get(PathSpec spec)
{
Optional<E> optionalResource = _mappings.stream()
return _mappings.stream()
.filter(mappedResource -> mappedResource.getPathSpec().equals(spec))
.map(mappedResource -> mappedResource.getResource())
.findFirst();
if (!optionalResource.isPresent())
return null;
return optionalResource.get();
.map(MappedResource::getResource)
.findFirst().orElse(null);
}
public boolean put(String pathSpecString, E resource)

15
jetty-http/src/test/java/org/eclipse/jetty/http/pathmap/PathMappingsTest.java
View File

@ -20,6 +20,7 @@ import org.junit.jupiter.params.provider.ValueSource;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.instanceOf;
import static org.hamcrest.Matchers.notNullValue;
import static org.hamcrest.Matchers.nullValue;
import static org.junit.jupiter.api.Assertions.assertEquals;
@ -456,4 +457,18 @@ public class PathMappingsTest
assertThat(p.remove(new ServletPathSpec("/a/b/c")), is(true));
assertThat(p.remove(new ServletPathSpec("/a/b/c")), is(false));
}
@Test
public void testAsPathSpec()
{
assertThat(PathMappings.asPathSpec(""), instanceOf(ServletPathSpec.class));
assertThat(PathMappings.asPathSpec("/"), instanceOf(ServletPathSpec.class));
assertThat(PathMappings.asPathSpec("/*"), instanceOf(ServletPathSpec.class));
assertThat(PathMappings.asPathSpec("/foo/*"), instanceOf(ServletPathSpec.class));
assertThat(PathMappings.asPathSpec("*.jsp"), instanceOf(ServletPathSpec.class));
assertThat(PathMappings.asPathSpec("^$"), instanceOf(RegexPathSpec.class));
assertThat(PathMappings.asPathSpec("^.*"), instanceOf(RegexPathSpec.class));
assertThat(PathMappings.asPathSpec("^/"), instanceOf(RegexPathSpec.class));
}
}

10
jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
View File

@ -35,6 +35,7 @@ import jakarta.servlet.annotation.ServletSecurity.TransportGuarantee;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.http.pathmap.MappedResource;
import org.eclipse.jetty.http.pathmap.PathMappings;
import org.eclipse.jetty.http.pathmap.PathSpec;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
@ -422,7 +423,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
*/
protected void processConstraintMapping(ConstraintMapping mapping)
{
Map<String, RoleInfo> mappings = _constraintRoles.get(PathMappings.asPathSpec(mapping.getPathSpec()));
Map<String, RoleInfo> mappings = _constraintRoles.get(asPathSpec(mapping));
if (mappings == null)
{
mappings = new HashMap<>();
@ -467,6 +468,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
}
}
protected PathSpec asPathSpec(ConstraintMapping mapping)
{
// As currently written, this allows regex patterns to be used.
// This may not be supported by default in future releases.
return PathMappings.asPathSpec(mapping.getPathSpec());
}
/**
* Constraints that name method omissions are dealt with differently.
* We create an entry in the mappings with key "&lt;method&gt;.omission". This entry

38
jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java
View File

@ -1869,6 +1869,44 @@ public class ConstraintTest
assertThat(response, startsWith("HTTP/1.1 403 "));
}
@Test
public void testDefaultConstraint() throws Exception
{
_security.setAuthenticator(new BasicAuthenticator());
ConstraintMapping forbidDefault = new ConstraintMapping();
forbidDefault.setPathSpec("/");
forbidDefault.setConstraint(_forbidConstraint);
_security.addConstraintMapping(forbidDefault);
ConstraintMapping allowRoot = new ConstraintMapping();
allowRoot.setPathSpec("");
allowRoot.setConstraint(_relaxConstraint);
_security.addConstraintMapping(allowRoot);
_server.start();
String response;
response = _connector.getResponse("GET /ctx/ HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 200 OK"));
response = _connector.getResponse("GET /ctx/anything HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 403 Forbidden"));
response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 403 Forbidden"));
response = _connector.getResponse("GET /ctx/forbid/info HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 403 Forbidden"));
response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 401 Unauthorized"));
assertThat(response, containsString("WWW-Authenticate: basic realm=\"TestRealm\""));
response = _connector.getResponse("GET /ctx/admin/relax/info HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 200 OK"));
}
private static String authBase64(String authorization)
{
byte[] raw = authorization.getBytes(ISO_8859_1);

2
jetty-server/src/main/config/modules/requestlog.mod
View File

@ -19,7 +19,7 @@ logs/
[ini-template]
# tag::documentation[]
## Request log line format string.
# jetty.requestlog.formatString=%a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t "%r" %s %B "%{Referer}i" "%{User-Agent}i" "%C"
#jetty.requestlog.formatString=%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t "%r" %s %O "%{Referer}i" "%{User-Agent}i"
## The logging directory (relative to $JETTY_BASE).
# jetty.requestlog.dir=logs

8
jetty-server/src/main/java/org/eclipse/jetty/server/ServletPathMapping.java
View File

@ -89,9 +89,15 @@ public class ServletPathMapping implements HttpServletMapping
throw new IllegalStateException();
}
}
else if (pathSpec != null)
{
_mappingMatch = null;
_servletPath = pathSpec.getPathMatch(pathInContext);
_matchValue = _servletPath.startsWith("/") ? _servletPath.substring(1) : _servletPath;
_pathInfo = pathSpec.getPathInfo(pathInContext);
}
else
{
// TODO can we do better for RegexPathSpec
_mappingMatch = null;
_matchValue = "";
_servletPath = pathInContext;

34
jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java
View File

@ -62,6 +62,7 @@ import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.http.MetaData;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.http.UriCompliance;
import org.eclipse.jetty.http.pathmap.RegexPathSpec;
import org.eclipse.jetty.http.pathmap.ServletPathSpec;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.EndPoint;
@ -2043,6 +2044,39 @@ public class RequestTest
assertThat(m.getPathInfo(), is(spec.getPathInfo(uri)));
}
@Test
public void testRegexPathMapping()
{
RegexPathSpec spec;
ServletPathMapping m;
spec = new RegexPathSpec("^/.*$");
m = new ServletPathMapping(spec, "Something", "/some/path");
assertThat(m.getMappingMatch(), nullValue());
assertThat(m.getPattern(), is(spec.getDeclaration()));
assertThat(m.getServletName(), is("Something"));
assertThat(m.getServletPath(), is("/some/path"));
assertThat(m.getPathInfo(), nullValue());
assertThat(m.getMatchValue(), is("some/path"));
spec = new RegexPathSpec("^/some(/.*)?$");
m = new ServletPathMapping(spec, "Something", "/some/path");
assertThat(m.getMappingMatch(), nullValue());
assertThat(m.getPattern(), is(spec.getDeclaration()));
assertThat(m.getServletName(), is("Something"));
assertThat(m.getServletPath(), is("/some"));
assertThat(m.getPathInfo(), is("/path"));
assertThat(m.getMatchValue(), is("some"));
m = new ServletPathMapping(spec, "Something", "/some");
assertThat(m.getMappingMatch(), nullValue());
assertThat(m.getPattern(), is(spec.getDeclaration()));
assertThat(m.getServletName(), is("Something"));
assertThat(m.getServletPath(), is("/some"));
assertThat(m.getPathInfo(), nullValue());
assertThat(m.getMatchValue(), is("some"));
}
private static long getFileCount(Path path)
{
try (Stream<Path> s = Files.list(path))

6
jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RegexServletTest.java
View File

@ -79,7 +79,7 @@ public class RegexServletTest
assertThat(response, containsString("servletPath='/test/info'"));
assertThat(response, containsString("pathInfo='null'"));
assertThat(response, containsString("mapping.mappingMatch='null'"));
assertThat(response, containsString("mapping.matchValue=''"));
assertThat(response, containsString("mapping.matchValue='test/info'"));
assertThat(response, containsString("mapping.pattern='^/test/.*$'"));
}
@ -96,7 +96,7 @@ public class RegexServletTest
assertThat(response, containsString("servletPath='/Test/info'"));
assertThat(response, containsString("pathInfo='null'"));
assertThat(response, containsString("mapping.mappingMatch='null'"));
assertThat(response, containsString("mapping.matchValue=''"));
assertThat(response, containsString("mapping.matchValue='Test/info'"));
assertThat(response, containsString("mapping.pattern='^/[Tt]est(/.*)?'"));
}
@ -113,7 +113,7 @@ public class RegexServletTest
assertThat(response, containsString("servletPath='/include'"));
assertThat(response, containsString("pathInfo='null'"));
assertThat(response, containsString("mapping.mappingMatch='null'"));
assertThat(response, containsString("mapping.matchValue=''"));
assertThat(response, containsString("mapping.matchValue='include'"));
assertThat(response, containsString("mapping.pattern='^/include$'"));
}

2
pom.xml
View File

@ -137,7 +137,7 @@
<jacoco.maven.plugin.version>0.8.8</jacoco.maven.plugin.version>
<jetty-version.maven.plugin.version>2.7</jetty-version.maven.plugin.version>
<license.maven.plugin.version>4.1</license.maven.plugin.version>
<maven.antrun.plugin.version>3.0.0</maven.antrun.plugin.version>
<maven.antrun.plugin.version>3.1.0</maven.antrun.plugin.version>
<maven.assembly.plugin.version>3.3.0</maven.assembly.plugin.version>
<maven.bundle.plugin.version>5.1.4</maven.bundle.plugin.version>
<maven.clean.plugin.version>3.2.0</maven.clean.plugin.version>