Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Bug 418732] Add whiteListByPath mode to IPAccessHandler 

Signed-off-by: Constantine Linnick <theaspect@gmail.com>
This commit is contained in:
Constantine Linnick 2013-10-05 18:16:49 +07:00 committed by Gerrit Code Review @ Eclipse.org
parent b4052a2b53
commit f451a14e04
3 changed files with 300 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
jetty-server/src/main/config/etc/jetty-ipaccess.xml
View File

@ -25,6 +25,7 @@
<Item>127.0.0.2/black.html</Item>
</Array>
</Set>
<Set name="whiteListByPath">false</Set>
</New>
</Set>

27
jetty-server/src/main/java/org/eclipse/jetty/server/handler/IPAccessHandler.java
View File

@ -54,11 +54,17 @@ import org.eclipse.jetty.util.log.Logger;
* entries, that are then further refined by several specific black list exceptions
* </ul>
* <p>
* An empty white list is treated as match all. If there is at least one entry in
* By default an empty white list is treated as match all. If there is at least one entry in
* the white list, then a request must match a white list entry. Black list entries
* are always applied, so that even if an entry matches the white list, a black list
* entry will override it.
* <p>
* <p>
* You can change white list policy setting whiteListByPath to true. In this mode a request will be white listed
* IF it has a matching URL in the white list, otherwise the black list applies, e.g. in default mode when
* whiteListByPath = false and wl = "127.0.0.1|/foo", /bar request from 127.0.0.1 will be blacklisted,
* if whiteListByPath=true then not.
* </p>
* Internet addresses may be specified as absolute address or as a combination of
* four octet wildcard specifications (a.b.c.d) that are defined as follows.
* </p>
@ -104,6 +110,7 @@ public class IPAccessHandler extends HandlerWrapper
// true means nodefault match
PathMap<IPAddressMap<Boolean>> _white = new PathMap<IPAddressMap<Boolean>>(true);
PathMap<IPAddressMap<Boolean>> _black = new PathMap<IPAddressMap<Boolean>>(true);
boolean _whiteListByPath = false;
/* ------------------------------------------------------------ */
/**
@ -175,6 +182,17 @@ public class IPAccessHandler extends HandlerWrapper
set(entries, _black);
}
/* ------------------------------------------------------------ */
/**
* Re-initialize the mode of path matching
*
* @param whiteListByPath matching mode
*/
public void setWhiteListByPath(boolean whiteListByPath)
{
this._whiteListByPath = whiteListByPath;
}
/* ------------------------------------------------------------ */
/**
* Checks the incoming request against the whitelist and blacklist
@ -287,9 +305,12 @@ public class IPAccessHandler extends HandlerWrapper
if (_white.size()>0)
{
boolean match = false;
boolean matchedByPath = false;
Object whiteObj = _white.getLazyMatches(path);
if (whiteObj != null)
{
matchedByPath = true;
List whiteList = (whiteObj instanceof List) ? (List)whiteObj : Collections.singletonList(whiteObj);
for (Object entry: whiteList)
@ -300,7 +321,9 @@ public class IPAccessHandler extends HandlerWrapper
}
}
if (!match)
if (!_whiteListByPath && !match) // Default behaviour
return false;
else if (_whiteListByPath && matchedByPath && !match) // Fail if only matched by path
return false;
}

389
jetty-server/src/test/java/org/eclipse/jetty/server/handler/IPAccessHandlerTest.java
View File

@ -64,6 +64,7 @@ public class IPAccessHandlerTest
private String _host;
private String _uri;
private String _code;
private boolean _byPath;
@BeforeClass
public static void setUp()
@ -95,13 +96,14 @@ public class IPAccessHandlerTest
}
/* ------------------------------------------------------------ */
public IPAccessHandlerTest(String white, String black, String host, String uri, String code)
public IPAccessHandlerTest(String white, String black, String host, String uri, String code, boolean byPath)
{
_white = white;
_black = black;
_host = host;
_uri = uri;
_code = code;
_byPath = byPath;
}
/* ------------------------------------------------------------ */
@ -111,6 +113,7 @@ public class IPAccessHandlerTest
{
_handler.setWhite(_white.split(";",-1));
_handler.setBlack(_black.split(";",-1));
_handler.setWhiteListByPath(_byPath);
String request = "GET " + _uri + " HTTP/1.1\n" + "Host: "+ _host + "\n\n";
Socket socket = new Socket("127.0.0.1", _connector.getLocalPort());
@ -247,157 +250,313 @@ public class IPAccessHandlerTest
public static Collection<Object[]> data() {
Object[][] data = new Object[][] {
// Empty lists
{"", "", "127.0.0.1", "/", "200"},
{"", "", "127.0.0.1", "/dump/info", "200"},
{"", "", "127.0.0.1", "/", "200", false},
{"", "", "127.0.0.1", "/dump/info", "200", false},
// White list
{"127.0.0.1", "", "127.0.0.1", "/", "200"},
{"127.0.0.1", "", "127.0.0.1", "/dispatch", "200"},
{"127.0.0.1", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1", "", "127.0.0.1", "/", "200", false},
{"127.0.0.1", "", "127.0.0.1", "/dispatch", "200", false},
{"127.0.0.1", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/", "", "127.0.0.1", "/", "200"},
{"127.0.0.1|/", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.1|/", "", "127.0.0.1", "/dump/info", "403"},
{"127.0.0.1|/", "", "127.0.0.1", "/", "200", false},
{"127.0.0.1|/", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.1|/", "", "127.0.0.1", "/dump/info", "403", false},
{"127.0.0.1|/*", "", "127.0.0.1", "/", "200"},
{"127.0.0.1|/*", "", "127.0.0.1", "/dispatch", "200"},
{"127.0.0.1|/*", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/*", "", "127.0.0.1", "/", "200", false},
{"127.0.0.1|/*", "", "127.0.0.1", "/dispatch", "200", false},
{"127.0.0.1|/*", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/", "403"},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dump/test", "200"},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/", "403", false},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dump/test", "200", false},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/", "403"},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dump/test", "403"},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/", "403", false},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dump/test", "403", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/", "403"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/test", "200"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/", "403", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/test", "200", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/fail", "403", false},
{"127.0.0.0-2|", "", "127.0.0.1", "/", "200"},
{"127.0.0.0-2|", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.0-2|", "", "127.0.0.1", "/", "200", false},
{"127.0.0.0-2|", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.0-2|/", "", "127.0.0.1", "/", "200"},
{"127.0.0.0-2|/", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.0-2|/", "", "127.0.0.1", "/dump/info", "403"},
{"127.0.0.0-2|/", "", "127.0.0.1", "/", "200", false},
{"127.0.0.0-2|/", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.0-2|/", "", "127.0.0.1", "/dump/info", "403", false},
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/", "403"},
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/", "403", false},
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/", "403"},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dump/test", "403"},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/", "403", false},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dump/test", "403", false},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/", "403"},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/test", "200"},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/", "403", false},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/test", "200", false},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/fail", "403", false},
// Black list
{"", "127.0.0.1", "127.0.0.1", "/", "403"},
{"", "127.0.0.1", "127.0.0.1", "/dispatch", "403"},
{"", "127.0.0.1", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.1", "127.0.0.1", "/", "403", false},
{"", "127.0.0.1", "127.0.0.1", "/dispatch", "403", false},
{"", "127.0.0.1", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.1|/", "127.0.0.1", "/", "403"},
{"", "127.0.0.1|/", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.1|/", "127.0.0.1", "/dump/info", "200"},
{"", "127.0.0.1|/", "127.0.0.1", "/", "403", false},
{"", "127.0.0.1|/", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.1|/", "127.0.0.1", "/dump/info", "200", false},
{"", "127.0.0.1|/*", "127.0.0.1", "/", "403"},
{"", "127.0.0.1|/*", "127.0.0.1", "/dispatch", "403"},
{"", "127.0.0.1|/*", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.1|/*", "127.0.0.1", "/", "403", false},
{"", "127.0.0.1|/*", "127.0.0.1", "/dispatch", "403", false},
{"", "127.0.0.1|/*", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/", "200"},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dump/test", "403"},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/", "200", false},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dump/test", "403", false},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/", "200"},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dump/test", "200"},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/", "200", false},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dump/test", "200", false},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/", "200"},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/test", "403"},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/fail", "200"},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/", "200", false},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/test", "403", false},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/fail", "200", false},
{"", "127.0.0.0-2|", "127.0.0.1", "/", "403"},
{"", "127.0.0.0-2|", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.0-2|", "127.0.0.1", "/", "403", false},
{"", "127.0.0.0-2|", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.0-2|/", "127.0.0.1", "/", "403"},
{"", "127.0.0.0-2|/", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.0-2|/", "127.0.0.1", "/dump/info", "200"},
{"", "127.0.0.0-2|/", "127.0.0.1", "/", "403", false},
{"", "127.0.0.0-2|/", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.0-2|/", "127.0.0.1", "/dump/info", "200", false},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/", "200"},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/", "200", false},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/", "200"},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dump/test", "200"},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/", "200", false},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dump/test", "200", false},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/", "200"},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dispatch", "200"},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/info", "403"},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/test", "403"},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/fail", "200"},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/", "200", false},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dispatch", "200", false},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/info", "403", false},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/test", "403", false},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/fail", "200", false},
// Both lists
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200"},
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "403"},
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200", false},
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "403", false},
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/test", "403"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/test", "403", false},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump", "403"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/test", "403"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump", "403", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/test", "403", false},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/fail", "403", false},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/", "200"},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/", "200", false},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/dump/fail", "403", false},
// Different address
{"127.0.0.2", "", "127.0.0.1", "/", "403"},
{"127.0.0.2", "", "127.0.0.1", "/dump/info", "403"},
{"127.0.0.2", "", "127.0.0.1", "/", "403", false},
{"127.0.0.2", "", "127.0.0.1", "/dump/info", "403", false},
{"127.0.0.2|/dump/*", "", "127.0.0.1", "/", "403"},
{"127.0.0.2|/dump/*", "", "127.0.0.1", "/dump/info", "403"},
{"127.0.0.2|/dump/*", "", "127.0.0.1", "/", "403", false},
{"127.0.0.2|/dump/*", "", "127.0.0.1", "/dump/info", "403", false},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/", "403"},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/dump/info", "403"},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/dump/test", "403"},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/", "403", false},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/dump/info", "403", false},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/dump/test", "403", false},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/", "403"},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dispatch", "403"},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/info", "200"},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/test", "403"},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/fail", "403"},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/", "403", false},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dispatch", "403", false},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/info", "200", false},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/test", "403", false},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/fail", "403", false},
{"172.0.0.0-255", "", "127.0.0.1", "/", "403"},
{"172.0.0.0-255", "", "127.0.0.1", "/dump/info", "403"},
{"172.0.0.0-255", "", "127.0.0.1", "/", "403", false},
{"172.0.0.0-255", "", "127.0.0.1", "/dump/info", "403", false},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/", "403"},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/dispatch", "403"},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/dump/info", "200"},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/", "403", false},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/dispatch", "403", false},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/dump/info", "200", false},
/*-----------------------------------------------------------------------------------------*/
// Match by path starts with [117]
// test cases affected by _whiteListByPath highlighted accordingly
{"", "", "127.0.0.1", "/", "200", true},
{"", "", "127.0.0.1", "/dump/info", "200", true},
// White list
{"127.0.0.1", "", "127.0.0.1", "/", "200", true},
{"127.0.0.1", "", "127.0.0.1", "/dispatch", "200", true},
{"127.0.0.1", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/", "", "127.0.0.1", "/", "200", true},
{"127.0.0.1|/", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.1|/", "", "127.0.0.1", "/dump/info", "200", true}, // _whiteListByPath
{"127.0.0.1|/*", "", "127.0.0.1", "/", "200", true},
{"127.0.0.1|/*", "", "127.0.0.1", "/dispatch", "200", true},
{"127.0.0.1|/*", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/*", "", "127.0.0.1", "/dump/test", "200", true},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/info", "", "127.0.0.1", "/dump/test", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/test", "200", true},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "", "127.0.0.1", "/dump/fail", "200", true}, // _whiteListByPath
{"127.0.0.0-2|", "", "127.0.0.1", "/", "200", true},
{"127.0.0.0-2|", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.0-2|/", "", "127.0.0.1", "/", "200", true},
{"127.0.0.0-2|/", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/", "", "127.0.0.1", "/dump/info", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/*", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.0-2|/dump/info", "", "127.0.0.1", "/dump/test", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/test", "200", true},
{"127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "", "127.0.0.1", "/dump/fail", "200", true}, // _whiteListByPath
// Black list
{"", "127.0.0.1", "127.0.0.1", "/", "403", true},
{"", "127.0.0.1", "127.0.0.1", "/dispatch", "403", true},
{"", "127.0.0.1", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.1|/", "127.0.0.1", "/", "403", true},
{"", "127.0.0.1|/", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.1|/", "127.0.0.1", "/dump/info", "200", true},
{"", "127.0.0.1|/*", "127.0.0.1", "/", "403", true},
{"", "127.0.0.1|/*", "127.0.0.1", "/dispatch", "403", true},
{"", "127.0.0.1|/*", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/", "200", true},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.1|/dump/*", "127.0.0.1", "/dump/test", "403", true},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/", "200", true},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.1|/dump/info", "127.0.0.1", "/dump/test", "200", true},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/", "200", true},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/test", "403", true},
{"", "127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1", "/dump/fail", "200", true},
{"", "127.0.0.0-2|", "127.0.0.1", "/", "403", true},
{"", "127.0.0.0-2|", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.0-2|/", "127.0.0.1", "/", "403", true},
{"", "127.0.0.0-2|/", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.0-2|/", "127.0.0.1", "/dump/info", "200", true},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/", "200", true},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.0-2|/dump/*", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/", "200", true},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.0-2|/dump/info", "127.0.0.1", "/dump/test", "200", true},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/", "200", true},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dispatch", "200", true},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/info", "403", true},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/test", "403", true},
{"", "127.0.0.0-2|/dump/info;127.0.0.0-2|/dump/test", "127.0.0.1", "/dump/fail", "200", true},
// Both lists
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200", true},
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump", "200", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/test", "403", true},
{"127.0.0.1|/dump/*", "127.0.0.1|/dump/test;127.0.0.1|/dump/fail", "127.0.0.1", "/dump/fail", "403", true},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/test", "403", true},
{"127.0.0.1|/dump/info;127.0.0.1|/dump/test", "127.0.0.1|/dump/test", "127.0.0.1", "/dump/fail", "200", true}, // _whiteListByPath
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/", "200", true},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/;127.0.0.0-2|/dump/*", "127.0.0.0,1|/dump/fail", "127.0.0.1", "/dump/fail", "403", true},
// Different address
{"127.0.0.2", "", "127.0.0.1", "/", "403", true},
{"127.0.0.2", "", "127.0.0.1", "/dump/info", "403", true},
{"127.0.0.2|/dump/*", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.2|/dump/*", "", "127.0.0.1", "/dump/info", "403", true},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/dump/info", "403", true},
{"127.0.0.2|/dump/info", "", "127.0.0.1", "/dump/test", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/info", "200", true},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/test", "403", true},
{"127.0.0.1|/dump/info;127.0.0.2|/dump/test", "", "127.0.0.1", "/dump/fail", "200", true}, // _whiteListByPath
{"172.0.0.0-255", "", "127.0.0.1", "/", "403", true},
{"172.0.0.0-255", "", "127.0.0.1", "/dump/info", "403", true},
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/", "200", true}, // _whiteListByPath
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/dispatch", "200", true}, // _whiteListByPath
{"172.0.0.0-255|/dump/*;127.0.0.0-255|/dump/*", "", "127.0.0.1", "/dump/info", "200", true},
};
return Arrays.asList(data);
};