hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-14 21:43:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

[DS-735] Allow IPAuthentication to work with proxies (examine X-Forwarded-For header)

Browse Source 
git-svn-id: http://scm.dspace.org/svn/repo/dspace/trunk@5709 9c30dcfa-912a-0410-8fc2-9e0234be79fd
This commit is contained in:
Stuart Lewis
2010-11-01 22:00:01 +00:00
parent 09a11966d3
commit 3bd1ecc294
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
dspace-api/src/main/java/org/dspace/authenticate/IPAuthentication.java
View File

@@ -77,12 +77,16 @@ public class IPAuthentication implements AuthenticationMethod
/** Our logger */ /** Our logger */
private static Logger log = Logger.getLogger(IPAuthentication.class); private static Logger log = Logger.getLogger(IPAuthentication.class);
/** Whether to look for x-forwarded headers for logging IP addresses */
private static Boolean useProxies;
/** All the IP matchers */ /** All the IP matchers */
private List<IPMatcher> ipMatchers; private List<IPMatcher> ipMatchers;
/** All the negative IP matchers */ /** All the negative IP matchers */
private List<IPMatcher> ipNegativeMatchers; private List<IPMatcher> ipNegativeMatchers;
/** /**
* Maps IPMatchers to group names when we don't know group DB ID yet. When * Maps IPMatchers to group names when we don't know group DB ID yet. When
* the DB ID is known, the IPMatcher is moved to ipMatcherGroupIDs and then * the DB ID is known, the IPMatcher is moved to ipMatcherGroupIDs and then
@@ -201,7 +205,22 @@ public class IPAuthentication implements AuthenticationMethod
} }
List<Integer> groupIDs = new ArrayList<Integer>(); List<Integer> groupIDs = new ArrayList<Integer>();
// Get the user's IP address
String addr = request.getRemoteAddr(); String addr = request.getRemoteAddr();
if (useProxies == null) {
useProxies = ConfigurationManager.getBooleanProperty("useProxies", false);
}
if (useProxies && request.getHeader("X-Forwarded-For") != null)
{
/* This header is a comma delimited list */
for(String xfip : request.getHeader("X-Forwarded-For").split(","))
{
if(!request.getHeader("X-Forwarded-For").contains(addr))
{
addr = xfip.trim();
}
}
}
for (IPMatcher ipm : ipMatchers) for (IPMatcher ipm : ipMatchers)
{ {

1
dspace/CHANGES
View File

@@ -67,6 +67,7 @@
- [DS-632] Batch Metadata Import needs to validate metadata fields specified in CSVs - [DS-632] Batch Metadata Import needs to validate metadata fields specified in CSVs
- [DS-646] Remove /bin scripts (replaced by 'dspace' command) - [DS-646] Remove /bin scripts (replaced by 'dspace' command)
- [DS-713] dspace.log only logs remoteAddr, needs extending to include X-Forwarded-For - [DS-713] dspace.log only logs remoteAddr, needs extending to include X-Forwarded-For
- [DS-735] Allow IPAuthentication to work with proxies (examine X-Forwarded-For header)
(Graham Triggs) (Graham Triggs)
- [DS-698] Clear primary_bitstream_id references when deleting a bitstream - [DS-698] Clear primary_bitstream_id references when deleting a bitstream