# HG changeset patch
# User robcast
# Date 1459329928 -7200
# Node ID bc66091ba4433fe99d39e8d56388099a87e57e27
# Parent 589f47478095d38e245f4ba4429834becae30bc9
IpAuthnOps can do IPv6 now.
diff -r 589f47478095 -r bc66091ba443 servlet/src/main/java/digilib/auth/IpAuthnOps.java
--- a/servlet/src/main/java/digilib/auth/IpAuthnOps.java Wed Mar 30 11:21:54 2016 +0200
+++ b/servlet/src/main/java/digilib/auth/IpAuthnOps.java Wed Mar 30 11:25:28 2016 +0200
@@ -51,6 +51,7 @@
*
*
*
+ *
*
* }
*
@@ -64,7 +65,8 @@
protected Logger logger = Logger.getLogger(this.getClass());
protected File configFile;
- protected HashTree authIPs;
+ protected HashTree authIP4s;
+ protected HashTree authIP6s;
/**
* Initialize authentication operations.
@@ -85,13 +87,14 @@
XMLListLoader ipLoader = new XMLListLoader("digilib-addresses", "address", "ip", "role");
ipList = ipLoader.loadUri(configFile.toURI());
} catch (Exception e) {
- throw new AuthOpException("ERROR loading authorization config file: " + e);
+ throw new AuthOpException("ERROR loading auth config file: " + e);
}
if (ipList == null) {
- throw new AuthOpException("ERROR unable to load authorization config file!");
+ throw new AuthOpException("ERROR unable to load auth config file!");
}
- // setup ip tree
- authIPs = new HashTree(ipList, ".", ",");
+ // setup ip trees
+ authIP4s = new HashTree(ipList, ".", ",");
+ authIP6s = new HashTree(ipList, ":", ",");
}
/* (non-Javadoc)
@@ -100,9 +103,17 @@
@Override
public boolean isUserInRole(DigilibRequest dlRequest, String role) throws AuthOpException {
// check if the requests address provides a role
+ List provided = null;
HttpServletRequest request = ((DigilibServletRequest) dlRequest).getServletRequest();
String ip = request.getRemoteAddr();
- List provided = authIPs.match(ip);
+ logger.debug("Testing role '"+role+"' for ip "+ip);
+ if (ip.contains(":")) {
+ // IPv6
+ provided = authIP6s.match(ip);
+ } else {
+ // IPv4
+ provided = authIP4s.match(ip);
+ }
if ((provided != null) && (provided.contains(role))) {
return true;
}
diff -r 589f47478095 -r bc66091ba443 servlet/src/main/java/digilib/auth/IpServletAuthnOps.java
--- a/servlet/src/main/java/digilib/auth/IpServletAuthnOps.java Wed Mar 30 11:21:54 2016 +0200
+++ b/servlet/src/main/java/digilib/auth/IpServletAuthnOps.java Wed Mar 30 11:25:28 2016 +0200
@@ -44,6 +44,7 @@
*
*
*
+ *
*
* }
*
@@ -60,9 +61,17 @@
@Override
public boolean isUserInRole(DigilibRequest dlRequest, String role) throws AuthOpException {
// check if the requests address provides a role
+ List provided = null;
HttpServletRequest request = ((DigilibServletRequest) dlRequest).getServletRequest();
String ip = request.getRemoteAddr();
- List provided = authIPs.match(ip);
+ logger.debug("Testing role '"+role+"' for ip "+ip);
+ if (ip.contains(":")) {
+ // IPv6
+ provided = authIP6s.match(ip);
+ } else {
+ // IPv4
+ provided = authIP4s.match(ip);
+ }
if ((provided != null) && (provided.contains(role))) {
return true;
}