diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java | 39 |
1 files changed, 29 insertions, 10 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java index 848ffba6f..75e02a24b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java @@ -26,6 +26,7 @@ public class AdminRequestFilter implements Filter private static final String HTTPS_SCHEME = "https"; private static final String HTTPS_PORT = "https_port"; private static final String HTTPS_ROLE = "Admin"; + private static final String PROXY_PORT = "proxy_port"; private FilterConfig config; @@ -51,6 +52,7 @@ public class AdminRequestFilter implements Filter String request_port = null; String param_https_port = null; + String param_proxy_port = null; String msg = null; String param_active = null; @@ -84,22 +86,39 @@ public class AdminRequestFilter implements Filter return; } + param_proxy_port = config.getInitParameter(PROXY_PORT); + boolean bad_port = false; + // Compare the request and param "https" ports if( ! param_https_port.equals( request_port ) ) { - String uri = ((HttpServletRequest) request).getRequestURI(); - msg = "Use HTTPS port '" + param_https_port - + "' instead of '" + request_port - + "' when performing " + HTTPS_ROLE + " tasks!"; - CMS.debug( filterName + ": " + msg ); - CMS.debug( filterName + ": uri is " + uri); - if ((param_active != null) &&(param_active.equals("false"))) { - CMS.debug("Filter is disabled .. continuing"); + String uri = ((HttpServletRequest) request).getRequestURI(); + if (param_proxy_port != null) { + if (!param_proxy_port.equals(request_port)) { + msg = "Use HTTPS port '" + param_https_port + + "' or proxy port '" + param_proxy_port + + "' instead of '" + request_port + + "' when performing " + HTTPS_ROLE + " tasks!"; + bad_port = true; + } } else { - resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); - return; + msg = "Use HTTPS port '" + param_https_port + + "' instead of '" + request_port + + "' when performing " + HTTPS_ROLE + " tasks!"; + bad_port = true; + } + if (bad_port) { + CMS.debug( filterName + ": " + msg ); + CMS.debug( filterName + ": uri is " + uri); + if ((param_active != null) &&(param_active.equals("false"))) { + CMS.debug("Filter is disabled .. continuing"); + } else { + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); + return; + } } } } + // CMS.debug("Exiting the admin filter"); chain.doFilter( request, response ); |