diff options
| author | gjoranv <gv@oath.com> | 2018-05-23 12:06:22 +0200 |
|---|---|---|
| committer | gjoranv <gv@oath.com> | 2018-05-23 12:06:22 +0200 |
| commit | f2248855136afe814756a3dcd46b073cce1c8e2b (patch) | |
| tree | d0722645b2c7240a598cc0d42e7c545292790527 | |
| parent | bbfa8456064e99c65ea4e78902d4fb02591ee7f3 (diff) | |
Remove empty filter chains from filter chain repo.
* Ensure no empty chains before throwing IndexOutOfBoundsException.
* Verify that application does not throw upon access-control
in services.xml.
| -rw-r--r-- | application/src/test/java/com/yahoo/application/ApplicationTest.java | 17 | ||||
| -rw-r--r-- | container-core/src/main/java/com/yahoo/container/http/filter/FilterChainRepository.java | 14 |
2 files changed, 30 insertions, 1 deletions
diff --git a/application/src/test/java/com/yahoo/application/ApplicationTest.java b/application/src/test/java/com/yahoo/application/ApplicationTest.java index 9388c8f400e..7b4f39b6ac4 100644 --- a/application/src/test/java/com/yahoo/application/ApplicationTest.java +++ b/application/src/test/java/com/yahoo/application/ApplicationTest.java @@ -372,4 +372,21 @@ public class ApplicationTest { "</jdisc>"; } + @Test + public void application_with_access_control_can_be_constructed() throws Exception { + try (Application application = Application.fromServicesXml(servicesXmlWithAccessControl(), Networking.disable)) { + Application unused = application; + } + } + + private static String servicesXmlWithAccessControl() { + return "<jdisc version='1.0'>" + + " <http> <server port='" + 0 +"' id='foo'/> " + + " <filtering>" + + " <access-control domain='foo' />" + + " </filtering>" + + " </http>" + + "</jdisc>"; + } + } diff --git a/container-core/src/main/java/com/yahoo/container/http/filter/FilterChainRepository.java b/container-core/src/main/java/com/yahoo/container/http/filter/FilterChainRepository.java index e4ec09e3948..31bceca9337 100644 --- a/container-core/src/main/java/com/yahoo/container/http/filter/FilterChainRepository.java +++ b/container-core/src/main/java/com/yahoo/container/http/filter/FilterChainRepository.java @@ -25,6 +25,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Set; +import java.util.logging.Logger; import static java.util.Collections.emptyList; import static java.util.stream.Collectors.toList; @@ -37,6 +38,7 @@ import static java.util.stream.Collectors.toSet; * @author bjorncs */ public class FilterChainRepository extends AbstractComponent { + private static final Logger log = Logger.getLogger(FilterChainRepository.class.getName()); private final ComponentRegistry<Object> filterAndChains; @@ -77,12 +79,23 @@ public class FilterChainRepository extends AbstractComponent { ChainRegistry<FilterWrapper> chainRegistry = new ChainRegistry<>(); ChainsModel chainsModel = ChainsModelBuilder.buildFromConfig(chainsConfig); ChainsConfigurer.prepareChainRegistry(chainRegistry, chainsModel, allFiltersWrapped(filters)); + removeEmptyChains(chainRegistry); chainRegistry.freeze(); return chainRegistry; } + private static void removeEmptyChains(ChainRegistry<FilterWrapper> chainRegistry) { + chainRegistry.allComponents().stream() + .filter(chain -> chain.components().isEmpty()) + .map(Chain::getId) + .peek(id -> log.warning("Removing empty filter chain: " + id)) + .forEach(chainRegistry::unregister); + } + @SuppressWarnings("unchecked") private static Object toJDiscChain(Chain<FilterWrapper> chain) { + if (chain.components().isEmpty()) + throw new IllegalArgumentException("Empty filter chain: " + chain.getId()); checkFilterTypesCompatible(chain); List<?> jdiscFilters = chain.components().stream() .map(filterWrapper -> filterWrapper.filter) @@ -98,7 +111,6 @@ public class FilterChainRepository extends AbstractComponent { } private static List<?> wrapSecurityFilters(List<?> filters) { - if (filters.isEmpty()) return emptyList(); List<Object> aggregatedSecurityFilters = new ArrayList<>(); List<Object> wrappedFilters = new ArrayList<>(); for (Object filter : filters) { |