📄 reverseproxymethodhandler.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.reverseproxy;
import java.io.ByteArrayOutputStream;
import java.io.EOFException;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.maverick.crypto.encoders.Base64;
import com.maverick.http.AuthenticationCancelledException;
import com.maverick.http.HttpAuthenticatorFactory;
import com.maverick.http.HttpClient;
import com.maverick.http.PasswordCredentials;
import com.maverick.http.UnsupportedAuthenticationException;
import com.sslexplorer.boot.ContextHolder;
import com.sslexplorer.boot.HttpConstants;
import com.sslexplorer.boot.RequestHandler;
import com.sslexplorer.boot.RequestHandlerException;
import com.sslexplorer.boot.RequestHandlerRequest;
import com.sslexplorer.boot.RequestHandlerResponse;
import com.sslexplorer.boot.Util;
import com.sslexplorer.core.CookieMap;
import com.sslexplorer.core.CoreAttributeConstants;
import com.sslexplorer.core.CoreEvent;
import com.sslexplorer.core.CoreEventConstants;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.CoreUtil;
import com.sslexplorer.policyframework.Policy;
import com.sslexplorer.policyframework.ResourceAccessEvent;
import com.sslexplorer.policyframework.ResourceUtil;
import com.sslexplorer.replacementproxy.CacheingOutputStream;
import com.sslexplorer.replacementproxy.ContentCache;
import com.sslexplorer.replacementproxy.Header;
import com.sslexplorer.replacementproxy.ProxiedRequestDispatcher;
import com.sslexplorer.replacementproxy.ProxiedResponseDispatcher;
import com.sslexplorer.replacementproxy.ProxiedResponseProcessor;
import com.sslexplorer.replacementproxy.RequestProcessor;
import com.sslexplorer.security.AuthenticationScheme;
import com.sslexplorer.security.Constants;
import com.sslexplorer.security.SessionInfo;
import com.sslexplorer.security.User;
import com.sslexplorer.webforwards.ReplacementProxyWebForward;
import com.sslexplorer.webforwards.ReverseProxyWebForward;
import com.sslexplorer.webforwards.WebForward;
public class ReverseProxyMethodHandler implements RequestHandler {
final static String sessionCookie = System.getProperty("sslexplorer.cookie", "JSESSIONID");
static Log log = LogFactory.getLog(ReverseProxyMethodHandler.class);
public boolean handle(String pathInContext, String pathParams, RequestHandlerRequest request, RequestHandlerResponse response)
throws RequestHandlerException, IOException {
/*
* When not authenticated, dont reverse proxy anything. We use the logon
* ticket to get the HttpSession in use
*/
SessionInfo session = null;
if(log.isDebugEnabled())
log.debug("Request for: " + pathInContext);
/**
* The launching of a reverse proxy will always be a GET. This change will
* allow us to set the character encoding of the request later so that
* POST parameters are not incorrectly encoded.
*/
if (request.getMethod().equals("GET")
&& request.getParameters().containsKey("reverseProxyTicket")) {
String logonTicket = (String) request.getParameters().get("reverseProxyTicket");
// Get the actual session for the reverse proxy
session = CoreServlet.getServlet().getLogonController().getSessionInfo(logonTicket);
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equalsIgnoreCase(sessionCookie)) {
CoreServlet.getServlet().getLogonController().attachSession(cookies[i].getValue(), session);
break;
}
}
}
CoreServlet.getServlet().getLogonController().addCookies(request, response, logonTicket, session.getUser());
} else {
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equalsIgnoreCase(sessionCookie)) {
session = CoreServlet.getServlet().getLogonController().getSessionInfoBySessionId(cookies[i].getValue());
break;
}
if (cookies[i].getName().equalsIgnoreCase(Constants.LOGON_TICKET)
|| cookies[i].getName().equalsIgnoreCase(Constants.DOMAIN_LOGON_TICKET)) {
session = CoreServlet.getServlet().getLogonController().getSessionInfo(cookies[i].getValue());
break;
}
}
}
}
if (session == null) {
if (log.isDebugEnabled())
log.debug("Could not find session cookie in request");
return false;
}
try {
if (request.getPath().startsWith("/replacementProxyEngine")) {
// This is a Replacement proxy request
Map referals = (Map) session.getHttpSession().getAttribute(Constants.REFERALS);
String uniqueTicket = (String) request.getParameters().get("sslex_ticket");
if (uniqueTicket == null) {
throw new Exception("No active replacement proxy session. This may happen if you restart your browser.");
}
ReplacementProxyWebForward wf = (ReplacementProxyWebForward) referals.get(uniqueTicket);
if (wf == null) {
throw new Exception("Web forward could not be located. This may happen if you restart your browser.");
}
ResourceUtil.checkResourceAccessRights(wf, session);
if (referals.containsKey(uniqueTicket)) {
return handleReplacementProxy(request, response, session, uniqueTicket, wf, Util.urlDecode((String) request
.getParameters().get("sslex_url")));
}
} else {
// Perhaps this is a reverse proxy?
HashMap map = (HashMap) session.getHttpSession().getAttribute(Constants.WEB_FORWARDS);
if (map != null) {
Map.Entry e;
ReverseProxyWebForward wf = null;
String host = request.getHost();
if (host != null && !host.equals("") && host.startsWith("activeproxy")) {
int idx = host.indexOf('.');
if (idx != -1) {
try {
String uniqiueId = host.substring(0, idx);
HashMap activeDNSForwards = (HashMap) session.getHttpSession().getAttribute(
Constants.ACTIVEDNS_FORWARDS);
wf = (ReverseProxyWebForward) map.get(activeDNSForwards.get(uniqiueId));
if (wf != null) {
ResourceUtil.checkResourceAccessRights(wf, session);
if (!((ReverseProxyWebForward) wf).getActiveDNS()) {
throw new Exception(
"Appears to be an active DNS request but the associated web forward is not active DNS. Is someone trying something funny???");
}
return handleReverseProxy(pathInContext, pathParams, request, response,
(ReverseProxyWebForward) wf, session);
} else
log.warn("Active DNS request for " + host + " from but no active web forward!");
} catch (Exception ex) {
if (log.isInfoEnabled())
log.info("Active DNS web forward lookup failed", ex);
}
} else {
if (log.isDebugEnabled())
log.debug("Not active DNS.");
}
}
String hostHeader = request.getHost();
int idx = hostHeader.indexOf(':');
if (idx > -1)
hostHeader = hostHeader.substring(0, idx);
for (Iterator j = map.entrySet().iterator(); j.hasNext();) {
e = (Map.Entry) j.next();
wf = (ReverseProxyWebForward) e.getValue();
if (wf.isValidPath(pathInContext) || (wf.getHostHeader() != null && wf.getHostHeader().equals(hostHeader))) {
ResourceUtil.checkResourceAccessRights(wf, session);
return handleReverseProxy(pathInContext, pathParams, request, response, (ReverseProxyWebForward) wf,
session);
} else {
if (log.isDebugEnabled())
log.debug("'" + pathInContext + "' is not a valid reverse proxy path");
}
}
} else {
if (log.isDebugEnabled())
log.debug("No web forwards in the session.");
}
}
} catch (Exception e) {
log.error("Failed to process web forward.", e);
session.getHttpSession().setAttribute(Constants.EXCEPTION, e);
response.sendRedirect("/showPopupException.do");
return true;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -