diff options
| author | Robert Gemmell <robbie@apache.org> | 2010-06-17 14:37:59 +0000 |
|---|---|---|
| committer | Robert Gemmell <robbie@apache.org> | 2010-06-17 14:37:59 +0000 |
| commit | 3a720a9bb841f97f3684543827e79ba1a79c9b58 (patch) | |
| tree | 8f9dbe838ecd2210489039a11054e28a154865ac /qpid/java/broker-plugins/firewall/src/main | |
| parent | 62984a521bd9dc1be5c7117480b761a6f8d93622 (diff) | |
| download | qpid-python-3a720a9bb841f97f3684543827e79ba1a79c9b58.tar.gz | |
QPID-2662: Use actual SocketAddress instead of the String representation
Applied patch from Andrew Kennedy <andrew.international@gmail.com>
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@955617 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'qpid/java/broker-plugins/firewall/src/main')
| -rw-r--r-- | qpid/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java | 31 |
1 files changed, 7 insertions, 24 deletions
diff --git a/qpid/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java b/qpid/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java index ae2baa95ca..a6ea9d261e 100644 --- a/qpid/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java +++ b/qpid/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java @@ -21,13 +21,10 @@ package org.apache.qpid.server.security.access.plugins; import java.net.InetAddress; -import java.net.UnknownHostException; -import java.util.List; +import java.net.InetSocketAddress; -import org.apache.commons.configuration.CompositeConfiguration; import org.apache.commons.configuration.Configuration; import org.apache.commons.configuration.ConfigurationException; -import org.apache.commons.configuration.XMLConfiguration; import org.apache.qpid.server.configuration.plugins.ConfigurationPlugin; import org.apache.qpid.server.security.AbstractPlugin; import org.apache.qpid.server.security.Result; @@ -87,28 +84,19 @@ public class Firewall extends AbstractPlugin { return Result.ABSTAIN; // We are only interested in access to virtualhosts } - - // TODO alter 0-10 code path to expose the SocketAddress object? - String address = (String) instance; - - if (address == null || address.trim().length() == 0) + + if (!(instance instanceof InetSocketAddress)) { - return Result.ABSTAIN; // We need an address + return Result.ABSTAIN; // We need an internet address } + InetAddress address = ((InetSocketAddress) instance).getAddress(); + try { - int slash = address.indexOf('/'); - int colon = address.indexOf(':'); - InetAddress addr = InetAddress.getByName(address.substring(slash == -1 ? 0 : slash + 1, colon == -1 ? address.length() : colon)); - if (addr == null) - { - return Result.ABSTAIN; // Not a real address - } - for (FirewallRule rule : _rules) { - boolean match = rule.match(addr); + boolean match = rule.match(address); if (match) { return rule.getAccess(); @@ -116,11 +104,6 @@ public class Firewall extends AbstractPlugin } return getDefault(); } - catch (UnknownHostException uhe) - { - _logger.error("Address format invalid: " + address, uhe); - return Result.DENIED; - } catch (FirewallException fe) { return Result.DENIED; |