public int checkCrossDomainProxy(
Mapping.SourceType sourceType, boolean isSsl, String host, int port, String originUrl) {
boolean isSelf = RealHost.isSelfOrigin(originUrl);
for (Mapping mapping : activeMappings) {
if (isSelf == false && mapping.isAllowOrigin(originUrl) == false) {
continue;
}
if (mapping.getSourceType() != sourceType) {
continue;
}
Mapping.SecureType secureType = mapping.getSecureType();
if (isSsl && secureType == Mapping.SecureType.PLAIN) {
continue;
}
if (!isSsl && secureType == Mapping.SecureType.SSL) {
continue;
}
if (mapping.matchSourceHost(host) && mapping.matchSourcePost(port)) {
// mapping認証もしくは認証の必要のないMappingはチェックの必要なし
if (mapping.getRolesList().size() == 0 || mapping.getMappingAuth() != null) {
return CHECK_MATCH_NO_AUTH;
} else {
return CHECK_MATCH_AUTH;
}
}
}
return CHECK_NOT_MATCH;
}
// authUrlはCookieLocationベースでのチェックを行うため、wsは、http,wssは、httpsとして存在を確認する
public int checkCrossDomainWebWs(
Mapping.SourceType sourceType, boolean isSsl, String path, String originUrl) {
boolean isSelf = RealHost.isSelfOrigin(originUrl);
for (Mapping mapping : activeMappings) {
if (isSelf == false && mapping.isAllowOrigin(originUrl) == false) {
continue;
}
if (mapping.getSourceType() != sourceType) {
continue;
}
// TODO ドメインのチェックもすべき
// Mapping.SourceType sourceType=mapping.getSourceType();
// if(sourceType!=Mapping.SourceType.WEB&&sourceType!=Mapping.SourceType.WS){
// continue;
// }
Mapping.SecureType secureType = mapping.getSecureType();
if (isSsl && secureType == Mapping.SecureType.PLAIN) {
continue;
}
if (!isSsl && secureType == Mapping.SecureType.SSL) {
continue;
}
String sourcePath = mapping.getSourcePath();
if (path.equals(sourcePath)) {
// mapping認証もしくは認証の必要のないMappingはチェックの必要なし
if (mapping.getRolesList().size() == 0 || mapping.getMappingAuth() != null) {
return CHECK_MATCH_NO_AUTH;
} else {
return CHECK_MATCH_AUTH;
}
}
}
return CHECK_NOT_MATCH;
}
private void setupAuthUrl(Mapping mapping) {
authMapping = mapping;
Authorizer authorizer = config.getAuthorizer();
String selfDomain = config.getString("selfDomain");
String realHostName = mapping.getRealHostName();
RealHost realHost = RealHost.getRealHost(realHostName);
if (realHost == null) {
logger.warn("not found auth mapping realHost.realHostName:" + realHostName);
return;
}
authorizer.setupAuthUrl(
(mapping.getSecureType() == SecureType.SSL),
mapping.getSourcePath(),
selfDomain,
realHost.getBindPort());
}
private void loadMapping(Mapping mapping) {
entryMappings.add(mapping);
if (!mapping.isEnabled()) {
return;
}
if (Boolean.FALSE.equals(mapping.getOption(OPTION_PEEK))) {
synchronized (activeSslProxyMappings) { // ssl proxyは特殊なため別管理
activeSslProxyMappings.add(mapping);
}
} else {
synchronized (activeMappings) {
activeMappings.add(mapping);
}
}
String selfDomain = config.getSelfDomain();
RealHost realHost = RealHost.getRealHost(mapping.getRealHostName());
if (Boolean.TRUE.equals(mapping.getOption(OPTION_ADMIN_HANDLER))) {
StringBuilder sb = new StringBuilder();
String sourceServer = mapping.getSourceServer();
if (sourceServer == null || "".equals(sourceServer)) {
sourceServer = selfDomain;
}
if (mapping.getSecureType() == SecureType.SSL) {
sb.append("https://");
} else {
sb.append("http://");
}
sb.append(sourceServer);
sb.append(":");
sb.append(realHost.getBindPort());
sb.append(mapping.getSourcePath());
adminUrl = sb.toString();
System.out.println("adminUrl:" + adminUrl);
}
Object publicWeb = mapping.getOption(OPTION_PUBLIC_WEB); // publicWebのportとプロトコルを知るため
if (Boolean.TRUE.equals(publicWeb)) {
StringBuilder sb = new StringBuilder();
String sourceServer = mapping.getSourceServer();
if (sourceServer == null || "".equals(sourceServer)) {
sourceServer = selfDomain;
}
if (mapping.getSecureType() == SecureType.SSL) {
sb.append("https://");
} else {
sb.append("http://");
}
sb.append(sourceServer);
sb.append(":");
sb.append(realHost.getBindPort());
sb.append(mapping.getSourcePath());
publicWebUrl = sb.toString();
}
// pacは複数のmappingにあってよいが、そのrealHostは同一である事
// Object authHandler=mapping.getOption(OPTION_AUTH_HANDLER);
if (AuthHandler.class.getName().equals(mapping.getDestinationServer())) {
setupAuthUrl(mapping); // authorizerにauthマッピング定義を教える
}
// mapping auth定義
Object auth = mapping.getOption(OPTION_AUTH);
if (auth != null && auth instanceof JSONObject) {
MappingAuth mappingAuth = new MappingAuth(config.getAuthenticator());
if (mappingAuth.init((JSONObject) auth, mapping.getSourceType() == SourceType.PROXY)) {
mapping.setMappingAuth(mappingAuth);
}
}
Object pac = mapping.getOption(OPTION_PAC); // pacに反映するか否か
if (!Boolean.TRUE.equals(pac)) {
return;
}
switch (mapping.getSourceType()) {
case PROXY:
switch (mapping.getSecureType()) {
case PLAIN:
httpPhantomDomains.add(mapping.getSourceServerHost());
pacProxyPort = realHost.getBindPort();
break;
case SSL:
securePhantomDomains.add(mapping.getSourceServerHost());
pacProxyPort = realHost.getBindPort();
break;
}
break;
case WEB:
}
}
