Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-3311

[Migration][WebToUndertow] RemoteIpValve is not correctly migrated

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 7.0.0.ER6
    • 7.0.0.ER5
    • Migration, Undertow
    • None

      When migrating RemoteIpValve which looks like this

       <valve name="remote-ip-valve" module="org.jboss.as.web" class-name="org.apache.catalina.valves.RemoteIpValve">
              <param param-name="httpServerPort" param-value="8080"/>
              <param param-name="httpsServerPort" param-value="8443"/>
              <param param-name="internalProxies" param-value="192.*|127.*"/>
              <param param-name="trustedProxies" param-value="10.*"/>
              <param param-name="protocolHeaderHttpsValue" param-value="https"/>
              <param param-name="protocolHeader" param-value="X-Forwarded-Proto"/>
              <param param-name="remoteIpHeader" param-value="X-Forwarded-For"/>
              <param param-name="proxiesHeader" param-value="X-Forwarded-By"/>
          </valve>
      

      it is migrated to expression filter looking like this

      <expression-filter expression="regexp(pattern=&quot;10.*&quot;, value=%{i, x-forwarded-for}, full-match=true) and regexp(pattern=&quot;192.*|127.*&quot;, value=%{i, x-forwarded-for}, full-match=true) -&gt; { proxy-peer-address(); }" name="remote-ip-valve"/>
      

      When doing request to http://127.0.0.1:8080/ it fails with 500 and this exception in log

      14:06:53,648 ERROR [io.undertow.request] (default I/O-4) UT005071: Undertow request failed HttpServerExchange{ GET / request {Accept=[*/*], User-Agent=[curl/7.43.0-DEV], Host=[127.0.0.1:8080]} response {}}: java.lang.IllegalArgumentException: UT000045: Error parsing predicated handler string Expecting , or ):
      regexp(pattern="10.*", value=%{i, x-forwarded-for}, full-match=true) and regexp(pattern="192.*|127.*", value=%{i, x-forwarded-for}, full-match=true) -> { proxy-peer-address(); }
                                                                                                                                                                                       ^
      	at io.undertow.server.handlers.builder.PredicatedHandlersParser.error(PredicatedHandlersParser.java:727)
      	at io.undertow.server.handlers.builder.PredicatedHandlersParser.parseExpression(PredicatedHandlersParser.java:506)
      	at io.undertow.server.handlers.builder.PredicatedHandlersParser.parse(PredicatedHandlersParser.java:381)
      	at io.undertow.server.handlers.builder.PredicatedHandlersParser.parse(PredicatedHandlersParser.java:322)
      	at io.undertow.server.handlers.builder.PredicatedHandlersParser.parse(PredicatedHandlersParser.java:85)
      	at org.wildfly.extension.undertow.filters.ExpressionFilterDefinition.createHttpHandler(ExpressionFilterDefinition.java:88)
      	at org.wildfly.extension.undertow.filters.FilterService.createHttpHandler(FilterService.java:57)
      	at org.wildfly.extension.undertow.filters.FilterRef.createHttpHandler(FilterRef.java:69)
      	at org.wildfly.extension.undertow.LocationService.configureHandlerChain(LocationService.java:96)
      	at org.wildfly.extension.undertow.Host.configureRootHandler(Host.java:117)
      	at org.wildfly.extension.undertow.Host.getOrCreateRootHandler(Host.java:171)
      	at org.wildfly.extension.undertow.Host$HostRootHandler.handleRequest(Host.java:285)
      	at io.undertow.server.handlers.NameVirtualHostHandler.handleRequest(NameVirtualHostHandler.java:64)
      	at io.undertow.server.handlers.error.SimpleErrorPageHandler.handleRequest(SimpleErrorPageHandler.java:76)
      	at io.undertow.server.handlers.CanonicalPathHandler.handleRequest(CanonicalPathHandler.java:49)
      	at io.undertow.server.handlers.ChannelUpgradeHandler.handleRequest(ChannelUpgradeHandler.java:158)
      	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
      	at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:233)
      	at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:131)
      	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:145)
      	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:92)
      	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:51)
      	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
      	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
      	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
      	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
      	at org.xnio.nio.QueuedNioTcpServer$1.run(QueuedNioTcpServer.java:121)
      	at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:580)
      	at org.xnio.nio.WorkerThread.run(WorkerThread.java:464)
      

      The exception is caused by not having in quotes the '%{i, x-forwarded-for}'.
      Also there is no predicate named regexp, the correct name is regex.

      As this is hidden to the customer during the migration operation and is not visible before customer sends request to the server marking as blocker.

              ehugonne1@redhat.com Emmanuel Hugonnet
              rhatlapa@redhat.com Radim Hatlapatka (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: