Class RewriteValve
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.valves.ValveBase
-
- org.apache.catalina.valves.rewrite.RewriteValve
-
- All Implemented Interfaces:
javax.management.MBeanRegistration
,Contained
,JmxEnabled
,Lifecycle
,Valve
public class RewriteValve extends ValveBase
Note: Extra caution should be used when adding a Rewrite Rule. When specifying a regex to match for in a Rewrite Rule, certain regex could allow an attacker to DoS your server, as Java's regex parsing is vulnerable to "catastrophic backtracking" (also known as "Regular expression Denial of Service", or ReDoS). There are some open source tools to help detect vulnerable regex, though in general it is a hard problem. A good defence is to use a regex debugger on your desired regex, and read more on the subject of catastrophic backtracking.- See Also:
- OWASP ReDoS
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.catalina.Lifecycle
Lifecycle.SingleUse
-
-
Field Summary
Fields Modifier and Type Field Description protected boolean
context
Will be set to true if the valve is associated with a context.protected boolean
enabled
enabled this componentprotected java.lang.ThreadLocal<java.lang.Boolean>
invoked
If rewriting occurs, the whole request will be processed again.protected java.util.Map<java.lang.String,RewriteMap>
maps
Maps to be used by the rules.protected java.util.ArrayList<java.lang.String>
mapsConfiguration
Maps configuration.protected java.lang.String
resourcePath
Relative path to the configuration file.protected RewriteRule[]
rules
The rewrite rules that the valve will use.-
Fields inherited from class org.apache.catalina.valves.ValveBase
asyncSupported, container, containerLog, next, sm
-
Fields inherited from interface org.apache.catalina.Lifecycle
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
-
-
Constructor Summary
Constructors Constructor Description RewriteValve()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getConfiguration()
boolean
getEnabled()
protected void
initInternal()
Sub-classes wishing to perform additional initialization should override this method, ensuring that super.initInternal() is the first call in the overriding method.void
invoke(Request request, Response response)
Perform request processing as required by this Valve.protected void
parse(java.io.BufferedReader reader)
static java.lang.Object
parse(java.lang.String line)
This factory method will parse a line formed like: Example: RewriteCond %{REMOTE_HOST} ^host1.* [OR]protected static void
parseCondFlag(java.lang.String line, RewriteCond condition, java.lang.String flag)
Parser for RewriteCond flags.protected static void
parseRuleFlag(java.lang.String line, RewriteRule rule, java.lang.String flag)
Parser for RewriteRule flags.void
setConfiguration(java.lang.String configuration)
void
setEnabled(boolean enabled)
protected void
startInternal()
Start this component and implement the requirements ofLifecycleBase.startInternal()
.protected void
stopInternal()
Stop this component and implement the requirements ofLifecycleBase.stopInternal()
.-
Methods inherited from class org.apache.catalina.valves.ValveBase
backgroundProcess, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, isAsyncSupported, setAsyncSupported, setContainer, setNext, toString
-
Methods inherited from class org.apache.catalina.util.LifecycleMBeanBase
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister, unregister
-
Methods inherited from class org.apache.catalina.util.LifecycleBase
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stop
-
-
-
-
Field Detail
-
rules
protected RewriteRule[] rules
The rewrite rules that the valve will use.
-
invoked
protected java.lang.ThreadLocal<java.lang.Boolean> invoked
If rewriting occurs, the whole request will be processed again.
-
resourcePath
protected java.lang.String resourcePath
Relative path to the configuration file. Note: If the valve's container is a context, this will be relative to /WEB-INF/.
-
context
protected boolean context
Will be set to true if the valve is associated with a context.
-
enabled
protected boolean enabled
enabled this component
-
maps
protected java.util.Map<java.lang.String,RewriteMap> maps
Maps to be used by the rules.
-
mapsConfiguration
protected java.util.ArrayList<java.lang.String> mapsConfiguration
Maps configuration.
-
-
Method Detail
-
getEnabled
public boolean getEnabled()
-
setEnabled
public void setEnabled(boolean enabled)
-
initInternal
protected void initInternal() throws LifecycleException
Description copied from class:LifecycleMBeanBase
Sub-classes wishing to perform additional initialization should override this method, ensuring that super.initInternal() is the first call in the overriding method.- Overrides:
initInternal
in classValveBase
- Throws:
LifecycleException
- If the initialisation fails
-
startInternal
protected void startInternal() throws LifecycleException
Description copied from class:ValveBase
Start this component and implement the requirements ofLifecycleBase.startInternal()
.- Overrides:
startInternal
in classValveBase
- Throws:
LifecycleException
- if this component detects a fatal error that prevents this component from being used
-
setConfiguration
public void setConfiguration(java.lang.String configuration) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getConfiguration
public java.lang.String getConfiguration()
-
parse
protected void parse(java.io.BufferedReader reader) throws LifecycleException
- Throws:
LifecycleException
-
stopInternal
protected void stopInternal() throws LifecycleException
Description copied from class:ValveBase
Stop this component and implement the requirements ofLifecycleBase.stopInternal()
.- Overrides:
stopInternal
in classValveBase
- Throws:
LifecycleException
- if this component detects a fatal error that prevents this component from being used
-
invoke
public void invoke(Request request, Response response) throws java.io.IOException, ServletException
Description copied from interface:Valve
Perform request processing as required by this Valve.
An individual Valve MAY perform the following actions, in the specified order:
- Examine and/or modify the properties of the specified Request and Response.
- Examine the properties of the specified Request, completely generate the corresponding Response, and return control to the caller.
- Examine the properties of the specified Request and Response, wrap either or both of these objects to supplement their functionality, and pass them on.
- If the corresponding Response was not generated (and control was not
returned, call the next Valve in the pipeline (if there is one) by
executing
getNext().invoke()
. - Examine, but not modify, the properties of the resulting Response (which was created by a subsequently invoked Valve or Container).
A Valve MUST NOT do any of the following things:
- Change request properties that have already been used to direct the flow of processing control for this request (for instance, trying to change the virtual host to which a Request should be sent from a pipeline attached to a Host or Context in the standard implementation).
- Create a completed Response AND pass this Request and Response on to the next Valve in the pipeline.
- Consume bytes from the input stream associated with the Request, unless it is completely generating the response, or wrapping the request before passing it on.
- Modify the HTTP headers included with the Response after the
getNext().invoke()
method has returned. - Perform any actions on the output stream associated with the
specified Response after the
getNext().invoke()
method has returned.
- Parameters:
request
- The servlet request to be processedresponse
- The servlet response to be created- Throws:
java.io.IOException
- if an input/output error occurs, or is thrown by a subsequently invoked Valve, Filter, or ServletServletException
- if a servlet error occurs, or is thrown by a subsequently invoked Valve, Filter, or Servlet
-
parse
public static java.lang.Object parse(java.lang.String line)
This factory method will parse a line formed like: Example: RewriteCond %{REMOTE_HOST} ^host1.* [OR]- Parameters:
line
- A line from the rewrite configuration- Returns:
- The condition, rule or map resulting from parsing the line
-
parseCondFlag
protected static void parseCondFlag(java.lang.String line, RewriteCond condition, java.lang.String flag)
Parser for RewriteCond flags.- Parameters:
line
- The configuration line being parsedcondition
- The current conditionflag
- The flag
-
parseRuleFlag
protected static void parseRuleFlag(java.lang.String line, RewriteRule rule, java.lang.String flag)
Parser for RewriteRule flags.- Parameters:
line
- The configuration line being parsedrule
- The current ruleflag
- The flag
-
-