Issue #12714 verify workername for Mongo usage

jetty · Jan 15, 2025 · 3800931 · 3800931
1 parent 73e6058
commit 3800931
Show file tree

Hide file tree

Showing 3 changed files with 195 additions and 0 deletions.
diff --git a/...src/test/java/org/eclipse/jetty/ee10/session/nosql/mongodb/MongoSessionDataStoreTest.java b/...src/test/java/org/eclipse/jetty/ee10/session/nosql/mongodb/MongoSessionDataStoreTest.java
@@ -17,12 +17,16 @@
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.function.Consumer;
 
 import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
 import org.eclipse.jetty.session.AbstractSessionDataStoreTest;
+import org.eclipse.jetty.session.DefaultSessionCache;
+import org.eclipse.jetty.session.DefaultSessionCacheFactory;
 import org.eclipse.jetty.session.DefaultSessionIdManager;
+import org.eclipse.jetty.session.ManagedSession;
 import org.eclipse.jetty.session.SessionContext;
 import org.eclipse.jetty.session.SessionData;
 import org.eclipse.jetty.session.SessionDataStore;
@@ -37,6 +41,8 @@
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.testcontainers.shaded.org.hamcrest.Matchers.not;
 
 /**
  * MongoSessionDataStoreTest
@@ -128,6 +134,89 @@ public boolean checkSessionPersisted(SessionData data) throws Exception
         }
     }
 
+    @Test
+    public void testBadWorkerName() throws Exception
+    {
+        Server server = new Server();
+        DefaultSessionIdManager idMgr = new DefaultSessionIdManager(server);
+        idMgr.setWorkerName("b-a-d");
+        server.addBean(idMgr);
+
+        //create the SessionDataStore
+        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
+        context.setContextPath("/ctx");
+
+        server.setHandler(context);
+        context.getSessionHandler().setSessionIdManager(idMgr);
+
+        DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
+        cacheFactory.setSaveOnCreate(true);
+        server.addBean(cacheFactory);
+
+        SessionDataStoreFactory factory = createSessionDataStoreFactory();
+        server.addBean(factory);
+
+        assertThrows(IllegalStateException.class, () ->
+        {
+            server.start();
+        });
+    }
+
+    @Test
+    public void testGoodWorkerName() throws Exception
+    {
+        Server server = new Server();
+        DefaultSessionIdManager idMgr = new DefaultSessionIdManager(server);
+        idMgr.setWorkerName("NODE99");
+        server.addBean(idMgr);
+
+        //create the SessionDataStore
+        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
+        context.setContextPath("/ctx");
+
+        server.setHandler(context);
+        context.getSessionHandler().setSessionIdManager(idMgr);
+
+        DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
+        cacheFactory.setSaveOnCreate(true);
+        server.addBean(cacheFactory);
+
+        SessionDataStoreFactory factory = createSessionDataStoreFactory();
+        server.addBean(factory);
+
+        not(assertThrows(IllegalStateException.class, () ->
+        {
+            server.start();
+        }));
+    }
+
+    @Test
+    public void testDefaultWorkerName() throws Exception
+    {
+        Server server = new Server();
+        DefaultSessionIdManager idMgr = new DefaultSessionIdManager(server);
+        server.addBean(idMgr);
+
+        //create the SessionDataStore
+        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
+        context.setContextPath("/ctx");
+
+        server.setHandler(context);
+        context.getSessionHandler().setSessionIdManager(idMgr);
+
+        DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
+        cacheFactory.setSaveOnCreate(true);
+        server.addBean(cacheFactory);
+
+        SessionDataStoreFactory factory = createSessionDataStoreFactory();
+        server.addBean(factory);
+
+        not(assertThrows(IllegalStateException.class, () ->
+        {
+            server.start();
+        }));
+    }
+
     /**
      * Test that a session stored in the legacy attribute
      * format can be read.

diff --git a/.../src/test/java/org/eclipse/jetty/ee9/session/nosql/mongodb/MongoSessionDataStoreTest.java b/.../src/test/java/org/eclipse/jetty/ee9/session/nosql/mongodb/MongoSessionDataStoreTest.java
@@ -22,6 +22,7 @@
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.session.AbstractSessionDataStoreFactory;
 import org.eclipse.jetty.session.AbstractSessionDataStoreTest;
+import org.eclipse.jetty.session.DefaultSessionCacheFactory;
 import org.eclipse.jetty.session.DefaultSessionIdManager;
 import org.eclipse.jetty.session.SessionContext;
 import org.eclipse.jetty.session.SessionData;
@@ -34,8 +35,10 @@
 import org.junit.jupiter.api.Test;
 import org.testcontainers.junit.jupiter.Testcontainers;
 
+import static org.hamcrest.Matchers.not;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
 
 /**
  * MongoSessionDataStoreTest
@@ -114,6 +117,89 @@ public boolean checkSessionPersisted(SessionData data) throws Exception
         }
     }
 
+    @Test
+    public void testBadWorkerName() throws Exception
+    {
+        Server server = new Server();
+        DefaultSessionIdManager idMgr = new DefaultSessionIdManager(server);
+        idMgr.setWorkerName("b-a-d");
+        server.addBean(idMgr);
+
+        //create the SessionDataStore
+        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
+        context.setContextPath("/ctx");
+
+        server.setHandler(context);
+        context.getSessionHandler().setSessionIdManager(idMgr);
+
+        DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
+        cacheFactory.setSaveOnCreate(true);
+        server.addBean(cacheFactory);
+
+        SessionDataStoreFactory factory = createSessionDataStoreFactory();
+        server.addBean(factory);
+
+        assertThrows(IllegalStateException.class, () ->
+        {
+            server.start();
+        });
+    }
+
+    @Test
+    public void testGoodWorkerName() throws Exception
+    {
+        Server server = new Server();
+        DefaultSessionIdManager idMgr = new DefaultSessionIdManager(server);
+        idMgr.setWorkerName("NODE99");
+        server.addBean(idMgr);
+
+        //create the SessionDataStore
+        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
+        context.setContextPath("/ctx");
+
+        server.setHandler(context);
+        context.getSessionHandler().setSessionIdManager(idMgr);
+
+        DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
+        cacheFactory.setSaveOnCreate(true);
+        server.addBean(cacheFactory);
+
+        SessionDataStoreFactory factory = createSessionDataStoreFactory();
+        server.addBean(factory);
+
+        not(assertThrows(IllegalStateException.class, () ->
+        {
+            server.start();
+        }));
+    }
+
+    @Test
+    public void testDefaultWorkerName() throws Exception
+    {
+        Server server = new Server();
+        DefaultSessionIdManager idMgr = new DefaultSessionIdManager(server);
+        server.addBean(idMgr);
+
+        //create the SessionDataStore
+        ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
+        context.setContextPath("/ctx");
+
+        server.setHandler(context);
+        context.getSessionHandler().setSessionIdManager(idMgr);
+
+        DefaultSessionCacheFactory cacheFactory = new DefaultSessionCacheFactory();
+        cacheFactory.setSaveOnCreate(true);
+        server.addBean(cacheFactory);
+
+        SessionDataStoreFactory factory = createSessionDataStoreFactory();
+        server.addBean(factory);
+
+        not(assertThrows(IllegalStateException.class, () ->
+        {
+            server.start();
+        }));
+    }
+
     /**
      * Test that a session stored in the legacy attribute
      * format can be read.

diff --git a/...ions/jetty-nosql/src/main/java/org/eclipse/jetty/nosql/mongodb/MongoSessionDataStore.java b/...ions/jetty-nosql/src/main/java/org/eclipse/jetty/nosql/mongodb/MongoSessionDataStore.java
@@ -42,6 +42,7 @@
 import org.eclipse.jetty.session.SessionContext;
 import org.eclipse.jetty.session.SessionData;
 import org.eclipse.jetty.session.UnreadableSessionDataException;
+import org.eclipse.jetty.util.SearchPattern;
 import org.eclipse.jetty.util.StringUtil;
 import org.eclipse.jetty.util.annotation.ManagedAttribute;
 import org.eclipse.jetty.util.annotation.ManagedObject;
@@ -159,6 +160,8 @@ public class MongoSessionDataStore extends NoSqlSessionDataStore
      */
     private DBObject _version1;
 
+    private SearchPattern _workerNamePattern = SearchPattern.compile("[0-9][a-zA-Z]*");
+
     /**
      * Access to MongoDB
      */
@@ -175,6 +178,23 @@ public MongoCollection<Document> getDBCollection()
         return _dbSessions;
     }
 
+    @Override
+    protected void doStart() throws Exception
+    {
+        checkWorkerName();
+        super.doStart();
+    }
+
+    private void checkWorkerName() throws IllegalStateException
+    {
+        if (_context == null || StringUtil.isEmpty(_context.getWorkerName()))
+            return;
+
+        byte[] bytes = _context.getWorkerName().getBytes();
+        if (_workerNamePattern.match(bytes, 0, bytes.length) < 0)
+            throw new IllegalStateException("Invalid worker name: " + _context.getWorkerName());
+    }
+
     @Override
     public SessionData doLoad(String id) throws Exception
     {