From 8c8b2105544920d49268e9283317bad28c5ff3d4 Mon Sep 17 00:00:00 2001 From: idawda Date: Thu, 11 Jul 2024 18:21:56 +0530 Subject: [PATCH 1/3] NR-288606: Fix for bug NR-250981 where false API reported for CXF framework --- .../instrumentation/helpers/URLMappingsHelper.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java index 037fb4fab..50529294c 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java @@ -27,6 +27,14 @@ public class URLMappingsHelper { add("org.apache.catalina.servlets.DefaultServlet"); add("org.eclipse.jetty.servlet.DefaultServlet"); add("grails.plugin.databasemigration.DbdocController"); + add("org.apache.cxf.transport.servlet.CXFServlet"); + add("javax.faces.webapp.FacesServlet"); + add("jakarta.faces.webapp.FacesServlet"); + add("weblogic.servlet.JSPServlet"); + add("weblogic.servlet.FileServlet"); + add("weblogic.management.rest.JerseyServlet"); + add("com.caucho.jsp.XtpServlet"); + add("com.caucho.jsp.JspServlet"); }}; public static Set getApplicationURLMappings() { From 27e5e60ffea6c9e3bd1d80664476932cc3505726 Mon Sep 17 00:00:00 2001 From: idawda Date: Fri, 19 Jul 2024 13:43:02 +0530 Subject: [PATCH 2/3] NR-293073: API Endpoint support for weblogic server --- .../weblogic/HttpServletHelper.java | 50 ++++++++++++++++++ .../internal/WebAppServletContext.java | 26 ++++++++++ .../weblogic12/HttpServletHelper.java | 51 +++++++++++++++++++ .../internal/WebAppServletContext.java | 26 ++++++++++ 4 files changed, 153 insertions(+) create mode 100644 instrumentation-security/weblogic-12.2/src/main/java/com/newrelic/agent/security/instrumentation/weblogic/HttpServletHelper.java create mode 100644 instrumentation-security/weblogic-12.2/src/main/java/weblogic/servlet/internal/WebAppServletContext.java create mode 100644 instrumentation-security/weblogic-12/src/main/java/com/newrelic/agent/security/instrumentation/weblogic12/HttpServletHelper.java create mode 100644 instrumentation-security/weblogic-12/src/main/java/weblogic/servlet/internal/WebAppServletContext.java diff --git a/instrumentation-security/weblogic-12.2/src/main/java/com/newrelic/agent/security/instrumentation/weblogic/HttpServletHelper.java b/instrumentation-security/weblogic-12.2/src/main/java/com/newrelic/agent/security/instrumentation/weblogic/HttpServletHelper.java new file mode 100644 index 000000000..64a740440 --- /dev/null +++ b/instrumentation-security/weblogic-12.2/src/main/java/com/newrelic/agent/security/instrumentation/weblogic/HttpServletHelper.java @@ -0,0 +1,50 @@ +package com.newrelic.agent.security.instrumentation.weblogic; + + +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.utils.logging.LogLevel; +import weblogic.servlet.internal.WebAppServletContext; + +import javax.servlet.ServletRegistration; +import java.util.Collection; +import java.util.Map; + +public class HttpServletHelper { + + public static final String WEBLOGIC_12_2 = "WEBLOGIC-12.2"; + + public static void gatherURLMappings( WebAppServletContext servletContext) { + try { + Map servletRegistrations = servletContext.getServletRegistrations(); + for (ServletRegistration servletRegistration : servletRegistrations.values()) { + for (String s : servletRegistration.getMappings()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, s, servletRegistration.getClassName())); + } + } + getJSPMappings(servletContext, URLMappingsHelper.SEPARATOR); + } catch (Exception e){ + NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, WEBLOGIC_12_2, e.getMessage()), e, HttpServletHelper.class.getName()); + } + } + + private static void getJSPMappings(WebAppServletContext servletContext, String dir) { + try { + if(dir.endsWith(URLMappingsHelper.SEPARATOR)){ + Collection resourcePaths = servletContext.getResourcePaths(dir); + for (String path : resourcePaths) { + if(path.endsWith(URLMappingsHelper.SEPARATOR)) { + getJSPMappings(servletContext, path); + } + else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") || path.endsWith(".JSPX")) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, path)); + } + } + } + } catch (Exception e){ + NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, WEBLOGIC_12_2, e.getMessage()), e, HttpServletHelper.class.getName()); + } + } +} diff --git a/instrumentation-security/weblogic-12.2/src/main/java/weblogic/servlet/internal/WebAppServletContext.java b/instrumentation-security/weblogic-12.2/src/main/java/weblogic/servlet/internal/WebAppServletContext.java new file mode 100644 index 000000000..72f480c99 --- /dev/null +++ b/instrumentation-security/weblogic-12.2/src/main/java/weblogic/servlet/internal/WebAppServletContext.java @@ -0,0 +1,26 @@ +package weblogic.servlet.internal; + +import com.newrelic.agent.security.instrumentation.weblogic.HttpServletHelper; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +import javax.servlet.ServletRegistration; +import java.util.Map; +import java.util.Set; + +@Weave +public final class WebAppServletContext { + + void start() throws Exception { + Weaver.callOriginal(); + HttpServletHelper.gatherURLMappings(this); + } + + public Map getServletRegistrations() { + return Weaver.callOriginal(); + } + + public Set getResourcePaths(String path) { + return Weaver.callOriginal(); + } +} diff --git a/instrumentation-security/weblogic-12/src/main/java/com/newrelic/agent/security/instrumentation/weblogic12/HttpServletHelper.java b/instrumentation-security/weblogic-12/src/main/java/com/newrelic/agent/security/instrumentation/weblogic12/HttpServletHelper.java new file mode 100644 index 000000000..25a1507bf --- /dev/null +++ b/instrumentation-security/weblogic-12/src/main/java/com/newrelic/agent/security/instrumentation/weblogic12/HttpServletHelper.java @@ -0,0 +1,51 @@ +package com.newrelic.agent.security.instrumentation.weblogic12; + + +import com.newrelic.api.agent.security.NewRelicSecurity; +import com.newrelic.api.agent.security.instrumentation.helpers.GenericHelper; +import com.newrelic.api.agent.security.instrumentation.helpers.URLMappingsHelper; +import com.newrelic.api.agent.security.schema.ApplicationURLMapping; +import com.newrelic.api.agent.security.utils.logging.LogLevel; +import weblogic.servlet.internal.WebAppServletContext; + +import javax.servlet.ServletRegistration; +import java.util.Collection; +import java.util.Map; + +public class HttpServletHelper { + + public static final String WEBLOGIC_12 = "WEBLOGIC-12"; + + public static void gatherURLMappings( WebAppServletContext servletContext) { + try { + Map servletRegistrations = servletContext.getServletRegistrations(); + getJSPMappings(servletContext, URLMappingsHelper.SEPARATOR); + + for (ServletRegistration servletRegistration : servletRegistrations.values()) { + for (String s : servletRegistration.getMappings()) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, s, servletRegistration.getClassName())); + } + } + } catch (Exception e){ + NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, WEBLOGIC_12, e.getMessage()), e, HttpServletHelper.class.getName()); + } + } + + private static void getJSPMappings(WebAppServletContext servletContext, String dir) { + try { + if(dir.endsWith(URLMappingsHelper.SEPARATOR)){ + Collection resourcePaths = servletContext.getResourcePaths(dir); + for (String path : resourcePaths) { + if(path.endsWith(URLMappingsHelper.SEPARATOR)) { + getJSPMappings(servletContext, path); + } + else if(path.endsWith(".jsp") || path.endsWith(".jspx") || path.endsWith(".JSP") || path.endsWith(".JSPX")) { + URLMappingsHelper.addApplicationURLMapping(new ApplicationURLMapping(URLMappingsHelper.WILDCARD, path)); + } + } + } + } catch (Exception e){ + NewRelicSecurity.getAgent().log(LogLevel.WARNING, String.format(GenericHelper.ERROR_WHILE_GETTING_APP_ENDPOINTS, WEBLOGIC_12, e.getMessage()), e, HttpServletHelper.class.getName()); + } + } +} diff --git a/instrumentation-security/weblogic-12/src/main/java/weblogic/servlet/internal/WebAppServletContext.java b/instrumentation-security/weblogic-12/src/main/java/weblogic/servlet/internal/WebAppServletContext.java new file mode 100644 index 000000000..88c82d276 --- /dev/null +++ b/instrumentation-security/weblogic-12/src/main/java/weblogic/servlet/internal/WebAppServletContext.java @@ -0,0 +1,26 @@ +package weblogic.servlet.internal; + +import com.newrelic.agent.security.instrumentation.weblogic12.HttpServletHelper; +import com.newrelic.api.agent.weaver.Weave; +import com.newrelic.api.agent.weaver.Weaver; + +import javax.servlet.ServletRegistration; +import java.util.Map; +import java.util.Set; + +@Weave +public final class WebAppServletContext { + + void start() throws Exception { + Weaver.callOriginal(); + HttpServletHelper.gatherURLMappings(this); + } + + public Map getServletRegistrations() { + return Weaver.callOriginal(); + } + + public Set getResourcePaths(String path) { + return Weaver.callOriginal(); + } +} From 8f271a72c09ab50b34ac6b1133ab3b2ea3117eb3 Mon Sep 17 00:00:00 2001 From: idawda Date: Fri, 22 Nov 2024 14:20:41 +0530 Subject: [PATCH 3/3] Fix for NR-294694 where internal APIs reported for weblogic server --- .../helpers/URLMappingsHelper.java | 24 +++++++++++++++---- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java index 2e8917fc4..0d79357dd 100644 --- a/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java +++ b/newrelic-security-api/src/main/java/com/newrelic/api/agent/security/instrumentation/helpers/URLMappingsHelper.java @@ -1,5 +1,6 @@ package com.newrelic.api.agent.security.instrumentation.helpers; +import com.newrelic.api.agent.security.NewRelicSecurity; import com.newrelic.api.agent.security.schema.ApplicationURLMapping; import com.newrelic.api.agent.security.schema.RouteSegment; import com.newrelic.api.agent.security.schema.RouteSegments; @@ -15,13 +16,14 @@ import java.util.concurrent.ConcurrentHashMap; public class URLMappingsHelper { + public static final String SEPARATOR = "/"; public static final String WILDCARD = "*"; public static final String subResourceSegment = "/*"; - private static Set mappings = ConcurrentHashMap.newKeySet(); + private static final Set mappings = ConcurrentHashMap.newKeySet(); private static final Set defaultHandlers = new HashSet() {{ add("org.eclipse.jetty.jsp.JettyJspServlet"); @@ -46,15 +48,24 @@ public class URLMappingsHelper { add("org.codehaus.groovy.grails.web.servlet.GrailsDispatcherServlet"); add("org.codehaus.groovy.grails.web.pages.GroovyPagesServlet"); add("org.codehaus.groovy.grails.web.servlet.ErrorHandlingServlet"); + add("weblogic.corba.iiop.http.TunnelLoginServlet"); + add("weblogic.corba.iiop.http.TunnelSendServlet"); + add("weblogic.corba.iiop.http.TunnelCloseServlet"); + add("weblogic.corba.iiop.http.TunnelRecvServlet"); + add("weblogic.rjvm.http.TunnelLoginServlet"); + add("weblogic.rjvm.http.TunnelRecvServlet"); + add("weblogic.rjvm.http.TunnelSendServlet"); + add("weblogic.rjvm.http.TunnelCloseServlet"); + add("weblogic.servlet.ClasspathServlet"); }}; public static Set getApplicationURLMappings() { return mappings; } - private static Set handlers = ConcurrentHashMap.newKeySet(); + private static final Set handlers = ConcurrentHashMap.newKeySet(); - private static Set routeSegments = new TreeSet<>(new RouteComparator()); + private static final Set routeSegments = new TreeSet<>(new RouteComparator()); public static Set getHandlersHash() { return handlers; @@ -65,8 +76,11 @@ public static Set getRouteSegments() { } public static void addApplicationURLMapping(ApplicationURLMapping mapping) { - if (mapping.getHandler() == null || (mapping.getHandler() != null && !defaultHandlers.contains(mapping.getHandler()))) { - mappings.add(mapping); + if (mapping.getHandler() != null && defaultHandlers.contains(mapping.getHandler())) { + return; + } + mappings.add(mapping); + if (mapping.getHandler() == null) { generateRouteSegments(mapping.getPath()); } if (mapping.getHandler() != null){