Skip to content

IpAddressServerWebExchangeMatcher throws NullPointerException with framework forward-headers-strategy  #11888

New issue
New issue
Closed
Closed
IpAddressServerWebExchangeMatcher throws NullPointerException with framework forward-headers-strategy #11888
Assignees
jzheaux
Labels
in: webAn issue in web modules (web, webmvc)type: bugA general bug
Milestone
5.7.5
@dsbecker

Description

@dsbecker
dsbecker
opened on Sep 21, 2022

Describe the bug
When server.forward-headers-strategy=framework is used in a WebFlux project that makes use of an IpAddressServerWebExchangeMatcher a NullPointerException is thrown when a Forwarded or X-Forwarded-For header is present because the remoteAddress created by ForwardedHeaderTransformer is unresolved.

To Reproduce

  1. Create a sample WebFlux project and set server.forward-headers-strategy=framework
  2. Define a SecurityWebFilterChain bean that calls an IpAddressServerWebExchangeMatcher
  3. Submit a request with a Forwarded or X-Forwarded-For header

Expected behavior
The IpAddressServerWebExchangeMatcher should execute as normal with no exception thrown.

Sample
server.forward-headers-strategy=framework

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity httpSecurity) {
        return httpSecurity
                .authorizeExchange(auth -> auth
                        .pathMatchers("/**")
                            .access((authentication, authorizationContext) ->
                                new IpAddressServerWebExchangeMatcher("255.255.255.255")
                                        .matches(authorizationContext.getExchange())
                                        .map(matchResult -> new AuthorizationDecision(matchResult.isMatch()))))
                .build();
    }

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)type: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions