diff --git a/dd-smoke-tests/appsec/spring-tomcat7/build.gradle b/dd-smoke-tests/appsec/spring-tomcat7/build.gradle new file mode 100644 index 00000000000..bb3b9ddf5e9 --- /dev/null +++ b/dd-smoke-tests/appsec/spring-tomcat7/build.gradle @@ -0,0 +1,33 @@ +plugins { + id "com.github.johnrengelman.shadow" +} + +apply from: "$rootDir/gradle/java.gradle" +description = 'Spring Tomcat7 Smoke Tests.' + +jar { + manifest { + attributes('Main-Class': 'datadog.smoketest.appsec.springtomcat7.Main') + } +} + +dependencies { + implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-jasper', version: '7.0.47' + implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '7.0.47' + implementation group: 'org.apache.tomcat', name: 'tomcat-juli', version: '7.0.47' + implementation group: 'org.springframework', name: 'spring-webmvc', version: '4.0.0.RELEASE' + + testImplementation project(':dd-smoke-tests:appsec') +} + +tasks.withType(Test).configureEach { + dependsOn "shadowJar" + + jvmArgs "-Ddatadog.smoketest.appsec.springtomcat7.shadowJar.path=${tasks.shadowJar.archiveFile.get()}" +} + +task testRuntimeActivation(type: Test) { + jvmArgs '-Dsmoke_test.appsec.enabled=inactive', + "-Ddatadog.smoketest.appsec.springtomcat7.shadowJar.path=${tasks.shadowJar.archiveFile.get()}" +} +tasks['check'].dependsOn(testRuntimeActivation) diff --git a/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/AppConfigurer.java b/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/AppConfigurer.java new file mode 100644 index 00000000000..f32a9d67b82 --- /dev/null +++ b/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/AppConfigurer.java @@ -0,0 +1,11 @@ +package datadog.smoketest.appsec.springtomcat7; + +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; + +@Configuration +@EnableWebMvc +@ComponentScan(basePackages = {"datadog.smoketest.appsec.springtomcat7"}) +public class AppConfigurer extends WebMvcConfigurerAdapter {} diff --git a/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/Controller.java b/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/Controller.java new file mode 100644 index 00000000000..54e64878cf6 --- /dev/null +++ b/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/Controller.java @@ -0,0 +1,18 @@ +package datadog.smoketest.appsec.springtomcat7; + +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +public class Controller { + + @RequestMapping("/") + public String htmlString() { + return "Hello world!"; + } + + @RequestMapping("/exception") + public void exceptionMethod() throws Throwable { + throw new Throwable("hello"); + } +} diff --git a/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/Main.java b/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/Main.java new file mode 100644 index 00000000000..629bd4e8ef5 --- /dev/null +++ b/dd-smoke-tests/appsec/spring-tomcat7/src/main/java/datadog/smoketest/appsec/springtomcat7/Main.java @@ -0,0 +1,56 @@ +package datadog.smoketest.appsec.springtomcat7; + +import de.thetaphi.forbiddenapis.SuppressForbidden; +import java.io.File; +import org.apache.catalina.Context; +import org.apache.catalina.startup.Tomcat; +import org.springframework.web.context.support.AnnotationConfigWebApplicationContext; +import org.springframework.web.servlet.DispatcherServlet; + +public class Main { + + private static final String ROOT = "/"; + private static final String SERVLET = "dispatcherServlet"; + + @SuppressForbidden + public static void main(String[] args) throws Exception { + int port = 8080; + for (String arg : args) { + if (arg.contains("=")) { + String[] kv = arg.split("="); + if (kv.length == 2) { + if ("--server.port".equalsIgnoreCase(kv[0])) { + try { + port = Integer.parseInt(kv[1]); + } catch (NumberFormatException e) { + System.out.println( + "--server.port '" + + kv[1] + + "' is not valid port. Will be used default port " + + port); + } + } + } + } + } + + Tomcat tomcat = new Tomcat(); + tomcat.setPort(port); + + Context context = tomcat.addContext(ROOT, new File(".").getAbsolutePath()); + + Tomcat.addServlet( + context, + SERVLET, + new DispatcherServlet( + new AnnotationConfigWebApplicationContext() { + { + register(AppConfigurer.class); + } + })); + context.addServletMapping(ROOT, SERVLET); + + tomcat.start(); + tomcat.getServer().await(); + } +} diff --git a/dd-smoke-tests/appsec/spring-tomcat7/src/test/groovy/datadog/smoketest/appsec/SpringTomcatSmokeTest.groovy b/dd-smoke-tests/appsec/spring-tomcat7/src/test/groovy/datadog/smoketest/appsec/SpringTomcatSmokeTest.groovy new file mode 100644 index 00000000000..75e7168cd3f --- /dev/null +++ b/dd-smoke-tests/appsec/spring-tomcat7/src/test/groovy/datadog/smoketest/appsec/SpringTomcatSmokeTest.groovy @@ -0,0 +1,36 @@ +package datadog.smoketest.appsec + +import okhttp3.Request + +class SpringTomcatSmokeTest extends AbstractAppSecServerSmokeTest { + + @Override + ProcessBuilder createProcessBuilder() { + String springBootShadowJar = System.getProperty("datadog.smoketest.appsec.springtomcat7.shadowJar.path") + + List command = new ArrayList<>() + command.add(javaPath()) + command.addAll(defaultJavaProperties) + command.add("-Ddd.iast.enabled=true") + command.add("-Ddd.iast.stacktrace-leak.suppress=true") + command.addAll((String[]) ["-jar", springBootShadowJar, "--server.port=${httpPort}"]) + + ProcessBuilder processBuilder = new ProcessBuilder(command) + processBuilder.directory(new File(buildDirectory)) + } + + def "suppress exception stacktrace"() { + when: + String url = "http://localhost:${httpPort}/exception" + def request = new Request.Builder() + .url(url) + .build() + def response = client.newCall(request).execute() + def responseBodyStr = response.body().string() + waitForTraceCount 1 + + then: + responseBodyStr.contains('Sorry, you cannot access this page. Please contact the customer service team.') + response.code() == 500 + } +} \ No newline at end of file diff --git a/settings.gradle b/settings.gradle index d5917b55a68..80f4db89e19 100644 --- a/settings.gradle +++ b/settings.gradle @@ -141,6 +141,7 @@ include ':dd-smoke-tests:vertx-3.9-resteasy' include ':dd-smoke-tests:vertx-4.2' include ':dd-smoke-tests:wildfly' include ':dd-smoke-tests:appsec' +include ':dd-smoke-tests:appsec:spring-tomcat7' include ':dd-smoke-tests:appsec:springboot' include ':dd-smoke-tests:appsec:springboot-grpc' include ':dd-smoke-tests:appsec:springboot-security'