@Test
public void addressesInIpRangeMatch() throws Exception {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setRequestURI("/test");
WebSecurityExpressionRoot root = new WebSecurityExpressionRoot(mock(Authentication.class),
new FilterInvocation(request, mock(HttpServletResponse.class), mock(FilterChain.class)));
for (int i=0; i < 255; i++) {
request.setRemoteAddr("192.168.1." + i);
assertTrue(root.hasIpAddress("192.168.1.0/24"));
}
request.setRemoteAddr("192.168.1.127");
// 25 = FF FF FF 80
assertTrue(root.hasIpAddress("192.168.1.0/25"));
// encroach on the mask
request.setRemoteAddr("192.168.1.128");
assertFalse(root.hasIpAddress("192.168.1.0/25"));
request.setRemoteAddr("192.168.1.255");
assertTrue(root.hasIpAddress("192.168.1.128/25"));
assertTrue(root.hasIpAddress("192.168.1.192/26"));
assertTrue(root.hasIpAddress("192.168.1.224/27"));
assertTrue(root.hasIpAddress("192.168.1.240/27"));
assertTrue(root.hasIpAddress("192.168.1.255/32"));
request.setRemoteAddr("202.24.199.127");
assertTrue(root.hasIpAddress("202.24.0.0/14"));
request.setRemoteAddr("202.25.179.135");
assertTrue(root.hasIpAddress("202.24.0.0/14"));
request.setRemoteAddr("202.26.179.135");
assertTrue(root.hasIpAddress("202.24.0.0/14"));
}