Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect ServerName with ALB #647

Closed
luizck opened this issue Oct 10, 2023 · 1 comment
Closed

Incorrect ServerName with ALB #647

luizck opened this issue Oct 10, 2023 · 1 comment
Assignees
@mbfreder

Comments

@luizck
Copy link

luizck commented Oct 10, 2023

To help us debug your issue fill in the basic information below using the options provided

Serverless Java Container version: eg. 1.5
2.0.0-M2

Implementations: Jersey / Spring / Spring Boot / Spring Boot 2 / Spark
Spring Boot 3

Framework version: eg SpringBoot 2.2.6.RELEASE
Spring Boot 3.1.3

Frontend service: REST API / HTTP API / ALB
ALB
Multiheaders enabled in the Target Group

Deployment method: eg SAM, Serverless Framework, Console
SAM

Scenario

Describe what you are trying to accomplish

Implement a Rest API with HATEOAS.

Expected behavior

Describe how you would expect the application to behave

The request

GET /people HTTP/1.1
Host: cirrus-recuperacao-lambda-public-2025369026.sa-east-1.elb.amazonaws.com

should return the result

{
  "_embedded": {
    "personList": [
      {
        "id": 1,
        "name": "John",
        "age": 30,
        "_links": {
          "self": {
            "href": "http://cirrus-recuperacao-lambda-public-2025369026.sa-east-1.elb.amazonaws.com/person/1"
          }
        }
      },
      {
        "id": 3,
        "name": "Bob",
        "age": 10,
        "_links": {
          "self": {
            "href": "http://cirrus-recuperacao-lambda-public-2025369026.sa-east-1.elb.amazonaws.com/person/3"
          }
        }
      }
    ]
  }
}

Actual behavior

Describe what you are seeing instead

{
  "_embedded": {
    "personList": [
      {
        "id": 1,
        "name": "John",
        "age": 30,
        "_links": {
          "self": {
            "href": "http://null.execute-api.sa-east-1.amazonaws.com/person/1"
          }
        }
      },
      {
        "id": 3,
        "name": "Bob",
        "age": 10,
        "_links": {
          "self": {
            "href": "http://null.execute-api.sa-east-1.amazonaws.com/person/3"
          }
        }
      }
    ]
  }
}

Steps to reproduce

Provide code samples we can use to reproduce the issue as part of our integration tests. If there is a public repository for the misbehaving application link to it here

Sample code: https://github.com/luizck/spring-hateoas-lambda

It seems the problem is located in the method SecurityUtils.isValidHost, since it compares the ALB's hostname with the API Gateway Id, which is not provided:

https://github.com/awslabs/aws-serverless-java-container/blob/32eb54afd58fd68bbb118d6f51494ce426d628cc/aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequest.java#L408
@mbfreder
Copy link
Contributor

Thanks for raising the issue. We're looking into it.

@deki deki mentioned this issue Oct 26, 2023
Open
2 tasks
@mbfreder mbfreder mentioned this issue Nov 16, 2023
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mbfreder mbfreder

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@luizck @mbfreder