Skip to content

Incorrect ServerName with ALB #647

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Closed
luizck opened this issue Oct 10, 2023 · 1 comment
Closed

Incorrect ServerName with ALB #647

luizck opened this issue Oct 10, 2023 · 1 comment
Assignees
@mbfreder

Comments

@luizck
Copy link

luizck commented Oct 10, 2023

To help us debug your issue fill in the basic information below using the options provided

Serverless Java Container version: eg. 1.5
2.0.0-M2

Implementations: Jersey / Spring / Spring Boot / Spring Boot 2 / Spark
Spring Boot 3

Framework version: eg SpringBoot 2.2.6.RELEASE
Spring Boot 3.1.3

Frontend service: REST API / HTTP API / ALB
ALB
Multiheaders enabled in the Target Group

Deployment method: eg SAM, Serverless Framework, Console
SAM

Scenario

Describe what you are trying to accomplish

Implement a Rest API with HATEOAS.

Expected behavior

Describe how you would expect the application to behave

The request

GET /people HTTP/1.1
Host: cirrus-recuperacao-lambda-public-2025369026.sa-east-1.elb.amazonaws.com

should return the result

{
  "_embedded": {
    "personList": [
      {
        "id": 1,
        "name": "John",
        "age": 30,
        "_links": {
          "self": {
            "href": "http://cirrus-recuperacao-lambda-public-2025369026.sa-east-1.elb.amazonaws.com/person/1"
          }
        }
      },
      {
        "id": 3,
        "name": "Bob",
        "age": 10,
        "_links": {
          "self": {
            "href": "http://cirrus-recuperacao-lambda-public-2025369026.sa-east-1.elb.amazonaws.com/person/3"
          }
        }
      }
    ]
  }
}

Actual behavior

Describe what you are seeing instead

{
  "_embedded": {
    "personList": [
      {
        "id": 1,
        "name": "John",
        "age": 30,
        "_links": {
          "self": {
            "href": "http://null.execute-api.sa-east-1.amazonaws.com/person/1"
          }
        }
      },
      {
        "id": 3,
        "name": "Bob",
        "age": 10,
        "_links": {
          "self": {
            "href": "http://null.execute-api.sa-east-1.amazonaws.com/person/3"
          }
        }
      }
    ]
  }
}

Steps to reproduce

Provide code samples we can use to reproduce the issue as part of our integration tests. If there is a public repository for the misbehaving application link to it here

Sample code: https://github.com/luizck/spring-hateoas-lambda

It seems the problem is located in the method SecurityUtils.isValidHost, since it compares the ALB's hostname with the API Gateway Id, which is not provided:

https://github.com/awslabs/aws-serverless-java-container/blob/32eb54afd58fd68bbb118d6f51494ce426d628cc/aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsProxyHttpServletRequest.java#L408
@mbfreder
Copy link
Contributor

Thanks for raising the issue. We're looking into it.

@deki deki mentioned this issue Oct 26, 2023
Open
2 tasks
@mbfreder mbfreder mentioned this issue Nov 16, 2023
Merged
2 tasks
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@mbfreder mbfreder

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@luizck @mbfreder