ip白名单设置
package com.dbapp.eapp.filter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.PropertySource;
import org.springframework.stereotype.Component;
/**
* Title: MyConfig
* Description:
* 自定义配置文件
* Version:1.0.0
*
* @author pancm
* @date 2018年1月20日
*/
@Component//使用@Configuration也可以
//@ConfigurationProperties(prefix = "application")//前缀
//@PropertySource(value = "classpath:application.properties")//配置文件路径 在resource目录下
//@PropertySource(value = "file:/home/app/eapp/eapp-api-backstage/ipconfig.properties")//配置文件路径 在当前目录下
@PropertySource(value = "file:\\E:\\ipconfig.properties")//配置文件路径 在当前目录下
public class IpConfig {
@Value("${ipWhiteList}")//需要使用@value注解来注入,否则是null
private String ipWhiteList;
/**
* 获取ipWhiteList
*
* @return ipWhiteList
*/
public String getIpWhiteList() {
return ipWhiteList;
}
/**
* 设置ipWhiteList
*
*/
public void setIpWhiteList(String ipWhiteList) {
this.ipWhiteList = ipWhiteList;
}
}
package com.dbapp.eapp.filter;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.*;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Configuration
public class WhiteIPInterceptor extends WebMvcConfigurerAdapter {
private static final Logger logger = LoggerFactory.getLogger(WhiteIPInterceptor.class);
@Bean
public HandlerInterceptor getMyInterceptor() {
return new MyInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
// addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
// excludePathPatterns 用户排除拦截
registry.addInterceptor(getMyInterceptor()).addPathPatterns("/**");
super.addInterceptors(registry);
}
class MyInterceptor implements HandlerInterceptor {
@Autowired
private IpConfig ipconfig;
/**
* 在请求处理之前进行调用(Controller方法调用之前)调用,
* 返回true 则放行, false 则将直接跳出方法
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception {
String ip = getIpAddr(request);
// 获取可以访问系统的白名单
String ipStr = readToString("E:\\ipconfig.properties");
// String ipStr = ipconfig.getIpWhiteList();
String[] ipArr = ipStr.split("\\|");
List<String> ipList = Arrays.asList(ipArr);
if (ipList.contains(ip)) {
return true;
} else {
logger.info("该IP: " + ip + "不通过,不在白名单内!");
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
// 消息
Map<String, Object> messageMap = new HashMap<>();
messageMap.put("status", "404");
messageMap.put("message", "您好,ip为" + ip + ",暂时没有访问权限,请联系管理员开通访问权限。");
ObjectMapper objectMapper = new ObjectMapper();
String writeValueAsString = objectMapper.writeValueAsString(messageMap);
response.getWriter().write(writeValueAsString);
return false;
}
}
/**
* 获取访问的ip地址
*
* @param request
* @return
*/
public String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("X-Forwarded-For");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
public String readToString(String fileName) {
String encoding = "UTF-8";
File file = new File(fileName);
Long filelength = file.length();
byte[] filecontent = new byte[filelength.intValue()];
try {
FileInputStream in = new FileInputStream(file);
in.read(filecontent);
in.close();
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
try {
return new String(filecontent, encoding);
} catch (UnsupportedEncodingException e) {
System.err.println("The OS does not support " + encoding);
e.printStackTrace();
return null;
}
}
//请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
// System.out.println("postHandle被调用");
}
//在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行(主要是用于进行资源清理工作)
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
// System.out.println("afterCompletion被调用");
}
}
}