java代码实现限制某个IP段不能访问-filter实现

用Filter,
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.ilongman.acs.web.EncodingFilter</filter-class>
</filter>
<filter>
<filter-name>RemoteHostFilter</filter-name>
<filter-class>org.jboss.remotehostfilter.RemoteHostFilter</filter-class>
<init-param>
<param-name>allow</param-name>
<param-value>192.168.168.*,127.0.0.*,210.3.23.222,202.177.25.243,202.177.25.248</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>RemoteHostFilter</filter-name>
<url-pattern>/App/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>

【108041217】:

package org.jboss.remotehostfilter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
* Accept or deny a request based on the IP address of the client who made the
* request. JDK 1.4 or higher is required.
*
* This filter is configured by setting the "allow" and/or "deny" properties to a comma-delimited list of regular expressions
* (in the syntax supported by the java.util.regex package) to which the client IP address will be compared.
*
* <filter>
* <filter-name>RemoteHostFilter</filter-name>
* <filter-class>org.jboss.remotehostfilter.RemoteHostFilter</filter-class>
* <init-param>
* <param-name>deny</param-name>
* <param-value>128.0.*,192.4.5.7</param-value>
* </init-param>
* <init-param>
* <param-name>allow</param-name>
* <param-value>192.4.5.6,127.0.0.*</param-value>
* </init-param>
* </filter>
*
* Evaluation proceeds as follows:
*
* If there are any deny expressions configured, the IP will be compared to each expression. If a match is found, this request will be rejected with a "Forbidden" HTTP response.
* If there are any allow expressions configured, the IP will be compared to each such expression. If a match is NOT found, this request will be rejected with a "Forbidden" HTTP response.
* Otherwise, the request will continue normally.
*
* @author Stan Silvert
*/

public class RemoteHostFilter implements Filter {

private String[] allow;
private String[] deny;

private FilterConfig filterConfig = null;

public RemoteHostFilter() {
}

/**
*
* @param request The servlet request we are processing
* @param result The servlet response we are creating
* @param chain The filter chain we are processing
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
String clientAddr = request.getRemoteAddr();

if (hasMatch(clientAddr, deny)) {
handleInvalidAccess(request, response, clientAddr);
return;
}

if ((allow.length > 0) && !hasMatch(clientAddr, allow)) {
handleInvalidAccess(request, response, clientAddr);
return;
}

chain.doFilter(request, response);
}

private void handleInvalidAccess(ServletRequest request,
ServletResponse response,
String clientAddr) throws IOException {
String url = ((HttpServletRequest)request).getRequestURL().toString();
((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN);
}

private boolean hasMatch(String clientAddr, String[] regExps) {
for (int i=0; i < regExps.length; i++) {
if (clientAddr.matches(regExps[i])) return true;
}

return false;
}

/**
* Destroy method for this filter
*
*/
public void destroy() {
this.filterConfig = null;
this.allow = null;
this.deny = null;
}


/**
* Init method for this filter
*
*/
public void init(FilterConfig filterConfig) {
this.filterConfig = filterConfig;
this.allow = extractRegExps(filterConfig.getInitParameter("allow"));
this.deny = extractRegExps(filterConfig.getInitParameter("deny"));
}

private String[] extractRegExps(String initParam) {
if (initParam == null) {
return new String[0];
} else {
return initParam.split(",");
}
}

/**
* Return a String representation of this object.
*/
public String toString() {
if (filterConfig == null) return ("ClientAddrFilter()");
StringBuffer sb = new StringBuffer("ClientAddrFilter(");
sb.append(filterConfig);
sb.append(")");
return (sb.toString());
}

}

 

转自:http://blog.sina.com.cn/s/blog_4ba7ee69010009b1.html

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值