用Filter,
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.ilongman.acs.web.EncodingFilter</filter-class>
</filter>
<filter>
<filter-name>RemoteHostFilter</filter-name>
<filter-class>org.jboss.remotehostfilter.RemoteHostFilter</filter-class>
<init-param>
<param-name>allow</param-name>
<param-value>192.168.168.*,127.0.0.*,210.3.23.222,202.177.25.243,202.177.25.248</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>RemoteHostFilter</filter-name>
<url-pattern>/App/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
【108041217】:
package org.jboss.remotehostfilter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Accept or deny a request based on the IP address of the client who made the
* request. JDK 1.4 or higher is required.
*
* This filter is configured by setting the "allow" and/or "deny" properties to a comma-delimited list of regular expressions
* (in the syntax supported by the java.util.regex package) to which the client IP address will be compared.
*
* <filter>
* <filter-name>RemoteHostFilter</filter-name>
* <filter-class>org.jboss.remotehostfilter.RemoteHostFilter</filter-class>
* <init-param>
* <param-name>deny</param-name>
* <param-value>128.0.*,192.4.5.7</param-value>
* </init-param>
* <init-param>
* <param-name>allow</param-name>
* <param-value>192.4.5.6,127.0.0.*</param-value>
* </init-param>
* </filter>
*
* Evaluation proceeds as follows:
*
* If there are any deny expressions configured, the IP will be compared to each expression. If a match is found, this request will be rejected with a "Forbidden" HTTP response.
* If there are any allow expressions configured, the IP will be compared to each such expression. If a match is NOT found, this request will be rejected with a "Forbidden" HTTP response.
* Otherwise, the request will continue normally.
*
* @author Stan Silvert
*/
public class RemoteHostFilter implements Filter {
private String[] allow;
private String[] deny;
private FilterConfig filterConfig = null;
public RemoteHostFilter() {
}
/**
*
* @param request The servlet request we are processing
* @param result The servlet response we are creating
* @param chain The filter chain we are processing
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest request,
ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
String clientAddr = request.getRemoteAddr();
if (hasMatch(clientAddr, deny)) {
handleInvalidAccess(request, response, clientAddr);
return;
}
if ((allow.length > 0) && !hasMatch(clientAddr, allow)) {
handleInvalidAccess(request, response, clientAddr);
return;
}
chain.doFilter(request, response);
}
private void handleInvalidAccess(ServletRequest request,
ServletResponse response,
String clientAddr) throws IOException {
String url = ((HttpServletRequest)request).getRequestURL().toString();
((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN);
}
private boolean hasMatch(String clientAddr, String[] regExps) {
for (int i=0; i < regExps.length; i++) {
if (clientAddr.matches(regExps[i])) return true;
}
return false;
}
/**
* Destroy method for this filter
*
*/
public void destroy() {
this.filterConfig = null;
this.allow = null;
this.deny = null;
}
/**
* Init method for this filter
*
*/
public void init(FilterConfig filterConfig) {
this.filterConfig = filterConfig;
this.allow = extractRegExps(filterConfig.getInitParameter("allow"));
this.deny = extractRegExps(filterConfig.getInitParameter("deny"));
}
private String[] extractRegExps(String initParam) {
if (initParam == null) {
return new String[0];
} else {
return initParam.split(",");
}
}
/**
* Return a String representation of this object.
*/
public String toString() {
if (filterConfig == null) return ("ClientAddrFilter()");
StringBuffer sb = new StringBuffer("ClientAddrFilter(");
sb.append(filterConfig);
sb.append(")");
return (sb.toString());
}
}
转自:http://blog.sina.com.cn/s/blog_4ba7ee69010009b1.html
扫一扫
1019
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
