javawebparts.filter
Class IPAccessControlFilter

java.lang.Object
  |
  +--javawebparts.filter.IPAccessControlFilter
All Implemented Interfaces:
javax.servlet.Filter

public class IPAccessControlFilter
extends java.lang.Object
implements javax.servlet.Filter

This filter rejects or allows a request based on the IP address it comes from.

Init parameters are:


Example configuration in web.xml:

<filter>
  <filter-name>IPAccessControlFilter</filter-name>
  <filter-class>javawebparts.filter. IPAccessControlFilter</filter-class>
  <init-param>
    <param-name>pathSpec</param-name>
    <param-value>include</param-value>
  </init-param>
  <init-param>
    <param-name>pathList</param-name>
    <param-value>*‍/IACTestTarget.jsp</ param-value>
  </init-param>
  <init-param>
    <param-name>addressSpec</param-name>
    <param-value>include</param-value>
  </init-param>
  <init-param>
    <param-name>matchType</param-name>
    <param-value>regex</param-value>
  </init-param>
  <init-param>
    <param-name>addressList</param-name>
    <param-value>localhost</param-value>
  </init-param>
  <init-param>
    <param-name>forwardTo</param-name>
    <param-value>/IACReject.jsp</param-value>   </init-param>
  <init-param>
    <param-name>headerName</param-name>
    <param-value>X-Client-IP</param-value>   </init-param>
</filter>

<filter-mapping>
  <filter-name>IPAccessControlFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

Author:
Frank W. Zammetti., Yannick Haudry.

Field Summary
private  java.util.List addressList
          The comma-separated list of IP addresses to allow or deny.
private  java.util.regex.Pattern[] addressPattern
          The list of Pattern to allow or deny IP addresses.
private  java.lang.String addressSpec
          Whether the list of IP addresses is an "include" list or an "exclude" list.
private  java.lang.String forwardTo
          A path to forward to when access is denied.
private  java.lang.String headerName
          Header name to examine instead of doing getRemoteAddr() to retrieve Client IP.
private static org.apache.commons.logging.Log log
          Log instance.
private  java.lang.String matchType
          What type of address matching processing we want this filter to do.
private  java.util.ArrayList pathList
          List of paths for filter functionality determination.
private  java.lang.String pathSpec
          Whether pathList includes or excludes.
private  java.lang.String redirectTo
          A path to redirect to when access is denied.
 
Constructor Summary
IPAccessControlFilter()
           
 
Method Summary
private  boolean addressInList(java.lang.String localAddr, java.lang.String remoteAddr)
          Called to determine if a given remote IP address is valid against the list of addresses read in from config.
private  boolean addressInPattern(java.lang.String localAddr, java.lang.String remoteAddr)
          Called to determine if a given remote IP address is valid against the regular expressions of addresses read in from config.
 void destroy()
          Destroy.
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain filterChain)
          Do filter's work.
protected  java.lang.String getHeaderAddr(javax.servlet.ServletRequest request)
          Get Client IP through a custom header.
protected  java.lang.String getRemoteAddr(javax.servlet.ServletRequest request)
          Get Client IP using getRemoteAddr method.
 void init(javax.servlet.FilterConfig filterConfig)
          Initialize this filter.
private static long ipToLong(java.lang.String ip)
          Method that converts an IP address to a long.
private static java.lang.String padBinByteStr(java.lang.String binByte)
          Method that pads (prefixes) a string representation of a byte with 0's.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

private static org.apache.commons.logging.Log log
Log instance.


pathSpec

private java.lang.String pathSpec
Whether pathList includes or excludes.


pathList

private java.util.ArrayList pathList
List of paths for filter functionality determination.


addressSpec

private java.lang.String addressSpec
Whether the list of IP addresses is an "include" list or an "exclude" list.


matchType

private java.lang.String matchType
What type of address matching processing we want this filter to do. Valid values are "standard", "regex".


addressList

private java.util.List addressList
The comma-separated list of IP addresses to allow or deny.


addressPattern

private java.util.regex.Pattern[] addressPattern
The list of Pattern to allow or deny IP addresses.


redirectTo

private java.lang.String redirectTo
A path to redirect to when access is denied.


forwardTo

private java.lang.String forwardTo
A path to forward to when access is denied.


headerName

private java.lang.String headerName
Header name to examine instead of doing getRemoteAddr() to retrieve Client IP.

Constructor Detail

IPAccessControlFilter

public IPAccessControlFilter()
Method Detail

destroy

public void destroy()
Destroy.

Specified by:
destroy in interface javax.servlet.Filter

init

public void init(javax.servlet.FilterConfig filterConfig)
          throws javax.servlet.ServletException
Initialize this filter.

Specified by:
init in interface javax.servlet.Filter
Parameters:
filterConfig - The configuration information for this filter.
Throws:
javax.servlet.ServletException - ServletException.

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain filterChain)
              throws javax.servlet.ServletException,
                     java.io.IOException
Do filter's work.

Specified by:
doFilter in interface javax.servlet.Filter
Parameters:
request - The current request object.
response - The current response object.
filterChain - The current filter chain.
Throws:
javax.servlet.ServletException - ServletException.
java.io.IOException - IOException.

getRemoteAddr

protected java.lang.String getRemoteAddr(javax.servlet.ServletRequest request)
Get Client IP using getRemoteAddr method.

Parameters:
request - ServletRequest.
Returns:
request.getRemoteAddre().

getHeaderAddr

protected java.lang.String getHeaderAddr(javax.servlet.ServletRequest request)
Get Client IP through a custom header.

Parameters:
request - ServletRequest.
Returns:
Header name.

addressInPattern

private boolean addressInPattern(java.lang.String localAddr,
                                 java.lang.String remoteAddr)
Called to determine if a given remote IP address is valid against the regular expressions of addresses read in from config.

Parameters:
localAddr - The IP address of the server.
remoteAddr - The IP address of the client.
Returns:
True if the address matches one of the regex, false if not.

addressInList

private boolean addressInList(java.lang.String localAddr,
                              java.lang.String remoteAddr)
Called to determine if a given remote IP address is valid against the list of addresses read in from config.

Parameters:
localAddr - The IP address of the server.
remoteAddr - The IP address of the client.
Returns:
True if the address is in the list, false if not.

ipToLong

private static long ipToLong(java.lang.String ip)
Method that converts an IP address to a long.

Parameters:
ip - The IP address to convert.
Returns:
The IP address as a long.

padBinByteStr

private static java.lang.String padBinByteStr(java.lang.String binByte)
Method that pads (prefixes) a string representation of a byte with 0's.

Parameters:
binByte - String of the byte (maybe less than 8 bits) to pad.
Returns:
String of the byte guaranteed to have 8 bits.


Copyright 2005 Frank W. Zammetti