IPAccessHandler ipaccess = new IPAccessHandler(); String blacklist = DAO.getConfig("server.blacklist", ""); if (blacklist != null && blacklist.length() > 0) try { ipaccess = new IPAccessHandler(); String[] bx = blacklist.split(","); ipaccess.setBlack(bx); for (String b: bx) { int p = b.indexOf('|'); sessions.setHandler(gzipHandler); securityHandler.setHandler(sessions); ipaccess.setHandler(securityHandler);
/** * Add a blacklist entry to an existing handler configuration * * @param entry new blacklist entry */ public void addBlack(String entry) { add(entry, _black); }
/** * Re-initialize the blacklist of existing handler object * * @param entries array of blacklist entries */ public void setBlack(String[] entries) { set(entries, _black); }
/** * Creates new handler object and initializes white- and black-list * * @param white array of whitelist entries * @param black array of blacklist entries */ public IPAccessHandler(String[] white, String []black) { super(); if (white != null && white.length > 0) setWhite(white); if (black != null && black.length > 0) setBlack(black); }
/** * Checks the incoming request against the whitelist and blacklist * * @see org.eclipse.jetty.server.handler.HandlerWrapper#handle(java.lang.String, org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Override public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Get the real remote IP (not the one set by the forwarded headers (which may be forged)) HttpChannel channel = baseRequest.getHttpChannel(); if (channel!=null) { EndPoint endp=channel.getEndPoint(); if (endp!=null) { InetSocketAddress address = endp.getRemoteAddress(); if (address!=null && !isAddrUriAllowed(address.getHostString(),baseRequest.getPathInfo())) { response.sendError(HttpStatus.FORBIDDEN_403); baseRequest.setHandled(true); return; } } } getHandler().handle(target,baseRequest, request, response); }
/** * Creates new handler object and initializes white- and black-list * * @param white array of whitelist entries * @param black array of blacklist entries */ public IPAccessHandler(String[] white, String []black) { super(); if (white != null && white.length > 0) setWhite(white); if (black != null && black.length > 0) setBlack(black); }
/** * Checks the incoming request against the whitelist and blacklist * * @see org.eclipse.jetty.server.handler.HandlerWrapper#handle(java.lang.String, org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Override public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Get the real remote IP (not the one set by the forwarded headers (which may be forged)) HttpChannel channel = baseRequest.getHttpChannel(); if (channel!=null) { EndPoint endp=channel.getEndPoint(); if (endp!=null) { InetSocketAddress address = endp.getRemoteAddress(); if (address!=null && !isAddrUriAllowed(address.getHostString(),baseRequest.getPathInfo())) { response.sendError(HttpStatus.FORBIDDEN_403); baseRequest.setHandled(true); return; } } } getHandler().handle(target,baseRequest, request, response); }
/** * Creates new handler object and initializes white- and black-list * * @param white array of whitelist entries * @param black array of blacklist entries */ public IPAccessHandler(String[] white, String []black) { super(); if (white != null && white.length > 0) setWhite(white); if (black != null && black.length > 0) setBlack(black); }
/** * Checks the incoming request against the whitelist and blacklist * * @see org.eclipse.jetty.server.handler.HandlerWrapper#handle(java.lang.String, org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Override public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Get the real remote IP (not the one set by the forwarded headers (which may be forged)) HttpChannel<?> channel = baseRequest.getHttpChannel(); if (channel!=null) { EndPoint endp=channel.getEndPoint(); if (endp!=null) { InetSocketAddress address = endp.getRemoteAddress(); if (address!=null && !isAddrUriAllowed(address.getHostString(),baseRequest.getPathInfo())) { response.sendError(HttpStatus.FORBIDDEN_403); baseRequest.setHandled(true); return; } } } getHandler().handle(target,baseRequest, request, response); }
/** * Add a blacklist entry to an existing handler configuration * * @param entry new blacklist entry */ public void addBlack(String entry) { add(entry, _black); }
/** * Re-initialize the blacklist of existing handler object * * @param entries array of blacklist entries */ public void setBlack(String[] entries) { set(entries, _black); }
IPAccessHandler ipaccess = new IPAccessHandler(); String blacklist = DAO.getConfig("server.blacklist", ""); if (blacklist != null && blacklist.length() > 0) try { ipaccess = new IPAccessHandler(); String[] bx = blacklist.split(","); ipaccess.setBlack(bx); for (String b: bx) { int p = b.indexOf('|'); sessions.setHandler(gzipHandler); securityHandler.setHandler(sessions); ipaccess.setHandler(securityHandler);
/** * Creates new handler object and initializes white- and black-list * * @param white array of whitelist entries * @param black array of blacklist entries */ public IPAccessHandler(String[] white, String []black) { super(); if (white != null && white.length > 0) setWhite(white); if (black != null && black.length > 0) setBlack(black); }
/** * Checks the incoming request against the whitelist and blacklist * * @see org.eclipse.jetty.server.handler.HandlerWrapper#handle(java.lang.String, org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Override public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Get the real remote IP (not the one set by the forwarded headers (which may be forged)) HttpChannel channel = baseRequest.getHttpChannel(); if (channel!=null) { EndPoint endp=channel.getEndPoint(); if (endp!=null) { InetSocketAddress address = endp.getRemoteAddress(); if (address!=null && !isAddrUriAllowed(address.getHostString(),baseRequest.getPathInfo())) { response.sendError(HttpStatus.FORBIDDEN_403); baseRequest.setHandled(true); return; } } } getHandler().handle(target,baseRequest, request, response); }
/** * Add a blacklist entry to an existing handler configuration * * @param entry new blacklist entry */ public void addBlack(String entry) { add(entry, _black); }
/** * Re-initialize the whitelist of existing handler object * * @param entries array of whitelist entries */ public void setWhite(String[] entries) { set(entries, _white); }