Update of /var/cvs/contributions/natmm/src/nl/leocms/servlets
In directory james.mmbase.org:/tmp/cvs-serv13683/src/nl/leocms/servlets
Modified Files:
IPFilter.java
Log Message:
NMCMS-644 IPFilter implementation
See also:
http://cvs.mmbase.org/viewcvs/contributions/natmm/src/nl/leocms/servlets
See also: http://www.mmbase.org/jira/browse/NMCMS-644
Index: IPFilter.java
===================================================================
RCS file: /var/cvs/contributions/natmm/src/nl/leocms/servlets/IPFilter.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- IPFilter.java 28 Apr 2009 14:06:06 -0000 1.1
+++ IPFilter.java 28 Apr 2009 15:46:57 -0000 1.2
@@ -28,7 +28,8 @@
private FilterConfig config;
- private List allowedIPRanges;
+ private List allowedIPList;
+ private boolean IPFilterEnabled;
private static Logger log;
@@ -40,16 +41,17 @@
*/
public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
- this.allowedIPRanges = new ArrayList();
+ this.allowedIPList = new ArrayList();
+ this.IPFilterEnabled = NatMMConfig.isIPFilterEnabled();
- String allowedIPRangesProperty = NatMMConfig.getAllowedIPRanges();
- StringTokenizer token = new StringTokenizer(allowedIPRangesProperty,
",");
+ String allowedIPProperty = NatMMConfig.getAllowedIP();
+ StringTokenizer token = new StringTokenizer(allowedIPProperty, ",");
while (token.hasMoreTokens()) {
- allowedIPRanges.add(token.nextToken());
+ allowedIPList.add(token.nextToken());
}
- log = Logging.getLoggerInstance(UrlInterceptor.class.getName());
+ log = Logging.getLoggerInstance(IPFilter.class.getName());
log.debug("IPFilter initialized");
}
@@ -64,8 +66,14 @@
* @throws IOException thrown when an exception occurs
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
- String ip = request.getRemoteAddr();
+ // skip IPFiltering if disabled
+ if (!IPFilterEnabled) {
+ log.debug("Ip filtering disabled.");
+ chain.doFilter(request, response);
+
+ } else {
+ String ip = request.getRemoteAddr();
log.debug("Incoming ip, ip = " + ip);
HttpServletResponse httpResp = null;
@@ -74,29 +82,7 @@
httpResp = (HttpServletResponse) response;
}
- StringTokenizer toke = new StringTokenizer(ip, ".");
- int dots = 0;
- String byte1 = "";
- String byte2 = "";
- String client = "";
-
- while (toke.hasMoreTokens()) {
- ++dots;
-
- // if we've reached the second dot, break and check out the index
value
- if (dots == 1) {
- byte1 = toke.nextToken();
- } else {
- byte2 = toke.nextToken();
- break;
- }
- }
-
- // Piece together half of the client IP address so it can be compared
- // with the forbidden range represented by IPFilter.IP_RANGE
- client = byte1 + "." + byte2;
-
- if (allowedIPRanges.contains(client)) {
+ if (allowedIPList.contains(ip)) {
log.debug("Ip " + ip + " allowed.");
chain.doFilter(request, response);
} else {
@@ -104,6 +90,7 @@
httpResp.sendError(HttpServletResponse.SC_FORBIDDEN, "That means
goodbye forever!");
}
}
+ }
/**
* Destroy method
_______________________________________________
Cvs mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/cvs
