SpringMVC IP permission Design

Source: Internet
Author: User

SpringMVC IP permission Design
SpringMVC IP address permission design meets this requirement during development, specifying some IP users who send requests without permission judgment; asking them to go beyond the logon page, enter the page to which the URL is directed. I am using springmvc interceptor.
The following is my idea (I only tested a single IP address, so there is no set or array for storing IP addresses, but you can modify it when using IT ): 1. First, determine the IP address storage location that does not require permission judgment. Here I will put it in the tool class: Const2. How to get the IP Address requested by the user: accept. 3. Configure the Interceptor to determine which URLs do not need to be intercepted. 4. Customize a Interceptor: LoginHandlerInterceptor. HandlerInterceptorAdapter must be inherited here.
Let's look at the code below: 1. Const class

Public class Const {public static final String SESSION_SECURITY_CODE = "sessionSecCode"; public static final String SESSION_USER = "sessionUser"; public static final String NO_INTERCEPTOR_PATH = ". */(login) | (logout) | (code )). * "; // access path blocking (regular) public static final String SESSION_SECURITY_IP =" 127.0.0.1 ";}
2,
Package com. flf. util; import java.net. inetAddress; import java.net. unknownHostException; import javax. servlet. http. httpServletRequest; public class AcquireIp {/*** get the IP address of the user's current request * @ param request * @ return */public static String getIpAddr (HttpServletRequest request) {String ipAddress = request. getHeader ("x-forwarded-for"); if (ipAddress = null | ipAddress. length () = 0 | "unknown ". equalsIgnoreCase (I PAddress) {ipAddress = request. getHeader ("Proxy-Client-IP");} if (ipAddress = null | ipAddress. length () = 0 | "unknown ". equalsIgnoreCase (ipAddress) {ipAddress = request. getHeader ("WL-Proxy-Client-IP");} if (ipAddress = null | ipAddress. length () = 0 | "unknown ". equalsIgnoreCase (ipAddress) {ipAddress = request. getRemoteAddr (); if (ipAddress. equals ("127.0.0.1") | ipAddress. equals ("0: 0: 0: 0: 0: 0: 1 ") {// obtain the IP address InetAddress inet = null configured on the local machine based on the NIC; try {inet = InetAddress. getLocalHost ();} catch (UnknownHostException e) {e. printStackTrace ();} ipAddress = inet. getHostAddress () ;}}// when multiple proxies are used, the first IP address is the real IP address of the client, and multiple IP addresses are separated by ',' if (ipAddress! = Null & ipAddress. length ()> 15 ){//"***. ***. ***. ***". length () = 15 if (ipAddress. indexOf (",")> 0) {ipAddress = ipAddress. substring (0, ipAddress. indexOf (",") ;}} return ipAddress ;}}

3. configuration file-related code: configure the following interception section in the spring MVC configuration file.
 
  
   
   
  
 
4. LoginHandlerInterceptor Interceptor:
package com.flf.interceptor;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;import com.flf.entity.User;import com.flf.util.Const;
Public class LoginHandlerInterceptor extends HandlerInterceptorAdapter {public boolean preHandle (HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {// TODO Auto-generated method stubString path = request. getServletPath (); // obtain the IPString requestIp of the user request = AcquireIp. getIpAddr (request); if (path. matches (Const. NO_INTERCEPTOR_PATH) {return true ;}
HttpSession session = request.getSession();User user = (User)session.getAttribute(Const.SESSION_USER);if(requestIp!=null && requestIp.equals(Const.SESSION_SECURITY_IP)){//response.sendRedirect(request.getContextPath()+path);return true;}else{if(user!=null){return true;}else{response.sendRedirect(request.getContextPath()+ "/login");return false;}}}return super.preHandle(request, response, handler);}}
}

The above issues are related to IP permission judgment.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.