下面详细讲解一下“详解Java Web如何限制访问的IP的两种方法”。
第一种方法:使用Filter过滤器实现IP限制
- 创建一个Filter类,代码如下:
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class IPFilter implements Filter {
private String blacklist;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
blacklist = filterConfig.getInitParameter("blacklist");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String ip = request.getRemoteAddr();
if (blacklist.contains(ip)) {
response.getWriter().write("Access Denied!");
} else {
filterChain.doFilter(servletRequest, servletResponse);
}
}
@Override
public void destroy() {
}
}
- 在web.xml文件中配置Filter
<filter>
<filter-name>ipFilter</filter-name>
<filter-class>IPFilter</filter-class>
<init-param>
<param-name>blacklist</param-name>
<param-value>192.168.0.1,192.168.0.2</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ipFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
上面这个配置文件中,我们定义了一个名为ipFilter的Filter,然后将其url-pattern设置为/*,这样就可以应用到所有的请求上。
- 测试
在浏览器中输入网站的地址,我们可以看到,访问的IP地址在blacklist中,所以无法访问该网站。如果访问的IP地址不在blacklist中,则可以正常访问。
第二种方法:使用Spring Security实现IP限制
- 引入Spring Security依赖,修改pom.xml文件
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>5.2.9.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>5.2.9.RELEASE</version>
</dependency>
- 配置Spring Security
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.DefaultSecurityFilterChain;
import org.springframework.security.web.access.ExceptionTranslationFilter;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.access.intercept.RequestMatcherRegistry;
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter;
import org.springframework.security.web.header.HeaderWriterFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import javax.servlet.Filter;
import java.util.ArrayList;
import java.util.List;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private IPFilter ipFilter;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(ipFilter, AbstractPreAuthenticatedProcessingFilter.class)
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.httpBasic();
http.csrf().disable();
}
}
- 配置IP过滤器
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.security.web.authentication.preauth.RequestAttributeAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import javax.servlet.Filter;
@Configuration
@EnableWebSecurity
public class IPAccessConfig {
@Bean
public Filter ipFilter() {
final RequestAttributeAuthenticationFilter requestAttributeAuthenticationFilter = new RequestAttributeAuthenticationFilter();
requestAttributeAuthenticationFilter.setCheckForPrincipalChanges(false);
final IPAccessHandlerFilter ipAccessHandlerFilter = new IPAccessHandlerFilter();
ipAccessHandlerFilter.setRequestMatcher(new AntPathRequestMatcher("/**"));
final List<Filter> filters = new ArrayList<>();
filters.add(requestAttributeAuthenticationFilter);
filters.add(ipAccessHandlerFilter);
final IPAuthenticatorFilterChain proxyFilterChain = new IPAuthenticatorFilterChain(filters);
proxyFilterChain.setMatchForUnanimousDecision(false);
return proxyFilterChain;
}
}
- 测试
在浏览器中输入网站的地址,我们可以看到,访问的IP地址在blacklist中,所以无法访问该网站。如果访问的IP地址不在blacklist中,则可以正常访问。
至此,这是“详解Java Web如何限制访问的IP的两种方法”的完整攻略,希望对你有所帮助。
本站文章如无特殊说明,均为本站原创,如若转载,请注明出处:详解Java Web如何限制访问的IP的两种方法 - Python技术站