Class HostFilter
- java.lang.Object
-
- All Implemented Interfaces:
Filter
,Nameable
,PathConfigProcessor
public class HostFilter extends AuthorizationFilter
A Filter that can allow or deny access based on the host that sent the request. WARNING: NOT YET FULLY IMPLEMENTED!!! Work in progress.- Since:
- 1.0
-
-
Field Summary
Fields Modifier and Type Field Description static Pattern
IPV4_PATTERN
static String
IPV4_QUAD_REGEX
static String
IPV4_REGEX
static String
PRIVATE_CLASS_A_REGEX
static String
PRIVATE_CLASS_B_REGEX
static String
PRIVATE_CLASS_B_SUBSET
static String
PRIVATE_CLASS_C_REGEX
-
Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter
DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD
-
Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter
appliedPaths, pathMatcher
-
Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
-
Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig
-
-
Constructor Summary
Constructors Constructor Description HostFilter()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected boolean
isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
Returnstrue
if the request is allowed to proceed through the filter normally, orfalse
if the request should be handled by theonAccessDenied(request,response,mappedValue)
method instead.protected boolean
isIpv4Candidate(String host)
void
setAuthorizedHosts(String authorizedHosts)
void
setDeniedHosts(String deniedHosts)
-
Methods inherited from class org.apache.shiro.web.filter.authz.AuthorizationFilter
getUnauthorizedUrl, onAccessDenied, setUnauthorizedUrl
-
Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter
getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl
-
Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter
getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig
-
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle
-
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
-
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
-
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
-
Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
-
-
-
-
Field Detail
-
IPV4_QUAD_REGEX
public static final String IPV4_QUAD_REGEX
- See Also:
- Constant Field Values
-
IPV4_REGEX
public static final String IPV4_REGEX
- See Also:
- Constant Field Values
-
IPV4_PATTERN
public static final Pattern IPV4_PATTERN
-
PRIVATE_CLASS_B_SUBSET
public static final String PRIVATE_CLASS_B_SUBSET
- See Also:
- Constant Field Values
-
PRIVATE_CLASS_A_REGEX
public static final String PRIVATE_CLASS_A_REGEX
- See Also:
- Constant Field Values
-
PRIVATE_CLASS_B_REGEX
public static final String PRIVATE_CLASS_B_REGEX
- See Also:
- Constant Field Values
-
PRIVATE_CLASS_C_REGEX
public static final String PRIVATE_CLASS_C_REGEX
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
HostFilter
public HostFilter()
-
-
Method Detail
-
setAuthorizedHosts
public void setAuthorizedHosts(String authorizedHosts)
-
setDeniedHosts
public void setDeniedHosts(String deniedHosts)
-
isIpv4Candidate
protected boolean isIpv4Candidate(String host)
-
isAccessAllowed
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception
Description copied from class:AccessControlFilter
Returnstrue
if the request is allowed to proceed through the filter normally, orfalse
if the request should be handled by theonAccessDenied(request,response,mappedValue)
method instead.- Specified by:
isAccessAllowed
in classAccessControlFilter
- Parameters:
request
- the incomingServletRequest
response
- the outgoingServletResponse
mappedValue
- the filter-specific config value mapped to this filter in the URL rules mappings.- Returns:
true
if the request should proceed through the filter normally,false
if the request should be processed by this filter'sAccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object)
method instead.- Throws:
Exception
- if an error occurs during processing.
-
-