溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
怎么在SpringMVC中利用攔截器實現一個IP黑名單?很多新手對此不是很清楚,為了幫助大家解決這個難題,下面小編將為大家詳細講解,有這方面需求的人可以來學習下,希望你能有所收獲。
1.配置攔截器
這里使用全局攔截:
<mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/**"/> <bean class="com.nps.base.filter.LoginInterceptor"></bean> </mvc:interceptor> </mvc:interceptors>
攔截器LoginInterceptor代碼:
package com.nps.base.filter;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.nps.utils.IpInterceptUtils;
/**
* 驗證攔截器
* @author HUANG
*/
public class LoginInterceptor implements HandlerInterceptor {
private final static Logger logger = LoggerFactory
.getLogger(LoginInterceptor.class);
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
String ip = getIpAddress(request);
if (IpInterceptUtils.chickIpBreak(ip)) {
return false;
}
Map<String, String> map = getParameterMap(request);// 獲取url中的所有參數
String servletUrl = request.getServletPath();// servlet地址
String url = getRealUrl(servletUrl, map);
if (url.indexOf("/user/") == 0) {
Object user = request.getSession().getAttribute("User");
if (user == null) {
// System.out.println("尚未登錄,調到登錄頁面");
response.sendRedirect(request.getContextPath() + "/loginOut.do");
return false;
}
}
return true;
}
/**
* 獲取請求主機IP地址,如果通過代理進來,則透過防火墻獲取真實IP地址;
*
* @param request
* @return
* @throws IOException
*/
public final static String getIpAddress(HttpServletRequest request)
throws IOException {
// 獲取請求主機IP地址,如果通過代理進來,則透過防火墻獲取真實IP地址
String ip = request.getHeader("X-Forwarded-For");
// if (logger.isInfoEnabled()) {
// logger.info("getIpAddress(HttpServletRequest) - X-Forwarded-For - String ip="
// + ip);
// }
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
// if (logger.isInfoEnabled()) {
// logger.info("getIpAddress(HttpServletRequest) - Proxy-Client-IP - String ip="
// + ip);
// }
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
// if (logger.isInfoEnabled()) {
// logger.info("getIpAddress(HttpServletRequest) - WL-Proxy-Client-IP - String ip="
// + ip);
// }
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
// if (logger.isInfoEnabled()) {
// logger.info("getIpAddress(HttpServletRequest) - HTTP_CLIENT_IP - String ip="
// + ip);
// }
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
// if (logger.isInfoEnabled()) {
// logger.info("getIpAddress(HttpServletRequest) - HTTP_X_FORWARDED_FOR - String ip="
// + ip);
// }
}
if (ip == null || ip.length() == 0
|| "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
// if (logger.isInfoEnabled()) {
// logger.info("getIpAddress(HttpServletRequest) - getRemoteAddr - String ip="
// + ip);
// }
}
} else if (ip.length() > 15) {
String[] ips = ip.split(",");
for (int index = 0; index < ips.length; index++) {
String strIp = (String) ips[index];
if (!("unknown".equalsIgnoreCase(strIp))) {
ip = strIp;
break;
}
}
}
return ip;
}
/**
* 根據request獲取所有的參數集
*
* @param request
* @return
*/
protected Map<String, String> getParameterMap(HttpServletRequest request) {
Enumeration<String> names = request.getParameterNames();
String name;
Map<String, String> map = new HashMap<String, String>();
while (names.hasMoreElements()) {
name = names.nextElement();
map.put(name, request.getParameter(name).trim().replaceAll("'", ""));
}
return map;
}
/**
* 獲取url
*
* @param uri
* @param params
* @return
*/
String getRealUrl(String uri, Map<String, String> params) {
StringBuffer sb = new StringBuffer(uri);
if (params != null) {
int i = 0;
for (String key : params.keySet()) {
i++;
if (i == 1) {
sb.append("?" + key + "=" + params.get(key));
} else {
sb.append("&" + key + "=" + params.get(key));
}
}
}
return sb.toString();
}
}2.校驗IP工具
public class IpInterceptUtils {
private static String date ;
private static PropertiesUtil p=null;
/***
* 校驗IP是否加入黑名單
* @param ip
* @return true 是在黑名單
* @throws IOException
*/
public static boolean chickIpBreak(String ip) throws IOException{
if(p == null){
p = new PropertiesUtil("conf/ip-black.properties");
}else{
String str = new SimpleDateFormat("MMddHHmmss").format(new Date());
str=str.substring(0,9);
if(date==null || !date.equals(str)){
date = str;
p = new PropertiesUtil("conf/ip-black.properties");
}
}
Enumeration en = p.getProps().propertyNames();
while (en.hasMoreElements()) {
String key = (String) en.nextElement();
if(key.equals(ip)){
return true;
}
}
return false;
}
}3.配置文件讀取類
PropertiesUtil
package com.nps.base.model;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import org.springframework.stereotype.Component;
/**
* 讀取Properties綜合類,默認綁定到classpath下的config.properties文件。
* @author
*/
@Component("PropertiesUtil")
public class PropertiesUtil {
//配置文件的路徑
private String configPath=null;
/**
* 配置文件對象
*/
private Properties props=null;
/**
* 默認構造函數,用于sh運行,自動找到classpath下的config.properties。
*/
public PropertiesUtil() throws IOException{
if(props==null){
InputStream in = PropertiesUtil.class.getClassLoader().getResourceAsStream("conf/application.properties");
props = new Properties();
props.load(in);
//關閉資源
in.close();
}
}
/**
* 默認構造函數,用于sh運行,自動找到classpath下的config.properties。
*/
public PropertiesUtil(String path) throws IOException{
if(props==null){
InputStream in = PropertiesUtil.class.getClassLoader().getResourceAsStream(path);
props = new Properties();
props.load(in);
//關閉資源
in.close();
}
}
/**
* 根據key值讀取配置的值
* Jun 26, 2010 9:15:43 PM
* @author 朱志杰
* @param key key值
* @return key 鍵對應的值
* @throws IOException
*/
public String readValue(String key) throws IOException {
return props.getProperty(key);
}
/**
* 讀取properties的全部信息
* @throws FileNotFoundException 配置文件沒有找到
* @throws IOException 關閉資源文件,或者加載配置文件錯誤
*
*/
public Map<String,String> readAllProperties() throws FileNotFoundException,IOException {
//保存所有的鍵值
Map<String,String> map=new HashMap<String,String>();
Enumeration en = props.propertyNames();
while (en.hasMoreElements()) {
String key = (String) en.nextElement();
String Property = props.getProperty(key);
map.put(key, Property);
}
return map;
}
/**
* 設置某個key的值,并保存至文件。
* @param key key值
* @return key 鍵對應的值
* @throws IOException
*/
public void setValue(String key,String value) throws IOException {
Properties prop = new Properties();
InputStream fis = new FileInputStream(this.configPath);
// 從輸入流中讀取屬性列表(鍵和元素對)
prop.load(fis);
// 調用 Hashtable 的方法 put。使用 getProperty 方法提供并行性。
// 強制要求為屬性的鍵和值使用字符串。返回值是 Hashtable 調用 put 的結果。
OutputStream fos = new FileOutputStream(this.configPath);
prop.setProperty(key, value);
// 以適合使用 load 方法加載到 Properties 表中的格式,
// 將此 Properties 表中的屬性列表(鍵和元素對)寫入輸出流
prop.store(fos,"last update");
//關閉文件
fis.close();
fos.close();
}
/**
* @return the props
*/
public Properties getProps() {
return props;
}
public static void main(String[] args) {
PropertiesUtil p;
try {
p = new PropertiesUtil("conf/ip-black.properties");
Enumeration en = p.props.propertyNames();
String str="";
while (en.hasMoreElements()) {
String key = (String) en.nextElement();
System.out.println(key);
}
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}附上黑名單IP文件格式
ip-black.properties 配置文件
45.119.99.35
103.253.2.165
157.65.166.51
202.57.55.242
119.82.252.122
140.227.53.126
140.227.211.20
140.227.208.20
116.253.84.183
看完上述內容是否對您有幫助呢?如果還想對相關知識有進一步的了解或閱讀更多相關文章,請關注億速云行業資訊頻道,感謝您對億速云的支持。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
