Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.ibisph.filter
Class RequestFromSecurityFilter

java.lang.Object
  extended by org.ibisph.filter.RequestFromSecurityFilter
All Implemented Interfaces:
javax.servlet.Filter
public class RequestFromSecurityFilter
extends java.lang.Object
implements javax.servlet.Filter

Checks that the request is being made from a specific IP address or domain. Simple filter that enforces that the request is coming from an approved admin system. If requester's ip address does not match that the specified init parameter/property value then an HTTP insufficient privs is returned. Otherwise the request is passed through for processing. This filter is basically used to make sure that the publish request is coming from the data admin application.

Filter Init Params:

Parameter NameDescription
AdminSystem.IPAddress IP address segment (left to right significance) which is used to identify/allow publishing requests to come from. Localhost should be "127.0.0.1", If null/blank then any machine is allowed to make a publishing request. A value of "254.67" means that any address that starts with 254.67 is valid (e.g. 254.67.*.* or 254.67.255.255 in networking terms).

Author:
Garth Braithwaite, STG

Field Summary
protected  java.lang.String ipAddress
           
 
Constructor Summary
RequestFromSecurityFilter()
           
 
Method Summary
 void destroy()
          Required method - Does NOT do anything.
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
          Method that checks the request is being made from the specified address.
 void init(javax.servlet.FilterConfig filterConfig)
          Sets the filter's control properties via the init-parameters (located in the application's deployment web.xml file).
 void setIPAddress(java.lang.String ipAddress)
          Property setter for the IP address to filter on.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ipAddress

protected java.lang.String ipAddress
Constructor Detail

RequestFromSecurityFilter

public RequestFromSecurityFilter()
Method Detail

setIPAddress

public void setIPAddress(java.lang.String ipAddress)
Property setter for the IP address to filter on.

Parameters:
ipAddress - Full or partial IP address to match the requester's IP against.

init

public void init(javax.servlet.FilterConfig filterConfig)
Sets the filter's control properties via the init-parameters (located in the application's deployment web.xml file).

Specified by:
init in interface javax.servlet.Filter
Parameters:
filterConfig - allows the init method to access filter and servlet objects.

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException
Method that checks the request is being made from the specified address. If requester's ip address does not match that the specified init parameter/property then the request/response is not allowed to go any further and an HTTP insufficient privs is returned to the user. If it matches the request is simply allowed through.

Specified by:
doFilter in interface javax.servlet.Filter
Throws:
java.io.IOException
javax.servlet.ServletException

destroy

public void destroy()
Required method - Does NOT do anything.

Specified by:
destroy in interface javax.servlet.Filter
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD