Help
Add this page to your book
Show book (0 pages)
Suggest pagesUser:Alfredas/JosekiSecurity
From MediaWiki.org
In order to restrict access to the Joseki update service and make it accessible only from localhost:
- add this to the top of web.xml under joseki/WEB-INF
<!-- Access Filter -->
<filter>
<filter-name>AccessFilter</filter-name>
<filter-class>nl.tudelft.tbm.servletaccessfilter.ServletAccessFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AccessFilter</filter-name>
<url-pattern>/update/service/*</url-pattern>
</filter-mapping>
- download jar and put it in the servlet engine's classpath
- restart server
[edit] Source
package nl.tudelft.tbm.servletaccessfilter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
public class ServletAccessFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if (request.getRemoteAddr().equals("0:0:0:0:0:0:0:1") || request.getRemoteAddr().equals("127.0.0.1")) {
chain.doFilter(request, response);
} else {
HttpServletResponse httpr = (HttpServletResponse) response;
httpr.sendError(HttpServletResponse.SC_FORBIDDEN);
}
}
@Override
public void init(FilterConfig config) throws ServletException {
}
}
