User:Alfredas/JosekiSecurity
In order to restrict access to the Joseki update service and make it accessible only from localhost:
- add this to the top of web.xml under joseki/WEB-INF
<!-- Access Filter --> <filter> <filter-name>AccessFilter</filter-name> <filter-class>nl.tudelft.tbm.servletaccessfilter.ServletAccessFilter</filter-class> </filter> <filter-mapping> <filter-name>AccessFilter</filter-name> <url-pattern>/update/service/*</url-pattern> </filter-mapping>
- download jar and put it in the servlet engine's classpath
- restart server
Source[edit]
package nl.tudelft.tbm.servletaccessfilter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletResponse; public class ServletAccessFilter implements Filter { @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (request.getRemoteAddr().equals("0:0:0:0:0:0:0:1") || request.getRemoteAddr().equals("127.0.0.1")) { chain.doFilter(request, response); } else { HttpServletResponse httpr = (HttpServletResponse) response; httpr.sendError(HttpServletResponse.SC_FORBIDDEN); } } @Override public void init(FilterConfig config) throws ServletException { } }