Skip to content

X
xyqb-user2
Commit e5f0a099 authored by 技术部-任文超's avatar 技术部-任文超
Browse files
Options

优化内网调用的IP识别拦截器:白名单+内网IP域+出口IP

parent 5171d7e9
Hide whitespace changes
Inline Side-by-side
Showing with 5 additions and 17 deletions
src/main/java/cn/quantgroup/xyqb/interceptors/IPWhiteListInterceptor.java
View file @ e5f0a099
package cn.quantgroup.xyqb.interceptors; package cn.quantgroup.xyqb.interceptors;
import cn.quantgroup.xyqb.util.IPUtil; import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.ValidationUtil;
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.HandlerInterceptor;
...@@ -10,23 +10,17 @@ import org.springframework.web.servlet.ModelAndView; ...@@ -10,23 +10,17 @@ import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.util.HashSet;
import java.util.Set; import java.util.Set;
import java.util.regex.Pattern;
/** /**
* Created by Administrator on 2017/5/9. * Created by Administrator on 2017/5/9.
*/ */
public class IPWhiteListInterceptor implements HandlerInterceptor { public class IPWhiteListInterceptor implements HandlerInterceptor {
private Integer isDebug;
private static final Logger LOGGER = LoggerFactory.getLogger(IPWhiteListInterceptor.class); private static final Logger LOGGER = LoggerFactory.getLogger(IPWhiteListInterceptor.class);
private static final String patternStr = "172.*";
private static final String [] allowIPs = {"139.198.7.123"}; private static final String [] allowIPs = {"139.198.7.123"};
private static Set<String> allowIPSet = Sets.newHashSet(allowIPs); private static Set<String> allowIPSet = Sets.newHashSet(allowIPs);
private static final Pattern pattern = Pattern.compile(patternStr); private Integer isDebug;
public IPWhiteListInterceptor(Integer isDebug) { public IPWhiteListInterceptor(Integer isDebug) {
this.isDebug = isDebug; this.isDebug = isDebug;
...@@ -38,16 +32,10 @@ public class IPWhiteListInterceptor implements HandlerInterceptor { ...@@ -38,16 +32,10 @@ public class IPWhiteListInterceptor implements HandlerInterceptor {
return true; return true;
} }
String remoteIP = IPUtil.getRemoteIP(request); String remoteIP = IPUtil.getRemoteIP(request);
if(StringUtils.isNoneBlank(remoteIP)){ if(IPUtil.whiteOf(remoteIP) || ValidationUtil.validateLocalIpv4(remoteIP) || allowIPSet.contains(remoteIP)) {
remoteIP = remoteIP.trim(); return true;
boolean isMatch = pattern.matcher(remoteIP).matches();
isMatch = Boolean.logicalOr(isMatch,allowIPSet.contains(remoteIP));
if(!isMatch){
LOGGER.info("非法IP尝试访问,ip:[{}]",remoteIP);
}
return isMatch;
} }
LOGGER.info("未能获取remoteIP"); LOGGER.info("非法IP尝试访问,ip:[{}]",remoteIP);
return false; return false;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment