HostFilter (Apache Shiro :: Web 1.2.4 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.web.filter.authz
Class HostFilter

java.lang.Object
  org.apache.shiro.web.servlet.ServletContextSupport
      org.apache.shiro.web.servlet.AbstractFilter
          org.apache.shiro.web.servlet.NameableFilter
              org.apache.shiro.web.servlet.OncePerRequestFilter
                  org.apache.shiro.web.servlet.AdviceFilter
                      org.apache.shiro.web.filter.PathMatchingFilter
                          org.apache.shiro.web.filter.AccessControlFilter
                              org.apache.shiro.web.filter.authz.AuthorizationFilter
                                  org.apache.shiro.web.filter.authz.HostFilter

All Implemented Interfaces:: javax.servlet.Filter, Nameable, PathConfigProcessor

public class HostFilter
extends AuthorizationFilter
extends AuthorizationFilter

A Filter that can allow or deny access based on the host that sent the request. WARNING: NOT YET FULLY IMPLEMENTED!!! Work in progress.

Since:: 1.0

Field Summary
`static Pattern`	`IPV4_PATTERN`
`static String`	`IPV4_QUAD_REGEX`
`static String`	`IPV4_REGEX`
`static String`	`PRIVATE_CLASS_A_REGEX`
`static String`	`PRIVATE_CLASS_B_REGEX`
`static String`	`PRIVATE_CLASS_B_SUBSET`
`static String`	`PRIVATE_CLASS_C_REGEX`

Fields inherited from class org.apache.shiro.web.filter.AccessControlFilter
`DEFAULT_LOGIN_URL, GET_METHOD, POST_METHOD`

Fields inherited from class org.apache.shiro.web.filter.PathMatchingFilter
`appliedPaths, pathMatcher`

Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
`ALREADY_FILTERED_SUFFIX`

Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
`filterConfig`

Constructor Summary
`HostFilter()`

Method Summary
`protected boolean`	`isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)` Returns `true` if the request is allowed to proceed through the filter normally, or `false` if the request should be handled by the `onAccessDenied(request,response,mappedValue)` method instead.
`protected boolean`	`isIpv4Candidate(String host)`
`void`	`setAuthorizedHosts(String authorizedHosts)`
`void`	`setDeniedHosts(String deniedHosts)`

Methods inherited from class org.apache.shiro.web.filter.authz.AuthorizationFilter
`getUnauthorizedUrl, onAccessDenied, setUnauthorizedUrl`

Methods inherited from class org.apache.shiro.web.filter.AccessControlFilter
`getLoginUrl, getSubject, isLoginRequest, onAccessDenied, onPreHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setLoginUrl`

Methods inherited from class org.apache.shiro.web.filter.PathMatchingFilter
`getPathWithinApplication, isEnabled, pathsMatch, pathsMatch, preHandle, processPathConfig`

Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
`afterCompletion, cleanup, doFilterInternal, executeChain, postHandle`

Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
`doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter`

Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
`getName, setName, toStringBuilder`

Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
`destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig`

Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
`getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Field Detail

IPV4_QUAD_REGEX

public static final String IPV4_QUAD_REGEX

See Also:: Constant Field Values

IPV4_REGEX

public static final String IPV4_REGEX

See Also:: Constant Field Values

IPV4_PATTERN

public static final Pattern IPV4_PATTERN

PRIVATE_CLASS_B_SUBSET

public static final String PRIVATE_CLASS_B_SUBSET

See Also:: Constant Field Values

PRIVATE_CLASS_A_REGEX

public static final String PRIVATE_CLASS_A_REGEX

See Also:: Constant Field Values

PRIVATE_CLASS_B_REGEX

public static final String PRIVATE_CLASS_B_REGEX

See Also:: Constant Field Values

PRIVATE_CLASS_C_REGEX

public static final String PRIVATE_CLASS_C_REGEX

See Also:: Constant Field Values

Constructor Detail

HostFilter

public HostFilter()

Method Detail

setAuthorizedHosts

public void setAuthorizedHosts(String authorizedHosts)

setDeniedHosts

public void setDeniedHosts(String deniedHosts)

isIpv4Candidate

protected boolean isIpv4Candidate(String host)

isAccessAllowed

protected boolean isAccessAllowed(javax.servlet.ServletRequest request,
                                  javax.servlet.ServletResponse response,
                                  Object mappedValue)
                           throws Exception

Description copied from class: AccessControlFilter

Returns true if the request is allowed to proceed through the filter normally, or false if the request should be handled by the onAccessDenied(request,response,mappedValue) method instead.

Specified by:: isAccessAllowed in class AccessControlFilter

Parameters:: request - the incoming ServletRequest; response - the outgoing ServletResponse; mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
Returns:: true if the request should proceed through the filter normally, false if the request should be processed by this filter's AccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object) method instead.
Throws:: Exception - if an error occurs during processing.