📄 requestfiltervalve.java
字号:
/*
* $Header: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/valves/RequestFilterValve.java,v 1.2 2003/09/02 21:22:03 remm Exp $
* $Revision: 1.2 $
* $Date: 2003/09/02 21:22:03 $
*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 1999-2001 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.catalina.valves;
import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.ServletException;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.ValveContext;
import org.apache.catalina.util.StringManager;
import org.apache.regexp.RE;
import org.apache.regexp.RESyntaxException;
/**
* Implementation of a Valve that performs filtering based on comparing the
* appropriate request property (selected based on which subclass you choose
* to configure into your Container's pipeline) against a set of regular
* expressions configured for this Valve.
* <p>
* This valve is configured by setting the <code>allow</code> and/or
* <code>deny</code> properties to a comma-delimited list of regular
* expressions (in the syntax supported by the jakarta-regexp library) to
* which the appropriate request property will be compared. Evaluation
* proceeds as follows:
* <ul>
* <li>The subclass extracts the request property to be filtered, and
* calls the common <code>process()</code> method.
* <li>If there are any deny expressions configured, the property will
* be compared to each such expression. If a match is found, this
* request will be rejected with a "Forbidden" HTTP response.</li>
* <li>If there are any allow expressions configured, the property will
* be compared to each such expression. If a match is found, this
* request will be allowed to pass through to the next Valve in the
* current pipeline.</li>
* <li>If one or more deny expressions was specified but no allow expressions,
* allow this request to pass through (because none of the deny
* expressions matched it).
* <li>The request will be rejected with a "Forbidden" HTTP response.</li>
* </ul>
* <p>
* This Valve may be attached to any Container, depending on the granularity
* of the filtering you wish to perform.
*
* @author Craig R. McClanahan
* @version $Revision: 1.2 $ $Date: 2003/09/02 21:22:03 $
*/
public abstract class RequestFilterValve
extends ValveBase {
// ----------------------------------------------------- Instance Variables
/**
* The comma-delimited set of <code>allow</code> expressions.
*/
protected String allow = null;
/**
* The set of <code>allow</code> regular expressions we will evaluate.
*/
protected RE allows[] = new RE[0];
/**
* The set of <code>deny</code> regular expressions we will evaluate.
*/
protected RE denies[] = new RE[0];
/**
* The comma-delimited set of <code>deny</code> expressions.
*/
protected String deny = null;
/**
* The descriptive information related to this implementation.
*/
private static final String info =
"org.apache.catalina.valves.RequestFilterValve/1.0";
/**
* The StringManager for this package.
*/
protected static StringManager sm =
StringManager.getManager(Constants.Package);
// ------------------------------------------------------------- Properties
/**
* Return a comma-delimited set of the <code>allow</code> expressions
* configured for this Valve, if any; otherwise, return <code>null</code>.
*/
public String getAllow() {
return (this.allow);
}
/**
* Set the comma-delimited set of the <code>allow</code> expressions
* configured for this Valve, if any.
*
* @param allow The new set of allow expressions
*/
public void setAllow(String allow) {
this.allow = allow;
allows = precalculate(allow);
}
/**
* Return a comma-delimited set of the <code>deny</code> expressions
* configured for this Valve, if any; otherwise, return <code>null</code>.
*/
public String getDeny() {
return (this.deny);
}
/**
* Set the comma-delimited set of the <code>deny</code> expressions
* configured for this Valve, if any.
*
* @param deny The new set of deny expressions
*/
public void setDeny(String deny) {
this.deny = deny;
denies = precalculate(deny);
}
/**
* Return descriptive information about this Valve implementation.
*/
public String getInfo() {
return (info);
}
// --------------------------------------------------------- Public Methods
/**
* Extract the desired request property, and pass it (along with the
* specified request and response objects) to the protected
* <code>process()</code> method to perform the actual filtering.
* This method must be implemented by a concrete subclass.
*
* @param request The servlet request to be processed
* @param response The servlet response to be created
* @param context The valve context used to invoke the next valve
* in the current processing pipeline
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public abstract void invoke(Request request, Response response,
ValveContext context)
throws IOException, ServletException;
// ------------------------------------------------------ Protected Methods
/**
* Return an array of regular expression objects initialized from the
* specified argument, which must be <code>null</code> or a comma-delimited
* list of regular expression patterns.
*
* @param list The comma-separated list of patterns
*
* @exception IllegalArgumentException if one of the patterns has
* invalid syntax
*/
protected RE[] precalculate(String list) {
if (list == null)
return (new RE[0]);
list = list.trim();
if (list.length() < 1)
return (new RE[0]);
list += ",";
ArrayList reList = new ArrayList();
while (list.length() > 0) {
int comma = list.indexOf(',');
if (comma < 0)
break;
String pattern = list.substring(0, comma).trim();
try {
reList.add(new RE(pattern));
} catch (RESyntaxException e) {
throw new IllegalArgumentException
(sm.getString("requestFilterValve.syntax", pattern));
}
list = list.substring(comma + 1);
}
RE reArray[] = new RE[reList.size()];
return ((RE[]) reList.toArray(reArray));
}
/**
* Perform the filtering that has been configured for this Valve, matching
* against the specified request property.
*
* @param property The request property on which to filter
* @param request The servlet request to be processed
* @param response The servlet response to be processed
* @param context The valve context used to invoke the next valve
* in the current processing pipeline
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
protected void process(String property,
Request request, Response response,
ValveContext context)
throws IOException, ServletException {
// Check the deny patterns, if any
for (int i = 0; i < denies.length; i++) {
if (denies[i].match(property)) {
ServletResponse sres = response.getResponse();
if (sres instanceof HttpServletResponse) {
HttpServletResponse hres = (HttpServletResponse) sres;
hres.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
}
}
// Check the allow patterns, if any
for (int i = 0; i < allows.length; i++) {
if (allows[i].match(property)) {
context.invokeNext(request, response);
return;
}
}
// Allow if denies specified but not allows
if ((denies.length > 0) && (allows.length == 0)) {
context.invokeNext(request, response);
return;
}
// Deny this request
ServletResponse sres = response.getResponse();
if (sres instanceof HttpServletResponse) {
HttpServletResponse hres = (HttpServletResponse) sres;
hres.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -