限制内网（指定ip段）访问某页面的方法——过滤器

web.xml：（可配置多个jsp）

    <filter>
		<filter-name>accessFilter</filter-name>
		<filter-class>com.facebook.util.AccessFilter</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>accessFilter</filter-name>
		<url-pattern>/work/scoreRankManage.jsp</url-pattern>
	</filter-mapping>
	<filter-mapping>
		<filter-name>accessFilter</filter-name>
		<url-pattern>/work/redirectUrlManage.jsp</url-pattern>
	</filter-mapping>

过滤器AccessFilter.java：

package com.facebook.util;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;


/**
 * Servlet Filter implementation class AccessInterceptor
 */
public class AccessFilter implements Filter {
	private static Logger log = LoggerFactory.getLogger(AccessFilter.class);
    /**
     * Default constructor. 
     */
    public AccessFilter() {
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see Filter#destroy()
	 */
	public void destroy() {
		// TODO Auto-generated method stub
	}

	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse resp = (HttpServletResponse) response;
		boolean flag = isIPOK(req,resp);
		if(flag){
			chain.doFilter(request, response);
			return;
		}
		try {
			response.setCharacterEncoding("utf-8"); 
			response.setContentType("text/html");
			PrintWriter pw = response.getWriter();
			
			pw.print("<h1>forbidden!</h1>");
		} catch (IOException e) {
			log.info("--------------AccessFilter_doFilter()过滤器报错：向前端页面写出forbidden错误---------", e);
		}
	}
	
	private boolean isIPOK(HttpServletRequest request, HttpServletResponse response){
		String accessIP = IPUtil.getUserIp(request);
		return isLAN(accessIP);
	}
	
	//是否为内网网段
	public boolean isLAN(String ip){
		if("127.0.0.1".equals(ip)){
			return true;
		}
		return ipIsValid("192.168.0.0-192.168.255.255", ip) || ipIsValid("172.16.0.0-172.31.255.255", ip) 
				|| ipIsValid("10.0.0.0-10.255.255.255", ip);
	}
	
	
	 public static boolean ipIsValid(String ipSection, String ip) {   
	        if (ipSection == null)   
	            throw new NullPointerException("IP段不能为空！");   
	        if (ip == null)   
	            throw new NullPointerException("IP不能为空！");   
	        ipSection = ipSection.trim();   
	        ip = ip.trim();   
	        final String REGX_IP = "((25[0-5]|2[0-4]\\d|1\\d{2}|[1-9]\\d|\\d)\\.){3}(25[0-5]|2[0-4]\\d|1\\d{2}|[1-9]\\d|\\d)";   
	        final String REGX_IPB = REGX_IP + "\\-" + REGX_IP;   
	        if (!ipSection.matches(REGX_IPB) || !ip.matches(REGX_IP))   
	            return false;   
	        int idx = ipSection.indexOf('-');
	        idx = idx<0?ipSection.length():idx;
	        String[] sips = ipSection.substring(0, idx).split("\\.");   
	        String[] sipe = ipSection.substring(idx + 1).split("\\.");   
	        String[] sipt = ip.split("\\.");   
	        long ips = 0L, ipe = 0L, ipt = 0L;   
	        for (int i = 0; i < 4; ++i) {   
	            ips = ips << 8 | Integer.parseInt(sips[i]);   
	            ipe = ipe << 8 | Integer.parseInt(sipe[i]);   
	            ipt = ipt << 8 | Integer.parseInt(sipt[i]);   
	        }   
	        if (ips > ipe) {   
	            long t = ips;   
	            ips = ipe;   
	            ipe = t;   
	        }   
	        return ips <= ipt && ipt <= ipe;   
	    }  
	 
	    public static void main(String[] args) {   
	        if (ipIsValid("192.168.1.1-192.168.1.10", "192.168.3.54")) {   
	            System.out.println("ip属于该网段");   
	        } else  
	            System.out.println("ip不属于该网段");   
	    }   
	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
	}

}

判断网段ip的方法也可用如下方法：

/*验证IP是否属于某个IP段

    *

    * ipSection    IP段（以'-'分隔）

    * ip           所验证的IP号码

    */

  public static boolean ipExistsInRange(String ip,String ipSection) {

       ipSection = ipSection.trim();

       ip = ip.trim();

      int idx = ipSection.indexOf('-');

       String beginIP = ipSection.substring(0, idx);

       String endIP = ipSection.substring(idx + 1);

      return getIp2long(beginIP)<=getIp2long(ip) &&getIp2long(ip)<=getIp2long(endIP);

   }

  public static long getIp2long(String ip) {

       ip = ip.trim();

       String[] ips = ip.split("\\.");

      long ip2long = 0L;

      for (int i = 0; i < 4; ++i) {

           ip2long = ip2long << 8 | Integer.parseInt(ips[i]);

       }

      return ip2long;

   }

   public static long getIp2long2(String ip) {

       ip = ip.trim();

       String[] ips = ip.split("\\.");

      long ip1 = Integer.parseInt(ips[0]);

      long ip2 = Integer.parseInt(ips[1]);

      long ip3 = Integer.parseInt(ips[2]);

      long ip4 = Integer.parseInt(ips[3]);



      long ip2long =1L* ip1 * 256 * 256 * 256 + ip2 * 256 * 256 + ip3 * 256 + ip4;

      return ip2long;

   }

限制内网（指定ip段）访问某页面的方法——过滤器

猜你喜欢