Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Copyright (C) 2010 eXo Platform SAS.
   *
   * This is free software; you can redistribute it and/or modify it
   * under the terms of the GNU Lesser General Public License as
   * published by the Free Software Foundation; either version 2.1 of
   * the License, or (at your option) any later version.
   *
   * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
 
 package org.exoplatform.web.security.proxy;
 
 import java.net.URI;
 import java.util.List;
 
 
The proxy filter service is used for filtering http access when it is performed by GateIn. The following rules applies to the filtering:
  • Same host URI grants access
  • A black list match of the host denies access
  • A white list match of the host grants access
  • Access is denied
The service is configured by
  • a white-list parameter that specifies a list of white list rules
  • a black-list parameter that specifies a list of black list rules
Rules are trimmed and the wildcard character can be used to match any number of character.

Author(s):
Julien Viet
Version:
$Revision$
 
 public class ProxyFilterService {

    
.
 
     private static final Logger log = LoggerFactory.getLogger(ProxyFilterService.class);

    
.
 
     private final List<PatternwhiteList;

    
.
 
     private final List<PatternblackList;
 
     public ProxyFilterService(InitParams params) {
         this. = createList(params.getValuesParam("white-list"));
         this. = createList(params.getValuesParam("black-list"));
 
         // A bit of logging
         .debug("Proxy filter service white list " + );
         .debug("Proxy filter service black list " + );
     }
 
     private List<PatterncreateList(ValuesParam values) {
         if (values != null) {
             ArrayList<Patternpatterns = new ArrayList<Pattern>();
             for (Object value : values.getValues()) {
                 String s = ((Stringvalue).trim();
                 StringBuilder sb = new StringBuilder("^");
                 for (int i = 0; i < s.length(); i++) {
                     char c = s.charAt(i);
                     switch (c) {
                         case '*':
                             sb.append(".*");
                             break;
                         case '[':
                         case '\\':
                         case '^':
                         case '$':
                         case '.':
                         case '|':
                         case '?':
                         case '+':
                         case '(':
                         case ')':
                            sb.append("\\");
                            sb.append(c);
                            break;
                        default:
                            sb.append(c);
                            break;
                    }
                }
                sb.append("$");
                Pattern pattern = Pattern.compile(sb.toString());
                patterns.add(pattern);
            }
            return Collections.unmodifiableList(patterns);
        } else {
            return Collections.emptyList();
        }
    }

    
Returns true if access to a remote URI should be granted.

Parameters:
request the servlet request doing the request
container the portal container associated with the request
remoteURI the remote URI to check
Returns:
the access to the remote URI
    public boolean accept(HttpServletRequest requestPortalContainer containerURI remoteURI) {
        boolean trace = .isTraceEnabled();
        //
        String remoteHost = remoteURI.getHost();
        // Filter based on same server name
        String remoteServerName = request.getServerName();
        if (remoteHost.equals(remoteServerName)) {
            if (trace) {
                .trace("Same host matching for URI " + remoteURI);
            }
            return true;
        }
        // Otherwise go through black list first
        for (int i = 0; i < .size(); i++) {
            Pattern pattern = .get(i);
            boolean rejected = pattern.matcher(remoteHost).matches();
            if (trace) {
                .trace("Black list " + pattern + (rejected ? " matched URI " : " did not match URI") + remoteURI);
            }
            if (rejected) {
                return false;
            }
        }
        // Finally go through white list first
        for (int i = 0; i < .size(); i++) {
            Pattern pattern = .get(i);
            boolean accepted = pattern.matcher(remoteHost).matches();
            if (trace) {
                .trace("White list " + pattern + (accepted ? " matched URI " : " did not match URI") + remoteURI);
            }
            if (accepted) {
                return true;
            }
        }
        //
        if (trace) {
            .trace("Rejected implicitely uri " + remoteURI);
        }
        //
        return false;
    }
New to GrepCode? Check out our FAQ X