BanFilter


1   /*
2    * $Id: BanFilter.java,v 1.3 2005/06/07 12:32:26 bel70 Exp $
3    *
4    * ***** BEGIN LICENSE BLOCK *****
5    * The contents of this file are subject to the Mozilla Public License
6    * Version 1.1 (the "License"); you may not use this file except in 
7    * compliance with the License. You may obtain a copy of the License 
8    * at http://www.mozilla.org/MPL/
9    *
10   * Software distributed under the License is distributed on an "AS IS"
11   * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
12   * the License for the specific language governing rights and 
13   * limitations under the License.
14   *
15   * The Original Code is JGossip forum code.
16   *
17   * The Initial Developer of the Original Code is the JResearch, Org. 
18   * Portions created by the Initial Developer are Copyright (C) 2004 
19   * the Initial Developer. All Rights Reserved. 
20   * 
21   * Contributor(s): 
22   *              Dmitriy Belov <bel@jresearch.org>
23   *               .
24   * * ***** END LICENSE BLOCK ***** */
25  /*
26   * Created on 29.08.2004
27   *
28   */
29  package org.jresearch.gossip.filters;
30  
31  import java.io.IOException  ;
32  
33  import javax.servlet.Filter  ;
34  import javax.servlet.FilterChain  ;
35  import javax.servlet.FilterConfig  ;
36  import javax.servlet.ServletException  ;
37  import javax.servlet.ServletRequest  ;
38  import javax.servlet.ServletResponse  ;
39  import javax.servlet.http.HttpServletRequest  ;
40  import javax.servlet.http.HttpSession  ;
41  
42  import org.jresearch.gossip.IConst;
43  import org.jresearch.gossip.am.ban.BanGuard;
44  import org.jresearch.gossip.beans.user.User;
45  import org.jresearch.gossip.constants.BanType;
46  import org.jresearch.gossip.exception.SystemException;
47  import org.jresearch.gossip.log.LogLevel;
48  import org.jresearch.gossip.log.avalon.JGossipLog;
49  
50  /**
51   * @author Dmitry Belov
52   * 
53   */
54  public class BanFilter implements Filter   {
55  
56      private FilterConfig   _config;
57  
58      private String   _denied;
59  
60      private String   _signon;
61  
62      private String   _suri;
63  
64      /*
65       * (non-Javadoc)
66       * 
67       * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
68       */
69      public void init(FilterConfig   config) throws ServletException   {
70          _config = config;
71          _denied = config.getInitParameter("denied.action");
72          _signon = config.getInitParameter("signon.action");
73  
74          int i = _signon.lastIndexOf("/");
75          _suri = _signon;
76          if (i >= 0) {
77              _suri = _suri.substring(i);
78          }
79      }
80  
81      /*
82       * (non-Javadoc)
83       * 
84       * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
85       *      javax.servlet.ServletResponse, javax.servlet.FilterChain)
86       */
87      public void doFilter(ServletRequest   request, ServletResponse   response,
88              FilterChain   chain) throws IOException  , ServletException   {
89          HttpServletRequest   req = (HttpServletRequest  ) request;
90          HttpSession   session = req.getSession();
91          User user = (User) session.getAttribute(IConst.SESSION.USER_KEY);
92          try {
93              BanGuard guard = BanGuard.getInstance();
94              String   forward = "";
95              if (guard.checkBan(req.getRemoteAddr(), BanType.IP)) {
96                  forward = _denied;
97              } else if (guard.checkBan(user.getName(), BanType.LOGIN)) {
98                  String   uri = req.getRequestURI();
99                  int i = uri.lastIndexOf("/");
100                 if (i >= 0) {
101                     uri = uri.substring(i);
102                 }
103 
104                 if (_suri.equals(uri)) {
105                     forward = _signon;
106                 } else {
107                     forward = _denied;
108                 }
109 
110             }
111             if (!forward.equals("")) {
112                 JGossipLog.audit(LogLevel.WARN, (User) session
113                         .getAttribute(IConst.SESSION.USER_KEY),
114                         " access denied according ban rules "
115                                 + req.getRequestURI(), session);
116                 _config.getServletContext().getRequestDispatcher(forward)
117                         .forward(request, response);
118             }
119         } catch (SystemException e) {
120             throw new ServletException  (e);
121         }
122         chain.doFilter(request, response);
123 
124     }
125 
126     /*
127      * (non-Javadoc)
128      * 
129      * @see javax.servlet.Filter#destroy()
130      */
131     public void destroy() {
132     }
133 
134 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Free Books Free Magazines
Popular Tags