Module org.eclipse.jetty.server
Package org.eclipse.jetty.server.handler

Class InetAccessHandler

java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.handler.AbstractHandler
org.eclipse.jetty.server.handler.AbstractHandlerContainer
org.eclipse.jetty.server.handler.HandlerWrapper
org.eclipse.jetty.server.handler.InetAccessHandler
All Implemented Interfaces:
Handler, HandlerContainer, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle
public class InetAccessHandler extends HandlerWrapper
InetAddress Access Handler

Controls access to the wrapped handler using the real remote IP. Control is provided by and IncludeExcludeSet over a InetAddressSet. This handler uses the real internet address of the connection, not one reported in the forwarded for headers, as this cannot be as easily forged.

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler

    AbstractHandler.ErrorDispatchHandler

    Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener, org.eclipse.jetty.util.component.AbstractLifeCycle.StopException

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

    org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

    org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

    org.eclipse.jetty.util.component.LifeCycle.Listener

  • Field Summary

    Fields inherited from class org.eclipse.jetty.server.handler.HandlerWrapper

    _handler

    Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    FAILED, STARTED, STARTING, STOPPED, STOPPING

    Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

    KEY

  • Constructor Summary

    Constructors
    Constructor
    Description
    InetAccessHandler()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    clear()
    Clears all the includes, excludes, included connector names and excluded connector names.
    void
    dump(Appendable out, String indent)
     
    void
    exclude(String pattern)
    Excludes an InetAccess entry pattern with an optional connector name, address and URI mapping.
    void
    exclude(String... patterns)
    Excludes InetAccess patterns
    void
    exclude(String connectorName, String addressPattern, org.eclipse.jetty.http.pathmap.PathSpec pathSpec)
    Excludes an InetAccess entry.
    void
    excludeConnector(String name)
    Deprecated.
    use include(String) instead.
    void
    excludeConnectors(String... names)
    Deprecated.
    use include(String) instead.
    void
    handle(String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
    Checks the incoming request against the whitelist and blacklist
    void
    include(String pattern)
    Includes an InetAccess pattern with an optional connector name, address and URI mapping.
    void
    include(String... patterns)
    Includes InetAccess patterns
    void
    include(String connectorName, String addressPattern, org.eclipse.jetty.http.pathmap.PathSpec pathSpec)
    Includes an InetAccess entry.
    void
    includeConnector(String name)
    Deprecated.
    use include(String) instead.
    void
    includeConnectors(String... names)
    Deprecated.
    use include(String) instead.
    protected boolean
    isAllowed(InetAddress addr, Request baseRequest, javax.servlet.http.HttpServletRequest request)
    Checks if specified address and request are allowed by current InetAddress rules.

    Methods inherited from class org.eclipse.jetty.server.handler.HandlerWrapper

    destroy, expandChildren, getHandler, getHandlers, insertHandler, setHandler

    Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandlerContainer

    expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass, setServer

    Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler

    doError, doStart, doStop, getServer

    Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

    addBean, addBean, addEventListener, addManaged, contains, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans

    Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.eclipse.jetty.util.component.Container

    getCachedBeans, getEventListeners

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

    dumpSelf

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    isDumpable

    Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

    addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop

  • Constructor Details

    • InetAccessHandler

      public InetAccessHandler()

  • Method Details

    • clear

      public void clear()
      Clears all the includes, excludes, included connector names and excluded connector names.

    • include

      public void include(String pattern)
      Includes an InetAccess pattern with an optional connector name, address and URI mapping.

      The connector name is separated from the InetAddress pattern with an '@' character, and the InetAddress pattern is separated from the URI pattern using the "|" (pipe) character. URI patterns follow the servlet specification for simple * prefix and suffix wild cards (e.g. /, /foo, /foo/bar, /foo/bar/*, *.baz).


      Examples:
      • "connector1@127.0.0.1|/foo"
      • "127.0.0.1|/foo"
      • "connector1@127.0.0.1"
      • "127.0.0.1"
      Parameters:
      pattern - InetAccess pattern to include
      See Also:
      • InetAddressSet

    • include

      public void include(String... patterns)
      Includes InetAccess patterns
      Parameters:
      patterns - InetAddress patterns to include
      See Also:
      • InetAddressSet

    • include

      public void include(String connectorName, String addressPattern, org.eclipse.jetty.http.pathmap.PathSpec pathSpec)
      Includes an InetAccess entry.
      Parameters:
      connectorName - optional name of a connector to include.
      addressPattern - optional InetAddress pattern to include.
      pathSpec - optional pathSpec to include.

    • exclude

      public void exclude(String pattern)
      Excludes an InetAccess entry pattern with an optional connector name, address and URI mapping.

      The connector name is separated from the InetAddress pattern with an '@' character, and the InetAddress pattern is separated from the URI pattern using the "|" (pipe) character. URI patterns follow the servlet specification for simple * prefix and suffix wild cards (e.g. /, /foo, /foo/bar, /foo/bar/*, *.baz).


      Examples:
      • "connector1@127.0.0.1|/foo"
      • "127.0.0.1|/foo"
      • "connector1@127.0.0.1"
      • "127.0.0.1"
      Parameters:
      pattern - InetAddress pattern to exclude
      See Also:
      • InetAddressSet

    • exclude

      public void exclude(String... patterns)
      Excludes InetAccess patterns
      Parameters:
      patterns - InetAddress patterns to exclude
      See Also:
      • InetAddressSet

    • exclude

      public void exclude(String connectorName, String addressPattern, org.eclipse.jetty.http.pathmap.PathSpec pathSpec)
      Excludes an InetAccess entry.
      Parameters:
      connectorName - optional name of a connector to exclude.
      addressPattern - optional InetAddress pattern to exclude.
      pathSpec - optional pathSpec to exclude.

    • includeConnector

      @Deprecated public void includeConnector(String name)
      Deprecated.
      use include(String) instead.
      Includes a connector name.
      Parameters:
      name - Connector name to include in this handler.

    • excludeConnector

      @Deprecated public void excludeConnector(String name)
      Deprecated.
      use include(String) instead.
      Excludes a connector name.
      Parameters:
      name - Connector name to exclude in this handler.

    • includeConnectors

      @Deprecated public void includeConnectors(String... names)
      Deprecated.
      use include(String) instead.
      Includes connector names.
      Parameters:
      names - Connector names to include in this handler.

    • excludeConnectors

      @Deprecated public void excludeConnectors(String... names)
      Deprecated.
      use include(String) instead.
      Excludes connector names.
      Parameters:
      names - Connector names to exclude in this handler.

    • handle

      public void handle(String target, Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException, javax.servlet.ServletException
      Checks the incoming request against the whitelist and blacklist
      Specified by:
      handle in interface Handler
      Overrides:
      handle in class HandlerWrapper
      Parameters:
      target - The target of the request - either a URI or a name.
      baseRequest - The original unwrapped request object.
      request - The request either as the Request object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getRequest() method can be used access the Request object if required.
      response - The response as the Response object or a wrapper of that request. The HttpConnection.getCurrentConnection().getHttpChannel().getResponse() method can be used access the Response object if required.
      Throws:
      IOException - if unable to handle the request or response processing
      javax.servlet.ServletException - if unable to handle the request or response due to underlying servlet issue

    • isAllowed

      protected boolean isAllowed(InetAddress addr, Request baseRequest, javax.servlet.http.HttpServletRequest request)
      Checks if specified address and request are allowed by current InetAddress rules.
      Parameters:
      addr - the inetAddress to check
      baseRequest - the base request to check
      request - the HttpServletRequest request to check
      Returns:
      true if inetAddress and request are allowed

    • dump

      public void dump(Appendable out, String indent) throws IOException
      Specified by:
      dump in interface org.eclipse.jetty.util.component.Dumpable
      Overrides:
      dump in class org.eclipse.jetty.util.component.ContainerLifeCycle
      Throws:
      IOException