import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.catalina.CometEvent;
+import org.apache.catalina.CometFilterChain;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
/**
* Extract the desired request property, and pass it (along with the
- * specified request and response objects) to the protected
- * <code>process()</code> method to perform the actual filtering.
- * This method must be implemented by a concrete subclass.
+ * specified request and response objects and associated filter chain) to
+ * the protected <code>process()</code> method to perform the actual
+ * filtering.
*
- * @param request The servlet request to be processed
+ * @param request The servlet request to be processed
* @param response The servlet response to be created
+ * @param chain The filter chain for this request
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
process(request.getRemoteAddr(), request, response, chain);
}
-
+
+ /**
+ * Extract the desired request property, and pass it (along with the comet
+ * event and filter chain) to the protected <code>process()</code> method
+ * to perform the actual filtering.
+ *
+ * @param event The comet event to be processed
+ * @param chain The filter chain for this event
+ *
+ * @exception IOException if an input/output error occurs
+ * @exception ServletException if a servlet error occurs
+ */
+ @Override
+ public void doFilterEvent(CometEvent event, CometFilterChain chain)
+ throws IOException, ServletException {
+ processCometEvent(event.getHttpServletRequest().getRemoteHost(),
+ event, chain);
+ }
+
protected Log getLogger() {
return log;
}
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import org.apache.catalina.CometEvent;
+import org.apache.catalina.CometFilterChain;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
/**
* Extract the desired request property, and pass it (along with the
- * specified request and response objects) to the protected
- * <code>process()</code> method to perform the actual filtering.
- * This method must be implemented by a concrete subclass.
+ * specified request and response objects and associated filter chain) to
+ * the protected <code>process()</code> method to perform the actual
+ * filtering.
*
- * @param request The servlet request to be processed
+ * @param request The servlet request to be processed
* @param response The servlet response to be created
+ * @param chain The filter chain for this request
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
process(request.getRemoteHost(), request, response, chain);
}
+
+ /**
+ * Extract the desired request property, and pass it (along with the comet
+ * event and filter chain) to the protected <code>process()</code> method
+ * to perform the actual filtering.
+ *
+ * @param event The comet event to be processed
+ * @param chain The filter chain for this event
+ *
+ * @exception IOException if an input/output error occurs
+ * @exception ServletException if a servlet error occurs
+ */
+ @Override
+ public void doFilterEvent(CometEvent event, CometFilterChain chain)
+ throws IOException, ServletException {
+ processCometEvent(event.getHttpServletRequest().getRemoteHost(),
+ event, chain);
+ }
protected Log getLogger() {
return log;
}
+
}
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
+import org.apache.catalina.CometEvent;
+import org.apache.catalina.CometFilter;
+import org.apache.catalina.CometFilterChain;
import org.apache.tomcat.util.res.StringManager;
/**
*/
public abstract class RequestFilter
- extends FilterBase {
+ extends FilterBase implements CometFilter {
// ----------------------------------------------------- Class Variables
ServletResponse response, FilterChain chain)
throws IOException, ServletException {
- // Check the deny patterns, if any
+ if (isAllowed(property)) {
+ chain.doFilter(request, response);
+ } else {
+ if (isHttpServletResponse(response)) {
+ ((HttpServletResponse) response)
+ .sendError(HttpServletResponse.SC_FORBIDDEN);
+ } else {
+ sendErrorWhenNotHttp(response);
+ }
+ }
+ }
+
+ /**
+ * Perform the filtering that has been configured for this Filter, matching
+ * against the specified request property.
+ *
+ * @param property The property to check against the allow/deny rules
+ * @param event The comet event to be filtered
+ * @param chain The comet filter chain
+ * @exception IOException if an input/output error occurs
+ * @exception ServletException if a servlet error occurs
+ */
+ protected void processCometEvent(String property, CometEvent event, CometFilterChain chain)
+ throws IOException, ServletException {
+ HttpServletResponse response = event.getHttpServletResponse();
+
+ if (isAllowed(property)) {
+ chain.doFilterEvent(event);
+ } else {
+ response.sendError(HttpServletResponse.SC_FORBIDDEN);
+ event.close();
+ }
+ }
+
+ /**
+ * Process the allow and deny rules for the provided property.
+ *
+ * @param property The property to test against the allow and deny lists
+ * @return <code>true</code> if this request should be allowed,
+ * <code>false</code> otherwise
+ */
+ private boolean isAllowed(String property) {
for (int i = 0; i < this.denies.length; i++) {
if (this.denies[i].matcher(property).matches()) {
- if (isHttpServletResponse(response)) {
- ((HttpServletResponse) response)
- .sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- } else {
- sendErrorWhenNotHttp(response);
- return;
- }
+ return false;
}
}
-
+
// Check the allow patterns, if any
for (int i = 0; i < this.allows.length; i++) {
if (this.allows[i].matcher(property).matches()) {
- chain.doFilter(request, response);
- return;
+ return true;
}
}
// Allow if denies specified but not allows
if ((this.denies.length > 0) && (this.allows.length == 0)) {
- chain.doFilter(request, response);
- return;
+ return true;
}
// Deny this request
- if (isHttpServletResponse(response)) {
- ((HttpServletResponse) response)
- .sendError(HttpServletResponse.SC_FORBIDDEN);
- } else {
- sendErrorWhenNotHttp(response);
- }
+ return false;
}
-
private void sendErrorWhenNotHttp(ServletResponse response)
throws IOException {
response.setContentType(PLAIN_TEXT_MIME_TYPE);
projects / tomcat7.0 / commitdiff