spring xml 配置文件向Bean 设置List值

package com.zendaimoney.uc.web.interceptor;

import java.io.IOException;
import java.util.List;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;

public class IPRoleAuthenticationFilter extends OncePerRequestFilter {
private String targetRole;
private List<String> allowedIPAddresses;

public void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
// before we allow the request to proceed, we'll first get the user's
// role
// and see if it's an administrator
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && targetRole != null) {
boolean shouldCheck = false;
// look if the user is the target role
for (GrantedAuthority authority : authentication.getAuthorities()) {
if (authority.getAuthority().equals(targetRole)) {
shouldCheck = true;
break;
}
}
// if we should check IP, then check
if (shouldCheck && allowedIPAddresses.size() > 0) {
boolean shouldAllow = false;
for (String ipAddress : allowedIPAddresses) {
if (req.getRemoteAddr().equals(ipAddress)) {
shouldAllow = true;
break;
}
}

if (!shouldAllow) {
// fail the request
throw new AccessDeniedException("Access has been denied for your IP address: " + req.getRemoteAddr());
}
}
} else {
logger.warn("The IPRoleAuthenticationFilter should be placed after the user has been authenticated in the filter chain.");
}
chain.doFilter(req, res);
}
// accessors (getters and setters) omitted
}

 

 

 

 

 

 

 

 

 

-------------------------------------------------------------------

  1. <bean id="ipFilter" class="com.packtpub.springsecurity .security.IPRoleAuthenticationFilter">  
  2.   <property name="targetRole" value="ROLE_ADMIN"/>  
  3.   <property name="allowedIPAddresses">  
  4.     <list>  
  5.       <value>1.2.3.4</value>  
  6.     </list>  
  7.   </property>  
  8. </bean>
posted on 2013-02-19 15:40  adolfmc  阅读(4669)  评论(0)    收藏  举报

博客园  ©  2004-2025
浙公网安备 33010602011771号 浙ICP备2021040463号-3