| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../../jacoco-resources/report.gif" type="image/gif"/><title>HostFilter.java</title><link rel="stylesheet" href="../../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../../index.html" class="el_report">Apache Shiro :: Test Coverage</a> > <a href="../index.html" class="el_bundle">shiro-web</a> > <a href="index.source.html" class="el_package">org.apache.shiro.web.filter.authz</a> > <span class="el_source">HostFilter.java</span></div><h1>HostFilter.java</h1><pre class="source lang-java linenums">/* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.shiro.web.filter.authz; |
| |
| import org.apache.shiro.util.StringUtils; |
| |
| import javax.servlet.ServletRequest; |
| import javax.servlet.ServletResponse; |
| import java.util.regex.Pattern; |
| import java.util.Map; |
| |
| /** |
| * A Filter that can allow or deny access based on the host that sent the request. |
| * |
| * <b>WARNING:</b> NOT YET FULLY IMPLEMENTED!!! Work in progress. |
| * |
| * @since 1.0 |
| */ |
| <span class="nc" id="L35">public class HostFilter extends AuthorizationFilter {</span> |
| |
| public static final String IPV4_QUAD_REGEX = "(?:[0-9]|[1-9][0-9]|1[0-9][0-9]|2(?:[0-4][0-9]|5[0-5]))"; |
| |
| public static final String IPV4_REGEX = "(?:" + IPV4_QUAD_REGEX + "\\.){3}" + IPV4_QUAD_REGEX + "$"; |
| <span class="nc" id="L40"> public static final Pattern IPV4_PATTERN = Pattern.compile(IPV4_REGEX);</span> |
| |
| public static final String PRIVATE_CLASS_B_SUBSET = "(?:1[6-9]|2[0-9]|3[0-1])"; |
| |
| public static final String PRIVATE_CLASS_A_REGEX = "10\\.(?:" + IPV4_QUAD_REGEX + "\\.){2}" + IPV4_QUAD_REGEX + "$"; |
| |
| public static final String PRIVATE_CLASS_B_REGEX = |
| "172\\." + PRIVATE_CLASS_B_SUBSET + "\\." + IPV4_QUAD_REGEX + "\\." + IPV4_QUAD_REGEX + "$"; |
| |
| public static final String PRIVATE_CLASS_C_REGEX = "192\\.168\\." + IPV4_QUAD_REGEX + "\\." + IPV4_QUAD_REGEX + "$"; |
| |
| Map<String, String> authorizedIps; //user-configured IP (which can be wildcarded) to constructed regex mapping |
| Map<String, String> deniedIps; |
| Map<String, String> authorizedHostnames; |
| Map<String, String> deniedHostnames; |
| |
| |
| public void setAuthorizedHosts(String authorizedHosts) { |
| <span class="nc bnc" id="L58" title="All 2 branches missed."> if (!StringUtils.hasText(authorizedHosts)) {</span> |
| <span class="nc" id="L59"> throw new IllegalArgumentException("authorizedHosts argument cannot be null or empty.");</span> |
| } |
| <span class="nc" id="L61"> String[] hosts = StringUtils.tokenizeToStringArray(authorizedHosts, ", \t");</span> |
| |
| <span class="nc bnc" id="L63" title="All 2 branches missed."> for (String host : hosts) {</span> |
| //replace any periods with \\. to ensure the regex works: |
| <span class="nc" id="L65"> String periodsReplaced = host.replace(".", "\\.");</span> |
| //check for IPv4: |
| <span class="nc" id="L67"> String wildcardsReplaced = periodsReplaced.replace("*", IPV4_QUAD_REGEX);</span> |
| |
| <span class="nc bnc" id="L69" title="All 2 branches missed."> if (IPV4_PATTERN.matcher(wildcardsReplaced).matches()) {</span> |
| <span class="nc" id="L70"> authorizedIps.put(host, wildcardsReplaced);</span> |
| } else { |
| |
| } |
| |
| |
| } |
| |
| <span class="nc" id="L78"> }</span> |
| |
| public void setDeniedHosts(String deniedHosts) { |
| <span class="nc bnc" id="L81" title="All 2 branches missed."> if (!StringUtils.hasText(deniedHosts)) {</span> |
| <span class="nc" id="L82"> throw new IllegalArgumentException("deniedHosts argument cannot be null or empty.");</span> |
| } |
| <span class="nc" id="L84"> }</span> |
| |
| protected boolean isIpv4Candidate(String host) { |
| <span class="nc" id="L87"> String[] quads = StringUtils.tokenizeToStringArray(host, ".");</span> |
| <span class="nc bnc" id="L88" title="All 4 branches missed."> if (quads == null || quads.length != 4) {</span> |
| <span class="nc" id="L89"> return false;</span> |
| } |
| <span class="nc bnc" id="L91" title="All 2 branches missed."> for (String quad : quads) {</span> |
| <span class="nc bnc" id="L92" title="All 2 branches missed."> if (!quad.equals("*")) {</span> |
| try { |
| <span class="nc" id="L94"> Integer.parseInt(quad);</span> |
| <span class="nc" id="L95"> } catch (NumberFormatException nfe) {</span> |
| <span class="nc" id="L96"> return false;</span> |
| <span class="nc" id="L97"> }</span> |
| } |
| } |
| <span class="nc" id="L100"> return true;</span> |
| } |
| |
| protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception { |
| <span class="nc" id="L104"> throw new UnsupportedOperationException("Not yet fully implemented!!!" );</span> |
| } |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.7.7.201606060606</span></div></body></html> |