Requirements:
- every one in the local network can access all pages except /admin pages.
- only localhost should have access to the /admin pages.
how to write webfilter for tomcat 6 or other alternatives?
Please use the following code in the filter to check if request is to “admin”:
public static boolean isRequestTo(HttpServletRequest request, String urlPart) {
return request.getRequestURI().startsWith(urlPart);
}
Please use the following code in the filter to check if the request is from the localhost:
private static final String LOCAL_IP = "127.0.0.1";
private static final String LOCAL_IPV6 = "0:0:0:0:0:0:0:1";
private static Set<String> localAddresses = new HashSet<String>();
static {
try {
localAddresses.add(InetAddress.getLocalHost().getHostAddress());
for (InetAddress inetAddress : InetAddress.getAllByName("localhost")) {
localAddresses.add(inetAddress.getHostAddress());
}
} catch (Exception e) {
if (!localAddresses.contains(LOCAL_IP)) {
localAddresses.add(LOCAL_IP);
}
if (!localAddresses.contains(LOCAL_IPV6)) {
localAddresses.add(LOCAL_IPV6);
}
}
}
public static boolean isLocalRequest(HttpServletRequest request) {
return localAddresses.contains(request.getRemoteAddr());
}