server localhost to get access to /admin/* pages and block all others

Question

Requirements:

every one in the local network can access all pages except /admin pages.
only localhost should have access to the /admin pages.

how to write webfilter for tomcat 6 or other alternatives?

score 0 · Answer 1 · answered Apr 03 '13 at 06:36

Please use the following code in the filter to check if request is to “admin”:

public static boolean isRequestTo(HttpServletRequest request, String urlPart) {
    return request.getRequestURI().startsWith(urlPart);
}

Please use the following code in the filter to check if the request is from the localhost:

private static final String LOCAL_IP = "127.0.0.1";
private static final String LOCAL_IPV6 = "0:0:0:0:0:0:0:1";

private static Set<String> localAddresses = new HashSet<String>();

static {
    try {
        localAddresses.add(InetAddress.getLocalHost().getHostAddress());
        for (InetAddress inetAddress : InetAddress.getAllByName("localhost")) {
            localAddresses.add(inetAddress.getHostAddress());
        }
    } catch (Exception e) {
        if (!localAddresses.contains(LOCAL_IP)) {
            localAddresses.add(LOCAL_IP);
        }

        if (!localAddresses.contains(LOCAL_IPV6)) {
            localAddresses.add(LOCAL_IPV6);
        }
    }
}

public static boolean isLocalRequest(HttpServletRequest request) {
    return localAddresses.contains(request.getRemoteAddr());
}

You can accepts and promote my answer if it answers your question :) — Michael, Apr 30 '13 at 15:39

server localhost to get access to /admin/* pages and block all others

1 Answers1