疯狂java


您现在的位置: 疯狂软件 >> 新闻资讯 >> 正文

Java手动配置某一范围内IP访问


 

         说明
 
  很多的Web系统都经常有这样的需求以保证系统安全,限制IP登录,例如在某个局域网中只允许一定范围内IP登录系统,或者不允许外网访问。
 
  如只允许192.168.24.10---192.168.24.255范围内IP地址访问
 
  IP地址分类
 
  在说到关于IP地址的问题时,首先,要了解IP分类,IP一般分为A、B、C、D、E五类,我们常说的192.168.*.*,是属于C类,该类主要适用于小型网络,比如我们学校的局域网。
 
  IP地址范围从192.168.0.0到192.168.255.255,不包括这两个地址,他们属于保留地址。
 
  限制示例
 
  这个实例写在了Struts的Action方法里面,当然也可以拿出来,写在Filter里,这样可以通过简单配置就可以实现禁止客户端访问。
 
  LoginAction
 
  package com.bjpowernode.drp.web.actions;
 
  import java.util.Arrays;
 
  import javax.servlet.http.HttpServletRequest;
 
  import javax.servlet.http.HttpServletResponse;
 
  import org.apache.struts.action.Action;
 
  import org.apache.struts.action.ActionForm;
 
  import org.apache.struts.action.ActionForward;
 
  import org.apache.struts.action.ActionMapping;
 
  import com.bjpowernode.drp.web.forms.LoginActionForm;
 
  /**
 
  * 登录Action
 
  * 负责取得表单数据、调用业务逻辑、返回转向信息
 
  *
 
  * @author Administrator
 
  *
 
  */
 
  public class LoginAction extends Action {
 
  @Override
 
  public ActionForward execute(ActionMapping mapping, ActionForm form,
 
  HttpServletRequest request, HttpServletResponse response)
 
  throws Exception {
 
  //取得表单数据
 
  LoginActionForm laf=(LoginActionForm)form;
 
  //取得用户名,密码
 
  String username=laf.getUsername();
 
  String password=laf.getPassword();
 
  //转向对象
 
  ActionForward actionForward=null;
 
  //判断用户名,密码是否正确
 
  if ("admin".equals(username) && "admin".equals(password)) {
 
  //得到远程客户端IP地址
 
  String remoteAddr=request.getRemoteAddr();
 
  //将客户端IP地址以“.”分割为数组remoteAddrs[1]);
 
  String[]  remoteAddrs=remoteAddr.split("\.");
 
  //从配置文件中取得IP范围 ,四个数组分别保存的IP地址四部分的上界和下界
 
  String[] ipOne=request.getSession().getServletContext().getInitParameter("ip-one").split(",");
 
  String[] ipTwo=request.getSession().getServletContext().getInitParameter("ip-two").split(",");
 
  String[] ipThree=request.getSession().getServletContext().getInitParameter("ip-three").split(",");
 
  String[] ipFour=request.getSession().getServletContext().getInitParameter("ip-four").split(",");
 
  //取得第四部分的上下界
 
  int m=Integer.parseInt(ipFour[0]);
 
  int n=Integer.parseInt(ipFour[1]);
 
  //判断客户端IP地址是否在设置范围内
 
  if (ipOne[0].equals(remoteAddrs[0]) && ipTwo[0].equals(remoteAddrs[1]) && ipThree[0].equals(remoteAddrs[2])) {
 
  for(int i=m;i<=n;i++) {
 
  if (Integer.parseInt(remoteAddrs[3])==i) {
 
  //登录成功
 
  request.getSession().setAttribute("user", username);
 
  actionForward= mapping.findForward("success");
 
  }
 
  }
 
  actionForward= mapping.findForward("ipError");
 
  }
 
  }else {
 
  //登录失败
 
  actionForward= mapping.findForward("index");
 
  }
 
  return actionForward;
 
  }
 
  }
 
  package com.bjpowernode.drp.web.actions;
 
  import java.util.Arrays;
 
  import javax.servlet.http.HttpServletRequest;
 
  import javax.servlet.http.HttpServletResponse;
 
  import org.apache.struts.action.Action;
 
  import org.apache.struts.action.ActionForm;
 
  import org.apache.struts.action.ActionForward;
 
  import org.apache.struts.action.ActionMapping;
 
  import com.bjpowernode.drp.web.forms.LoginActionForm;
 
  /**
 
* 登录Action
 
  * 负责取得表单数据、调用业务逻辑、返回转向信息
 
  *
 
  * @author Administrator
 
  *
 
  */
 
  public class LoginAction extends Action {
 
  @Override
 
  public ActionForward execute(ActionMapping mapping, ActionForm form,
 
  HttpServletRequest request, HttpServletResponse response)
 
  throws Exception {
 
  //取得表单数据
 
  LoginActionForm laf=(LoginActionForm)form;
 
  //取得用户名,密码
 
  String username=laf.getUsername();
 
  String password=laf.getPassword();
 
  //转向对象
 
  ActionForward actionForward=null;
 
  //判断用户名,密码是否正确
 
  if ("admin".equals(username) && "admin".equals(password)) {
 
  //得到远程客户端IP地址
 
  String remoteAddr=request.getRemoteAddr();
 
  //将客户端IP地址以“.”分割为数组remoteAddrs[1]);
 
  String[]  remoteAddrs=remoteAddr.split("\.");
 
  //从配置文件中取得IP范围 ,四个数组分别保存的IP地址四部分的上界和下界
 
  String[] ipOne=request.getSession().getServletContext().getInitParameter("ip-one").split(",");
 
  String[] ipTwo=request.getSession().getServletContext().getInitParameter("ip-two").split(",");
 
  String[] ipThree=request.getSession().getServletContext().getInitParameter("ip-three").split(",");
 
  String[] ipFour=request.getSession().getServletContext().getInitParameter("ip-four").split(",");
 
  //取得第四部分的上下界
 
  int m=Integer.parseInt(ipFour[0]);
 
  int n=Integer.parseInt(ipFour[1]);
 
  //判断客户端IP地址是否在设置范围内
 
  if (ipOne[0].equals(remoteAddrs[0]) && ipTwo[0].equals(remoteAddrs[1]) && ipThree[0].equals(remoteAddrs[2])) {
 
  for(int i=m;i<=n;i++) {
 
  if (Integer.parseInt(remoteAddrs[3])==i) {
 
  //登录成功
 
  request.getSession().setAttribute("user", username);
 
  actionForward= mapping.findForward("success");
 
  }
 
  }
 
  actionForward= mapping.findForward("ipError");
 
  }
 
  }else {
 
  //登录失败
 
  actionForward= mapping.findForward("index");
 
  }
 
  return actionForward;
 
  }
 
  }
 
  Web.xml配置
 
  <?xml version="1.0" encoding="UTF-8"?>
 
  <web-app version="2.4"
 
  xmlns="java.sun.com/xml/ns/j2ee"
 
  xmlns:xsi="w3.org/2001/XMLSchema-instance"
 
  xsi:schemaLocation="java.sun.com/xml/ns/j2ee
 
  java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
 
  <!-- 例如我的ip地址为192.168.24.165,并不在设置范围内;下标范围是192.168.24.1-164 -->
 
  <context-param>
 
  <param-name>ip-one</param-name>
 
  <param-value>192</param-value>
 
  </context-param>
 
  <context-param>
 
  <param-name>ip-two</param-name>
 
  <param-value>168</param-value>
 
  </context-param>
 
  <context-param>
 
  <param-name>ip-three</param-name>
 
  <param-value>24</param-value>
 
  </context-param>
 
  <context-param>
 
<param-name>ip-four</param-name>
 
  <param-value>1,164</param-value>
 
  </context-param>
 
  </web-app>
 
  <?xml version="1.0" encoding="UTF-8"?>
 
  <web-app version="2.4"
 
  xmlns="java.sun.com/xml/ns/j2ee"
 
  xmlns:xsi="w3.org/2001/XMLSchema-instance"
 
  xsi:schemaLocation="java.sun.com/xml/ns/j2ee
 
  java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
 
  <!-- 例如我的ip地址为192.168.24.165,并不在设置范围内;下标范围是192.168.24.1-164 -->
 
  <context-param>
 
  <param-name>ip-one</param-name>
 
  <param-value>192</param-value>
 
  </context-param>
 
  <context-param>
 
  <param-name>ip-two</param-name>
 
  <param-value>168</param-value>
 
  </context-param>
 
  <context-param>
 
  <param-name>ip-three</param-name>
 
  <param-value>24</param-value>
 
  </context-param>
 
  <context-param>
 
  <param-name>ip-four</param-name>
 
  <param-value>1,164</param-value>
 
  </context-param>
 
  </web-app>