IPAccessController.java example

Explorer
Amoeba-Plus-For-MySQL-master
package com.meidusa.amoeba.server;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import java.util.concurrent.atomic.AtomicInteger;

import org.apache.log4j.Logger;
import org.apache.log4j.helpers.FileWatchdog;

import com.meidusa.amoeba.config.ConfigUtil;
import com.meidusa.amoeba.config.loader.ConfigModifiedEventHandler;
import com.meidusa.amoeba.config.loader.ConfigModifiedAwareLoader;
import com.meidusa.amoeba.config.loader.IpAccessListLoader;
import com.meidusa.amoeba.exception.InitialisationException;
import com.meidusa.amoeba.net.AuthResponseData;
import com.meidusa.amoeba.net.AuthingableConnection;
import com.meidusa.amoeba.util.IPRule;
import com.meidusa.amoeba.util.Initialisable;
import com.meidusa.amoeba.util.StringUtil;

/**
 * IP 访问控制过滤 IP v4
 * 
 * @author struct
 * @author hexianmao
 */
public class IPAccessController implements AuthenticateFilter, Initialisable, ConfigModifiedEventHandler {

  protected static Logger logger = Logger.getLogger(IPAccessController.class);
  private static final String DENAY_MESSAGE = "Access denied for ip: '${host}' to amoeba server";
  private boolean isEnabled;
  private String[] ipRule = null;

  private IpAccessListLoader ipAccessListLoader;

  public IPAccessController() {}

  @Override
  public boolean doFilte(AuthingableConnection conn, AuthResponseData rdata) {
    if (isEnabled) {
      if (ipRule != null && ipRule.length > 0) {
        String ip = conn.getInetAddress().getHostAddress();
        try {
          boolean access = IPRule.isAllowIP(ipRule, ip);
          if (!access) {
            Properties properties = new Properties();
            properties.setProperty("host", ip);
            rdata.message = ConfigUtil.filter(DENAY_MESSAGE, properties);
          }
          return access;
        } catch (Exception e) {
          logger.warn(ip + " check access error:", e);
        }
      }
    }

    return true;
  }
  
  public void setIpAccessListLoader(IpAccessListLoader ipAccessListLoader) {
    this.ipAccessListLoader = ipAccessListLoader;
  }

  @Override
  public void doOnConfigModified() {
    List<String> accessList = ipAccessListLoader.reLoadIPRule();
    buildIPAccessRule(accessList);
  }

  @Override
  public void init() throws InitialisationException {
    List<String> accessList = ipAccessListLoader.loadIPRule();
    buildIPAccessRule(accessList);
    
    if (ipAccessListLoader instanceof ConfigModifiedAwareLoader) {
      ((ConfigModifiedAwareLoader) ipAccessListLoader).setConfigModifiedEventHandler(this);
      ((ConfigModifiedAwareLoader)ipAccessListLoader).startObserve();
    }
  }
  
  private void buildIPAccessRule(List<String> list) {
    if (list != null && list.size() > 0) {
      this.ipRule = list.toArray(new String[list.size()]);
      isEnabled = true;
    } else {
      this.ipRule = null;
      isEnabled = false;
    }
  }
}