|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.wicket.protocol.http.servlet.AbstractRequestWrapperFactory org.apache.wicket.protocol.http.servlet.SecuredRemoteAddressRequestWrapperFactory
public class SecuredRemoteAddressRequestWrapperFactory
Sets ServletRequest.isSecure()
to true
if
ServletRequest.getRemoteAddr()
matches one of the securedRemoteAddresses
of
this filter.
This filter is often used in combination with XForwardedRequestWrapperFactory
to get the
remote address of the client even if the request goes through load balancers (e.g. F5 Big IP,
Nortel Alteon) or proxies (e.g. Apache mod_proxy_http)
Configuration parameters:
XForwardedFilter property | Description | Format | Default value |
---|---|---|---|
securedRemoteAddresses | IP addresses for which ServletRequest.isSecure() must return true |
Comma delimited list of regular expressions (in the syntax supported by the
Pattern library) |
Class A, B and C private network IP address blocks : 10\.\d{1,3}\.\d{1,3}\.\d{1,3}, 192\.168\.\d{1,3}\.\d{1,3}, 172\\.(?:1[6-9]|2\\d|3[0-1]).\\d{1,3}.\\d{1,3}, 169\.254\.\d{1,3}\.\d{1,3}, 127\.\d{1,3}\.\d{1,3}\.\d{1,3} |
Sample with secured remote addresses limited to 192.168.0.10 and 192.168.0.11
SecuredRemoteAddressFilter configuration sample :
<filter>
<filter-name>SecuredRemoteAddressFilter</filter-name>
<filter-class>fr.xebia.servlet.filter.SecuredRemoteAddressFilter</filter-class>
<init-param>
<param-name>securedRemoteAddresses</param-name><param-value>192\.168\.0\.10, 192\.168\.0\.11</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>SecuredRemoteAddressFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
A request with
will be seen as ServletRequest.getRemoteAddr()
= 192.168.0.10 or 192.168.0.11
even if
ServletRequest.isSecure()
== true
.
ServletRequest.getScheme()
== "http"
Nested Class Summary | |
---|---|
static class |
SecuredRemoteAddressRequestWrapperFactory.Config
|
Constructor Summary | |
---|---|
SecuredRemoteAddressRequestWrapperFactory()
Construct. |
Method Summary | |
---|---|
SecuredRemoteAddressRequestWrapperFactory.Config |
getConfig()
|
javax.servlet.http.HttpServletRequest |
getWrapper(javax.servlet.http.HttpServletRequest request)
|
void |
init(javax.servlet.FilterConfig filterConfig)
|
boolean |
needsWrapper(javax.servlet.http.HttpServletRequest request)
|
javax.servlet.http.HttpServletRequest |
newRequestWrapper(javax.servlet.http.HttpServletRequest request)
If incoming remote address matches one of the declared IP pattern, wraps the incoming HttpServletRequest to override ServletRequest.isSecure() to set it to
true . |
void |
setConfig(SecuredRemoteAddressRequestWrapperFactory.Config config)
The Wicket application might want to provide its own config |
Methods inherited from class org.apache.wicket.protocol.http.servlet.AbstractRequestWrapperFactory |
---|
commaDelimitedListToPatternArray, commaDelimitedListToStringArray, isEnabled, listToCommaDelimitedString, matchesOne, setEnabled |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SecuredRemoteAddressRequestWrapperFactory()
Method Detail |
---|
public final SecuredRemoteAddressRequestWrapperFactory.Config getConfig()
public final void setConfig(SecuredRemoteAddressRequestWrapperFactory.Config config)
config
- public javax.servlet.http.HttpServletRequest getWrapper(javax.servlet.http.HttpServletRequest request)
getWrapper
in class AbstractRequestWrapperFactory
public boolean needsWrapper(javax.servlet.http.HttpServletRequest request)
public javax.servlet.http.HttpServletRequest newRequestWrapper(javax.servlet.http.HttpServletRequest request)
HttpServletRequest
to override ServletRequest.isSecure()
to set it to
true
.
newRequestWrapper
in class AbstractRequestWrapperFactory
public void init(javax.servlet.FilterConfig filterConfig)
filterConfig
-
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |