IP鑒權

1、MrpIPIntercepter

package com.huawei.mrp.common.interceptors;

import com.huawei.market.configmgr.ConfigMgr;
import com.huawei.mrp.common.util.other.RequestUtil;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 檢查背景請求是否從指定IP發出(IP 攔截),使用spring配置
 * @see
 * @see 1.0
 */
public class MrpIPIntercepter extends AbstractInterceptor {
    private static final long serialVersionUID = -L;
    private static final Logger LOGGER = Logger.getLogger(MrpIPIntercepter.class);

    /**
     * 執行從配置項讀取的名稱
     */
    private String configName;
    /**
     * 傳回鑒權不通過封包的格式 json/xml (預設:json)
     */
    private String contentType;

    /**
     * 傳回鑒權不通過的封包内容
     */
    private String content;

    @Override
    public String intercept(ActionInvocation inv) throws Exception {
        String configIP = ConfigMgr.getReqServUrl(configName);//xml檔案讀取
        ActionContext context = inv.getInvocationContext();

        HttpServletRequest request = (HttpServletRequest) context.get(ServletActionContext.HTTP_REQUEST);
        HttpServletResponse response = (HttpServletResponse) context.get(ServletActionContext.HTTP_RESPONSE);

        // 如果沒配置,預設本機可以通路
        if (StringUtils.isBlank(configIP)) {
            configIP = "127.0.0.1";
        }

        // 擷取用戶端請求IP
        String requestIP = RequestUtil.getIpAddr(request);

        LOGGER.info("configIP=" + configIP + "   requestIP=" + requestIP);

        // 解析配置判斷IP
        String[] managerIPs = configIP.split(";");
        for (String ip : managerIPs) {
            if (StringUtils.equals(ip, requestIP)) {
                return inv.invoke();
            }
        }

        LOGGER.info("request IP is not specified IP, request refused!");

        if ("xml".equalsIgnoreCase(contentType)) {
            response.setContentType("text/xml;charset=UTF-8");
        } else {
           response.setContentType("application/json;charset=UTF-8");
        }
        content = StringUtils.trim(content);
        response.getWriter().println(content);
        return Action.NONE;
    }

    public void setConfigName(String configName) {
        this.configName = configName;
    }

    public void setContentType(String contentType) {
        this.contentType = contentType;
    }

    public void setContent(String content) {
        this.content = content;
    }
}
           

2、applicationContext.xml

<!-- MobileArea ip攔截器 -->
    <bean id="caiyunMobileAreaIpInterceptor" class="com.huawei.mrp.common.interceptors.MrpIPIntercepter">
        <property name="configName"><value>caiyunMobileArea_manager_IP</value></property>
        <property name="contentType"><value>json</value></property>
        <property name="content">
            <value>{"code":-1 ,"msg":"You are not privileged, request refused!"}</value>
        </property>
    </bean>
           

3、struts_vaildMobile.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
        "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
        "http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
    <package name="vaildMobile" extends="struts-default,json-default" namespace="/api">

        <!-- IP鑒權 -->
        <interceptors>
            <interceptor name="caiyunVaildMobileIpInterceptor" class="caiyunVaildMobileIpInterceptor"/>
        </interceptors>

        <action name="marketVaildMobile" class="vaildMobileAction"
            method="marketVaildMobile">
            <interceptor-ref name="caiyunVaildMobileIpInterceptor"></interceptor-ref>
            <interceptor-ref name="defaultStack"></interceptor-ref>
        </action>

    </package>
</struts>