IfNetwork (Resin 4.0.s120125)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.caucho.rewrite
Class IfNetwork

java.lang.Object
  com.caucho.rewrite.IfNetwork

All Implemented Interfaces:: RequestPredicate

@Configurable public class IfNetwork
extends java.lang.Object
implements RequestPredicate
extends java.lang.Object
implements RequestPredicate

Match if the remote IP address matches one of the pattern networks. Standard IP network syntax is allowed, so 192.168/16 matches the entire subnetwork.

 <resin:Allow url-pattern="/admin/*"
                xmlns:resin="urn:java:com.caucho.resin">
   <resin:IfNetwork value="192.168.17.0/24"/>
 </resin:Allow>

 
 <resin:Forbidden
         xmlns:resin="urn:java:com.caucho.resin">
   <resin:IfNetwork>
     <value>205.11.12.3</value>
     <value>123.4.45.6</value>
     <value>233.15.25.35</value>
     <value>233.14.87.12</value>
   </resin:IfNetwork>
 </resin:Forbidden>

RequestPredicates may be used for both security and rewrite conditions.

Constructor Summary
`IfNetwork()`

Method Summary
`void`	`addValue(java.lang.String network)` Add an ip network to allow.
`int`	`getCacheSize()` Size of the cache used to hold whether or not to allow a certain IP address.
`void`	`init()`
`boolean`	`isMatch(HttpServletRequest request)` True if the predicate matches.
`void`	`setCacheSize(int cacheSize)` Size of the cache used to hold whether or not to allow a certain IP address, default is 256.
`java.lang.String`	`toString()`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait`

Constructor Detail

IfNetwork

public IfNetwork()

Method Detail

setCacheSize

@Configurable
public void setCacheSize(int cacheSize)

Size of the cache used to hold whether or not to allow a certain IP address, default is 256. The first time a request is received from an ip, the allow and deny rules are checked to determine if the ip is allowed. The result of this check is cached in a an LRU cache. Subsequent requests can do a cache lookup based on the ip instead of checking the rules. This is especially important if there are a large number of allow and/or deny rules, and to protect against denial of service attacks.

getCacheSize

public int getCacheSize()

Size of the cache used to hold whether or not to allow a certain IP address.

addValue

@Configurable
public void addValue(java.lang.String network)
              throws java.net.UnknownHostException

Add an ip network to allow. If allow is never used, (only deny is used), then all are allowed except those in deny.

Throws:: java.net.UnknownHostException

init

@PostConstruct
public void init()
          throws ConfigException

Throws:: ConfigException

isMatch

public boolean isMatch(HttpServletRequest request)

True if the predicate matches.

Specified by:: isMatch in interface RequestPredicate

Parameters:: request - the servlet request to test

toString

public java.lang.String toString()

Overrides:: toString in class java.lang.Object