public abstract class RequestFilterValve extends ValveBase
This valve is configured by setting the allow
and/or
deny
properties to a regular expressions (in the syntax
supported by Pattern
) to which the appropriate request property will
be compared. Evaluation proceeds as follows:
process()
method.
This Valve may be attached to any Container, depending on the granularity of the filtering you wish to perform.
Modifier and Type | Field and Description |
---|---|
protected Pattern |
allow
The regular expression used to test for allowed requests.
|
protected boolean |
allowValid
Helper variable to catch configuration errors.
|
protected String |
allowValue
The current allow configuration value that may or may not compile into a
valid
Pattern . |
protected Pattern |
deny
The regular expression used to test for denied requests.
|
protected int |
denyStatus
The HTTP response status code that is used when rejecting denied
request.
|
protected boolean |
denyValid
Helper variable to catch configuration errors.
|
protected String |
denyValue
The current deny configuration value that may or may not compile into a
valid
Pattern . |
asyncSupported, container, containerLog, next, sm
mserver
AFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT
Constructor and Description |
---|
RequestFilterValve() |
Modifier and Type | Method and Description |
---|---|
protected void |
denyRequest(Request request,
Response response)
Reject the request that was denied by this valve.
|
String |
getAllow()
Return the regular expression used to test for allowed requests for this
Valve, if any; otherwise, return
null . |
String |
getDeny()
Return the regular expression used to test for denied requests for this
Valve, if any; otherwise, return
null . |
int |
getDenyStatus()
Return response status code that is used to reject denied request.
|
protected void |
initInternal()
Sub-classes wishing to perform additional initialization should override
this method, ensuring that super.initInternal() is the first call in the
overriding method.
|
abstract void |
invoke(Request request,
Response response)
Extract the desired request property, and pass it (along with the
specified request and response objects) to the protected
process() method to perform the actual filtering. |
boolean |
isAllowed(String property)
Perform the test implemented by this Valve, matching against the
specified request property value.
|
boolean |
isAllowValid()
Returns
false if the last change to the allow pattern did
not apply successfully. |
boolean |
isDenyValid()
Returns
false if the last change to the deny pattern did
not apply successfully. |
protected void |
process(String property,
Request request,
Response response)
Perform the filtering that has been configured for this Valve, matching
against the specified request property.
|
void |
setAllow(String allow)
Set the regular expression used to test for allowed requests for this
Valve, if any.
|
void |
setDeny(String deny)
Set the regular expression used to test for denied requests for this
Valve, if any.
|
void |
setDenyStatus(int denyStatus)
Set response status code that is used to reject denied request.
|
protected void |
startInternal()
Start this component and implement the requirements
of
LifecycleBase.startInternal() . |
backgroundProcess, event, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, isAsyncSupported, setAsyncSupported, setContainer, setNext, stopInternal, toString
destroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregister
addLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, init, removeLifecycleListener, setState, setState, start, stop
protected volatile Pattern allow
protected volatile String allowValue
Pattern
.protected volatile boolean allowValid
true
by default, but becomes false
if there was an attempt to assign an invalid value to the
allow
pattern.protected volatile Pattern deny
protected volatile String denyValue
Pattern
.protected volatile boolean denyValid
true
by default, but becomes false
if there was an attempt to assign an invalid value to the
deny
pattern.protected int denyStatus
public String getAllow()
null
.public void setAllow(String allow)
allow
- The new allow expressionpublic String getDeny()
null
.public void setDeny(String deny)
deny
- The new deny expressionpublic final boolean isAllowValid()
false
if the last change to the allow
pattern did
not apply successfully. E.g. if the pattern is syntactically
invalid.public final boolean isDenyValid()
false
if the last change to the deny
pattern did
not apply successfully. E.g. if the pattern is syntactically
invalid.public int getDenyStatus()
public void setDenyStatus(int denyStatus)
public abstract void invoke(Request request, Response response) throws IOException, ServletException
process()
method to perform the actual filtering.
This method must be implemented by a concrete subclass.invoke
in interface Valve
invoke
in class ValveBase
request
- The servlet request to be processedresponse
- The servlet response to be createdIOException
- if an input/output error occursServletException
- if a servlet error occursprotected void initInternal() throws LifecycleException
LifecycleMBeanBase
initInternal
in class ValveBase
LifecycleException
protected void startInternal() throws LifecycleException
ValveBase
LifecycleBase.startInternal()
.startInternal
in class ValveBase
LifecycleException
- if this component detects a fatal error
that prevents this component from being usedprotected void process(String property, Request request, Response response) throws IOException, ServletException
property
- The request property on which to filterrequest
- The servlet request to be processedresponse
- The servlet response to be processedIOException
- if an input/output error occursServletException
- if a servlet error occursprotected void denyRequest(Request request, Response response) throws IOException, ServletException
request
- The servlet request to be processedresponse
- The servlet response to be processedIOException
- if an input/output error occursServletException
- if a servlet error occurspublic boolean isAllowed(String property)
property
- The request property value on which to filterCopyright © 2000-2014 Apache Software Foundation. All Rights Reserved.