com.cometway.httpd
Class HTTPAccessRestriction
java.lang.Object
com.cometway.props.Props
com.cometway.ak.Agent
com.cometway.ak.ServiceAgent
com.cometway.httpd.WebServerExtension
com.cometway.httpd.HTTPAccessRestriction
- All Implemented Interfaces:
- AgentInterface, HasStateMachineModel
public class HTTPAccessRestriction
- extends WebServerExtension
This WebServerExtension controls access restriction. Access can be granted or denied based
on the path URI, request headers, the client's IP address, or properties set in the
HTTPAgentRequest (possibly set by another extension). There are a set deny and allow
properties that contains properties for matching against each of these 3 things. If the
'default_behavior' is set to 'allow', the deny properties are used, if it is set to 'deny',
the allow properties are used. The order to determine if a request is allowed or denied is
URI path, request headers, IP, then properties. This extension can also apply to a specific path
by using the 'affected_path' property. If this property is set, this extension will only apply
to requests with a URI path that starts with this property. Restrictions can be further narrowed
by using the 'affected_method' property. By default, all methods (GET, POST, HEAD, etc) are
affected, but if this property is set, only that particular method will be affected by this
extension.
Note: The allow/deny IPs only works if the 'use_inet_address_methods' are set to true in the
WebServer, otherwise, no IP information is passed to the extension.
| Fields inherited from class com.cometway.ak.Agent |
agent_id, agentController, CREATING_STATE, debugReporter, DESTROYED_STATE, DESTROYING_STATE, errorReporter, FAILED_STATE, printlnReporter, props, RUNNING_STATE, STARTING_STATE, STOPPED_STATE, STOPPING_STATE, warningReporter |
|
Method Summary |
boolean |
handleRequest(HTTPAgentRequest request)
This will be called by the WebServer (specifically the ConnectionKMethod) to handle
an HTTPAgentRequest. |
void |
initProps()
affected_path - If this property is non-empty, this extension will only apply to requests whose URI path start with this property (default: )
affected_method - If this property is non-empty, this extension will only apply to the request method (GET, POST, HEAD, etc.) given by this property (default: )
default_behavior - This determines by default whether all requests should be allowed or denied, can be either "allow" or "deny" (default: allow)
path_matches_allow - A comma separated list of patterns (regexp) that are allowed in the URI path if the default behavior is "deny" (default: )
path_matches_deny - A comma deparated list of patterns (regexp) that are denied in the URI path if the default behavior is "allow" (default: )
header_matches_allow - A comma separated list of patterns (regexp) that are allowed in the header fields if the default behavior is "deny" (default: )
header_matches_deny - A comma separated list of patterns (regexp) that are denied in the header fields if the default behavior is "allow" (default: )
allow_ips - A comma separated list of IP addresses or partial IP addresses that are allowed (or * for all) if the default behavior is "deny" (default: )
deny_ips - A comma separated list of IP addresses or partial IP addresses that are denied (or * for all) if the default behavior is "allow" (default: )
allow_properties - A comma separated list of name=value pairs, if no =value is given, an allow is given if the property exists, otherwise the property must have the given value, used if the default behavior is "deny" (default: )
deny_properties - A comma separated list of name=value pairs, if no =value is given, a deny is given if the property exists, otherwise the property must have the given value, used if the default behavior is "allow" (default: )
deny_response - This is the response if a request is to be denied. |
void |
start()
This method inherited from com.cometway.ak.ServiceAgent includes functionality to
register itself with the WebServer (temporary). |
| Methods inherited from class com.cometway.ak.Agent |
currentStateEquals, debug, destroy, error, error, getAgentController, getDateTimeStr, getProps, getServiceImpl, getStateMachineModel, println, register, registerService, setAgentController, setProps, toString, unregister, unregisterService, warning, warning |
| Methods inherited from class com.cometway.props.Props |
addListener, append, copy, copyFrom, copyTo, decrementInteger, dump, enableListeners, enumerateKeys, format, getBoolean, getByteArray, getCharacter, getDate, getDate, getDateString, getDouble, getFloat, getHexString, getInteger, getKeys, getLong, getNextKey, getProperty, getProperty, getPropsContainer, getSize, getString, getString, getTokens, getTokens, getTrimmedString, getVector, hasProperty, incrementInteger, insertProps, loadProps, notifyPropsChanged, notifyPropsChangedIgnore, notifyPropsChangedIgnore, parse, propertyMatchesRegEx, readFromFile, regExPropertyMatches, removeAll, removeListener, removeProperty, resumeNotify, saveProps, set, setBoolean, setCharacter, setDefault, setDouble, setFloat, setInteger, setLong, setProperty, setProperty, setProperty, setPropsContainer, suspendNotify, writeToFile |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
HTTPAccessRestriction
public HTTPAccessRestriction()
initProps
public void initProps()
- affected_path - If this property is non-empty, this extension will only apply to requests whose URI path start with this property (default: )
affected_method - If this property is non-empty, this extension will only apply to the request method (GET, POST, HEAD, etc.) given by this property (default: )
default_behavior - This determines by default whether all requests should be allowed or denied, can be either "allow" or "deny" (default: allow)
path_matches_allow - A comma separated list of patterns (regexp) that are allowed in the URI path if the default behavior is "deny" (default: )
path_matches_deny - A comma deparated list of patterns (regexp) that are denied in the URI path if the default behavior is "allow" (default: )
header_matches_allow - A comma separated list of patterns (regexp) that are allowed in the header fields if the default behavior is "deny" (default: )
header_matches_deny - A comma separated list of patterns (regexp) that are denied in the header fields if the default behavior is "allow" (default: )
allow_ips - A comma separated list of IP addresses or partial IP addresses that are allowed (or * for all) if the default behavior is "deny" (default: )
deny_ips - A comma separated list of IP addresses or partial IP addresses that are denied (or * for all) if the default behavior is "allow" (default: )
allow_properties - A comma separated list of name=value pairs, if no =value is given, an allow is given if the property exists, otherwise the property must have the given value, used if the default behavior is "deny" (default: )
deny_properties - A comma separated list of name=value pairs, if no =value is given, a deny is given if the property exists, otherwise the property must have the given value, used if the default behavior is "allow" (default: )
deny_response - This is the response if a request is to be denied. This is either a 3 number return code or "drop", where the connection is simply dropped (default: 403)
- Specified by:
initProps in interface AgentInterface- Overrides:
initProps in class Agent
start
public void start()
- Description copied from class:
WebServerExtension
- This method inherited from com.cometway.ak.ServiceAgent includes functionality to
register itself with the WebServer (temporary).
- Specified by:
start in interface AgentInterface- Overrides:
start in class WebServerExtension
handleRequest
public boolean handleRequest(HTTPAgentRequest request)
- Description copied from class:
WebServerExtension
- This will be called by the WebServer (specifically the ConnectionKMethod) to handle
an HTTPAgentRequest. If the request has been handled, true is returned and no other
WebServerExtensions will be used.
- Overrides:
handleRequest in class WebServerExtension