List of usage examples for javax.servlet.http HttpServletRequest getRemoteAddr
public String getRemoteAddr();
From source file:com.janrain.servlet.IPRangeFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; // this call will give us the load balancer IP, if it exists, which we don't want... String remoteIp = httpRequest.getRemoteAddr(); //if we're behind a load balancer, we'll get the caller's IP address in the "x-forwarded-for" header: //X-Forwarded-For: xxx.xxx.xxx.xxx, ... String forwardedIps = httpRequest.getHeader("x-forwarded-for"); if (StringUtils.isNotBlank(forwardedIps)) { List<String> items = Arrays.asList(forwardedIps.split("\\s*,\\s*")); // there may be more than one, but we're only interested in the first item if (!items.isEmpty()) { remoteIp = items.get(0);/*www . jav a 2 s . c om*/ } } // match first on internal ips... if (matches(remoteIp, internalProxies) || matches(remoteIp, whiteListProxies)) { chain.doFilter(request, response); } else { logger.warn("remote address restricted: " + remoteIp + " for " + ((HttpServletRequest) request).getRequestURI()); throw new InvalidRequestException("Access restricted"); } }
From source file:uk.org.iay.mdq.server.RequestLogger.java
@Override protected String createMessage(HttpServletRequest request, String prefix, String suffix) { final StringBuilder msg = new StringBuilder(); msg.append(prefix);//from w ww .jav a 2s. c o m msg.append(request.getMethod()); msg.append(" for '").append(request.getRequestURI()).append("'"); if (isIncludeClientInfo()) { final String client = request.getRemoteAddr(); msg.append(" from ").append(client); } msg.append(suffix); return msg.toString(); }
From source file:eionet.cr.web.action.PingActionBean.java
/** * The default handler of this API's calls. * * @return/*from w ww. j a v a 2 s .c om*/ */ @DefaultHandler public Resolution defaultHandler() { // Get client host/IP, ensure that it's in the whitelist. HttpServletRequest request = getContext().getRequest(); String ip = request.getRemoteAddr(); String host = processClientHostName(request.getRemoteHost(), ip); if (!isTrustedRequester(host, ip)) { LOGGER.debug("Client denied: host = " + host + ", IP = " + ip); return new ErrorResolution(HttpURLConnection.HTTP_FORBIDDEN); } // The default result-message and error code that will be printed into XML response. int errorCode = 0; String message = ""; try { // Ensure that the pinged URI is not blank, is legal URI, does not have a fragment part and is not broken. if (StringUtils.isBlank(uri)) { errorCode = ERR_BLANK_URI; message = "No URI given, no action taken."; } else if (!URLUtil.isURL(uri)) { if (create) { errorCode = ERR_INVALID_URL; message = "Not a valid URL, source cannot be created."; } else { message = "URL not in catalogue of sources, no action taken."; } } else if (create && new URL(uri).getRef() != null) { errorCode = ERR_FRAGMENT_URL; message = "URL with a fragment part not allowed, source cannot be created."; } else if (create && URLUtil.isNotExisting(uri)) { errorCode = ERR_BROKEN_URL; message = "Could not make a connection to this URL, source cannot be created."; } else { // Helper flag that will be raised if a harvest is indeed needed. boolean doHarvest = false; // Check if a graph by this URI exists. boolean exists = DAOFactory.get().getDao(HelperDAO.class).isGraphExists(uri); if (exists) { doHarvest = true; } else if (create) { // Graph does not exist, but must be created as indicated in request parameters HarvestSourceDTO source = new HarvestSourceDTO(); source.setUrl(uri); source.setIntervalMinutes( GeneralConfig.getIntProperty(GeneralConfig.HARVESTER_REFERRALS_INTERVAL, 60480)); DAOFactory.get().getDao(HarvestSourceDAO.class).addSource(source); doHarvest = true; } else { message = "URL not in catalogue of sources, no action taken."; } if (doHarvest) { UrgentHarvestQueue.addPullHarvest(uri); message = "URL added to the urgent harvest queue: " + uri; } } } catch (Exception e) { LOGGER.error("PING request failed: " + e.toString(), e); return new ErrorResolution(HttpURLConnection.HTTP_INTERNAL_ERROR); } LOGGER.debug(message); String response = RESPONSE_XML.replace("@message@", message); response = response.replace("@errorCode@", String.valueOf(errorCode)); return new StreamingResolution("text/xml", response); }
From source file:com.nesscomputing.jmx.jolokia.JolokiaServlet.java
private void handle(final ServletRequestHandler reqHandler, final HttpServletRequest req, final HttpServletResponse resp) throws IOException { JSONAware json = null;/*from www . j av a 2 s. c om*/ try { // Check access policy requestHandler.checkClientIPAccess(req.getRemoteHost(), req.getRemoteAddr()); // Dispatch for the proper HTTP request method json = reqHandler.handleRequest(req, resp); if (backendManager.isDebug()) { backendManager.debug("Response: " + json); } } catch (RuntimeMBeanException rme) { json = requestHandler.handleThrowable(rme.getTargetException()); } catch (Throwable exp) { json = requestHandler.handleThrowable(exp); } finally { final String callback = req.getParameter(ConfigKey.CALLBACK.getKeyValue()); if (callback != null) { // Send a JSONP response sendResponse(resp, "text/javascript", callback + "(" + json.toJSONString() + ");"); } else { sendResponse(resp, "application/json", json.toJSONString()); } } }
From source file:org.katzorke.recaptcha.ReCaptchaController.java
@RequestMapping("/recaptcha/validate") public ReCaptchaBackendValidationResponse validate(@RequestParam("reCaptchaResponse") String reCaptchaResponse, HttpServletRequest request) { ReCaptchaBackendValidationResponse validationResponse = restTemplate.postForObject( "https://www.google.com/recaptcha/api/siteverify?secret={secret}&response={response}&remoteip=[ip}", null, ReCaptchaBackendValidationResponse.class, secretKey, reCaptchaResponse, request.getRemoteAddr()); System.out.println(validationResponse); return validationResponse; }
From source file:org.fcrepo.auth.xacml.XACMLAuthorizationDelegate.java
/** * Builds a global attribute finder from injected modules that may use * current session information./*from ww w . ja v a 2 s . c om*/ * * @param session the ModeShape session * @param absPath the node or property path * @param actions the actions requested * @return an attribute finder */ private EvaluationCtx buildEvaluationContext(final Session session, final String absPath, final String[] actions, final Set<String> roles) { final FedoraEvaluationCtxBuilder builder = new FedoraEvaluationCtxBuilder(); builder.addFinderModule(currentEnvironmentAttributeModule); builder.addFinderModule(sparqlResourceAttributeFinderModule); // A subject attribute finder prototype is injected with Session // AttributeFinderModule subjectAttributeFinder = null; // if (applicationContext // .containsBeanDefinition(SUBJECT_ATTRIBUTE_FINDER_BEAN)) { // subjectAttributeFinder = // (AttributeFinderModule) applicationContext.getBean( // SUBJECT_ATTRIBUTE_FINDER_BEAN, session); // builder.addFinderModule(subjectAttributeFinder); // } // environment attribute finder is injected with Session // AttributeFinderModule environmentAttributeFinder = null; // if (applicationContext // .containsBeanDefinition(ENVIRONMENT_ATTRIBUTE_FINDER_BEAN)) { // environmentAttributeFinder = // (AttributeFinderModule) applicationContext.getBean( // ENVIRONMENT_ATTRIBUTE_FINDER_BEAN, session); // builder.addFinderModule(environmentAttributeFinder); // } // Triple attribute finder will look in modeshape for any valid // predicate URI, therefore it falls last in this list. builder.addFinderModule(tripleResourceAttributeFinderModule); LOGGER.debug("effective roles: {}", roles); final Principal user = (Principal) session.getAttribute(FEDORA_USER_PRINCIPAL); builder.addSubject(user.getName(), roles); builder.addResourceID(absPath); builder.addWorkspace(session.getWorkspace().getName()); builder.addActions(actions); // add the original IP address final HttpServletRequest request = (HttpServletRequest) session.getAttribute(FEDORA_SERVLET_REQUEST); builder.addOriginalRequestIP(request.getRemoteAddr()); // add user's groups @SuppressWarnings("unchecked") final Set<Principal> allGroups = (Set<Principal>) session.getAttribute(FEDORA_ALL_PRINCIPALS); LOGGER.debug("effective groups: {}", allGroups); builder.addGroups(user, allGroups); return builder.build(); }
From source file:com.starit.diamond.server.controller.AdminController.java
private String getRemoteIP(HttpServletRequest request) { String remoteIP = request.getRemoteAddr(); if (remoteIP.equals("127.0.0.1")) { remoteIP = request.getHeader("X-Real-IP"); }/*ww w.java 2 s . co m*/ return remoteIP; }
From source file:com.streamsets.pipeline.lib.http.HttpReceiverServlet.java
@Override protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { if (validateAppId(req, res)) { LOG.debug("Validation from '{}', OK", req.getRemoteAddr()); res.setHeader(HttpConstants.X_SDC_PING_HEADER, HttpConstants.X_SDC_PING_VALUE); res.setStatus(HttpServletResponse.SC_OK); }//w w w .j a v a 2s. c o m }
From source file:com.oneops.ecv.ws.StatusController.java
protected final boolean isAuthorized(HttpServletRequest req) { boolean isAuthorized; isAuthorized = authUtil.authenticate(req.getHeader("Authorization")); String remoteAddress = req.getRemoteAddr(); boolean isLocalRequest = isLocal(remoteAddress); ECV_LOGGER.info("Authorizing validCredential :" + isAuthorized + " isLocal:" + isLocalRequest + " authorized:" + (isAuthorized && isLocalRequest)); isAuthorized = isAuthorized && isLocalRequest; return isAuthorized; }
From source file:gumga.framework.security.GumgaRequestFilter.java
public void saveLog(AuthorizatonResponse ar, HttpServletRequest requset, String operationKey, String endPoint, String method, boolean a) { if (gumgaValues.isLogActive()) { GumgaLog gl = new GumgaLog(ar.getLogin(), requset.getRemoteAddr(), ar.getOrganizationCode(), ar.getOrganization(), softwareId, operationKey, endPoint, method, a); gls.save(gl);//from www .jav a2 s . c o m } }