Package net.shibboleth.shared.security.impl

Class IPRangeAccessControl

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

net.shibboleth.shared.security.impl.IPRangeAccessControl

All Implemented Interfaces:

Component, DestructableComponent, IdentifiableComponent, IdentifiedComponent, InitializableComponent, AccessControl

public class IPRangeAccessControl
extends AbstractIdentifiableInitializableComponent
implements AccessControl

Simple access control implementation based on IP address checking.

Field Summary

Fields

Modifier and Type	Field	Description
private Collection<IPRange>	allowedRanges	List of CIDR blocks allowed to access this servlet.
private final org.slf4j.Logger	log	Class logger.

Constructor Summary

Constructors

Constructor	Description
IPRangeAccessControl()	Constructor.

Method Summary

Modifier and Type	Method	Description
boolean	checkAccess(ServletRequest request, String operation, String resource)	Determine whether the request to the resource should be granted.
private String	getLogPrefix()	Get logging prefix.
void	setAllowedRanges(Collection<IPRange> ranges)	Set the CIDR address ranges to allow.

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiableInitializableComponent

setId

Methods inherited from class net.shibboleth.shared.component.AbstractIdentifiedInitializableComponent

doInitialize, ensureId, getId, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.IdentifiedComponent

getId

Field Details

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

allowedRanges

@Nonnull
private Collection<IPRange> allowedRanges

List of CIDR blocks allowed to access this servlet.

Constructor Details

IPRangeAccessControl

public IPRangeAccessControl()

Constructor.

Method Details

setAllowedRanges

public void setAllowedRanges(@Nonnull
 Collection<IPRange> ranges)

Set the CIDR address ranges to allow.

Parameters:

ranges - ranges to allow

checkAccess

public boolean checkAccess(@Nonnull
 ServletRequest request,
 @Nullable
 String operation,
 @Nullable
 String resource)

Determine whether the request to the resource should be granted.

Specified by:

checkAccess in interface AccessControl

Parameters:

request - request to check

operation - operation being performed

resource - target resource

Returns:

true iff access should be granted

getLogPrefix

@Nonnull
private String getLogPrefix()

Get logging prefix.

Returns:

prefix