Package com.zfabrik.servletjsp.security

Class NonLocalhostWhitelist

java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.Handler.Abstract
org.eclipse.jetty.server.Handler.AbstractContainer
org.eclipse.jetty.server.Handler.Wrapper
com.zfabrik.servletjsp.security.NonLocalhostWhitelist
All Implemented Interfaces:
org.eclipse.jetty.server.Handler, org.eclipse.jetty.server.Handler.Container, org.eclipse.jetty.server.Handler.Singleton, org.eclipse.jetty.server.Request.Handler, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle, org.eclipse.jetty.util.thread.Invocable
public class NonLocalhostWhitelist extends org.eclipse.jetty.server.Handler.Wrapper
A simple whitelisting filter for Jetty access to grant access for Web application paths for non localhost sources.

This filter can be used to increase security by restricting access to Web applications that are only used for debugging and development to access from localhost.

To configure see the Jetty configuration file z2-nonlocalhostwhitelist.xml that might look like this to grant access to the root path "/" and the context path /abc: 

 
 <Configure id="Server" class="org.eclipse.jetty.server.Server">
   <Call name="insertHandler">
     <Arg>
       <New id="NonLocalhostWhitelist" class="com.zfabrik.servletjsp.security.NonLocalhostWhitelist">
         <Set name="patterns">
           <Array type="String">
             <Item>^/abc($|/.*)</Item>
             <Item>^/$</Item>
         </Array>
       </Set>
     </New>
   </Arg>
 </Call>
 </Configure>

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.eclipse.jetty.server.Handler.Abstract

    org.eclipse.jetty.server.Handler.Abstract.NonBlocking

    Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener, org.eclipse.jetty.util.component.AbstractLifeCycle.StopException

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

    org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

    org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    Nested classes/interfaces inherited from interface org.eclipse.jetty.server.Handler

    org.eclipse.jetty.server.Handler.Abstract, org.eclipse.jetty.server.Handler.AbstractContainer, org.eclipse.jetty.server.Handler.Collection, org.eclipse.jetty.server.Handler.Container, org.eclipse.jetty.server.Handler.Sequence, org.eclipse.jetty.server.Handler.Singleton, org.eclipse.jetty.server.Handler.Wrapper

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.thread.Invocable

    org.eclipse.jetty.util.thread.Invocable.Callable, org.eclipse.jetty.util.thread.Invocable.InvocationType, org.eclipse.jetty.util.thread.Invocable.ReadyTask, org.eclipse.jetty.util.thread.Invocable.Task

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

    org.eclipse.jetty.util.component.LifeCycle.Listener

    Nested classes/interfaces inherited from interface org.eclipse.jetty.server.Request.Handler

    org.eclipse.jetty.server.Request.Handler.AbortException

  • Field Summary

    Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    FAILED, STARTED, STARTING, STOPPED, STOPPING

    Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

    KEY

    Fields inherited from interface org.eclipse.jetty.util.thread.Invocable

    __nonBlocking, NOOP

  • Constructor Summary

    Constructors
    Constructor
    Description
    NonLocalhostWhitelist()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    doStart()
     
    boolean
    handle(org.eclipse.jetty.server.Request request, org.eclipse.jetty.server.Response response, org.eclipse.jetty.util.Callback callback)
     
    void
    setPatterns(String[] patterns)
     

    Methods inherited from class org.eclipse.jetty.server.Handler.Wrapper

    getHandler, getInvocationType, setHandler

    Methods inherited from class org.eclipse.jetty.server.Handler.AbstractContainer

    findContainerOf, getDescendant, getDescendants, isDynamic, setDynamic, setServer

    Methods inherited from class org.eclipse.jetty.server.Handler.Abstract

    destroy, doStop, getServer

    Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

    addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, installBean, installBean, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans

    Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface org.eclipse.jetty.util.component.Container

    getCachedBeans, getEventListeners

    Methods inherited from interface org.eclipse.jetty.util.component.Destroyable

    destroy

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

    dumpSelf

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    isDumpable

    Methods inherited from interface org.eclipse.jetty.server.Handler

    getServer, setServer

    Methods inherited from interface org.eclipse.jetty.server.Handler.Container

    getContainer, getDescendant, getDescendants, getDescendants

    Methods inherited from interface org.eclipse.jetty.server.Handler.Singleton

    getHandlers, getTail, insertHandler, setHandler

    Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

    addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop

  • Constructor Details

    • NonLocalhostWhitelist

      public NonLocalhostWhitelist()

  • Method Details

    • setPatterns

      public void setPatterns(String[] patterns)

    • handle

      public boolean handle(org.eclipse.jetty.server.Request request, org.eclipse.jetty.server.Response response, org.eclipse.jetty.util.Callback callback) throws Exception
      Specified by:
      handle in interface org.eclipse.jetty.server.Request.Handler
      Overrides:
      handle in class org.eclipse.jetty.server.Handler.Wrapper
      Throws:
      Exception

    • doStart

      protected void doStart() throws Exception
      Overrides:
      doStart in class org.eclipse.jetty.server.Handler.Abstract
      Throws:
      Exception