This article mainly introduces the spring boot interceptor implementation IP blacklist example code, which has certain reference value. Interested friends can refer to it
Preface
Recently I have been working on Hexo+GithubPage to build a personal blog, so I haven’t learned much about SpringBoot. So today I made some modifications to the last "Second Anti-Refresh". Last time, annotations and interceptors (@Aspect) were used to implement the function. However, if the requirement is for a global interceptor to intercept most URLs, it is obviously impossible to add them one by one by yourself. Moreover, the last interceptor had requirements for the parameters of the Controller, which was always inconvenient for others to actually reference. Therefore, this time I used inherited HandlerInterceptor to implement the interceptor.
Functional requirements
Intercept certain types of URLs in the project. If a user accesses a large number of the links in a short period of time, the user's IP will be blacklisted and prohibited. User visits web page. (At the same time, you can use @Async to create scheduled tasks to help users unlock the ban.)
Knowledge Record
The functions of spring's interceptor HandlerInterceptor are the same as FilterSimilar, but provides finer control: before the request is responded to, after the request is responded to, Before the view is rendered, and after the request is completed. We cannot modify the request content through the interceptor, but we can suspend the execution of the request by throwing an exception (or returning false).
Configuring interceptors is also very simple. Spring provides the basic class WebMvcConfigurerAdapter for this. We only need to rewrite the addInterceptors method to add registered interceptors.
It only takes 3 steps to implement a custom interceptor:
1. Create our own interceptor class and implement HandlerInterceptor interface.
2. Create a Java class that inherits WebMvcConfigurerAdapter and overrides the addInterceptors method.
3. Instantiate our custom interceptor, and then manually add the object to the interceptor chain (added in the addInterceptors method).
Official start of work
IP tool class
Since the user agent is not clear, it is best to use a tool class to obtain the user's real IP. You can find this on Google, so I won’t post the code.
Database
I am using MySQL database, and the persistence layer framework is MyBatis. Please refer to the "Preparation" steps for details.
I create a table "blaclist" in the "myboot" database. The attributes are as follows:
| Field name | Explanation |
|---|---|
| id | The id of the record |
| ip | User’s real IP |
| iptime | IP locked time |
Entity Class
public class BlackList {
private int id;
private String ip;
private Date iptime; // 日期类型,格式:yyyy-MM-dd HH:mm:ss
//构造器
public BlackList() {
}
public BlackList(String ip, Date iptime) {
this.ip = ip;
this.iptime = iptime;
}
// get && set 方法
}Dao layer
NoteXML configuration and corresponding entity configuration (omitted).
@Mapper
public interface BlackListDao {
// 根据IP来查找记录
List<BlackList> findByIp(String ip);
// 添加记录
int addBlackList(@Param("blackList") BlackList blackList);
}Implement HandlerInterceptor interface
public class URLInterceptor implements HandlerInterceptor {
@Autowired
BlackListDao blackListDao;
private Map<String, Integer> redisTemplate = new HashMap<String, Integer>();
private static final Logger logger = LoggerFactory.getLogger(URLInterceptor.class);
//在请求处理之前进行调用(Controller方法调用之前)
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
return true;
}
//请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
String ip = IPAddressUtil.getClientIpAddress(httpServletRequest);
List<BlackList> blackLists = blackListDao.findByIp(ip);
if (blackLists == null || blackLists.size() == 0){
urlHandle(httpServletRequest, 5000, 10);
} else {
//强制控制跳转
modelAndView.setViewName("/errorpage/error.html");
}
}
//在整个请求结束之后被调用
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
public void urlHandle(HttpServletRequest request, long limitTime,int limitCount) throws RequestLimitException {
/**
* 省略业务逻辑部分,参考"准备"步骤
*/
if (count > limitCount){ //符合锁定条件
Calendar calendar = Calendar.getInstance();
Date iptime=calendar.getTime();
BlackList blackList = new BlackList(ip, iptime);
blackListDao.addBlackList(blackList);
throw new RequestLimitException();
}
}
}WebMvcConfigurerAdapter class
Configure the spring mvc interceptor WebMvcConfigurerAdapter.
@Configuration
public class MyWebAppConfigurer extends WebMvcConfigurerAdapter {
@Bean //把我们的拦截器注入为bean
public HandlerInterceptor getMyInterceptor(){
return new URLInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 多个拦截器组成一个拦截器链
// addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
// excludePathPatterns 用户排除拦截
registry.addInterceptor(getMyInterceptor()).addPathPatterns("/url/**");
super.addInterceptors(registry);
}
}Controller Class
@RequestMapping("/url/test")
@ResponseBody
public String URLtest() {
return "success";
}【Related Recommendations】
2. Comprehensive analysis of Java annotations
3. Alibaba Java Development Manual
The above is the detailed content of Code example for implementing IP blacklist in java. For more information, please follow other related articles on the PHP Chinese website!
How do I use Maven or Gradle for advanced Java project management, build automation, and dependency resolution?Mar 17, 2025 pm 05:46 PMThe article discusses using Maven and Gradle for Java project management, build automation, and dependency resolution, comparing their approaches and optimization strategies.
How do I create and use custom Java libraries (JAR files) with proper versioning and dependency management?Mar 17, 2025 pm 05:45 PMThe article discusses creating and using custom Java libraries (JAR files) with proper versioning and dependency management, using tools like Maven and Gradle.
How do I implement multi-level caching in Java applications using libraries like Caffeine or Guava Cache?Mar 17, 2025 pm 05:44 PMThe article discusses implementing multi-level caching in Java using Caffeine and Guava Cache to enhance application performance. It covers setup, integration, and performance benefits, along with configuration and eviction policy management best pra
How can I use JPA (Java Persistence API) for object-relational mapping with advanced features like caching and lazy loading?Mar 17, 2025 pm 05:43 PMThe article discusses using JPA for object-relational mapping with advanced features like caching and lazy loading. It covers setup, entity mapping, and best practices for optimizing performance while highlighting potential pitfalls.[159 characters]
How does Java's classloading mechanism work, including different classloaders and their delegation models?Mar 17, 2025 pm 05:35 PMJava's classloading involves loading, linking, and initializing classes using a hierarchical system with Bootstrap, Extension, and Application classloaders. The parent delegation model ensures core classes are loaded first, affecting custom class loa
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
