search
HomeJavajavaTutorialCode example for implementing IP blacklist in java

This article mainly introduces the spring boot interceptor implementation IP blacklist example code, which has certain reference value. Interested friends can refer to it

Preface

Recently I have been working on Hexo+GithubPage to build a personal blog, so I haven’t learned much about SpringBoot. So today I made some modifications to the last "Second Anti-Refresh". Last time, annotations and interceptors (@Aspect) were used to implement the function. However, if the requirement is for a global interceptor to intercept most URLs, it is obviously impossible to add them one by one by yourself. Moreover, the last interceptor had requirements for the parameters of the Controller, which was always inconvenient for others to actually reference. Therefore, this time I used inherited HandlerInterceptor to implement the interceptor.

Functional requirements

Intercept certain types of URLs in the project. If a user accesses a large number of the links in a short period of time, the user's IP will be blacklisted and prohibited. User visits web page. (At the same time, you can use @Async to create scheduled tasks to help users unlock the ban.)

Knowledge Record

The functions of spring's interceptor HandlerInterceptor are the same as FilterSimilar, but provides finer control: before the request is responded to, after the request is responded to, Before the view is rendered, and after the request is completed. We cannot modify the request content through the interceptor, but we can suspend the execution of the request by throwing an exception (or returning false).
Configuring interceptors is also very simple. Spring provides the basic class WebMvcConfigurerAdapter for this. We only need to rewrite the addInterceptors method to add registered interceptors.

It only takes 3 steps to implement a custom interceptor:

1. Create our own interceptor class and implement HandlerInterceptor interface.

2. Create a Java class that inherits WebMvcConfigurerAdapter and overrides the addInterceptors method.

3. Instantiate our custom interceptor, and then manually add the object to the interceptor chain (added in the addInterceptors method).

Official start of work

IP tool class

Since the user agent is not clear, it is best to use a tool class to obtain the user's real IP. You can find this on Google, so I won’t post the code.

Database

I am using MySQL database, and the persistence layer framework is MyBatis. Please refer to the "Preparation" steps for details.
I create a table "blaclist" in the "myboot" database. The attributes are as follows:

Field name Explanation
id The id of the record
ip User’s real IP
iptime IP locked time

Entity Class

public class BlackList {

  private int id;
  private String ip;
  private Date iptime; // 日期类型,格式:yyyy-MM-dd HH:mm:ss
  //构造器
  public BlackList() {
  }

  public BlackList(String ip, Date iptime) {
    this.ip = ip;
    this.iptime = iptime;
  }
  // get && set 方法
}

Dao layer

NoteXML configuration and corresponding entity configuration (omitted).

@Mapper
public interface BlackListDao {
  // 根据IP来查找记录
  List<BlackList> findByIp(String ip);
  // 添加记录
  int addBlackList(@Param("blackList") BlackList blackList);
}

Implement HandlerInterceptor interface

public class URLInterceptor implements HandlerInterceptor {

  @Autowired
  BlackListDao blackListDao;

  private Map<String, Integer> redisTemplate = new HashMap<String, Integer>();
  private static final Logger logger = LoggerFactory.getLogger(URLInterceptor.class);

  //在请求处理之前进行调用(Controller方法调用之前)
  @Override
  public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
    return true;
  }

  //请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
  @Override
  public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
    String ip = IPAddressUtil.getClientIpAddress(httpServletRequest);
    List<BlackList> blackLists = blackListDao.findByIp(ip);
    if (blackLists == null || blackLists.size() == 0){
      urlHandle(httpServletRequest, 5000, 10);
    } else {
      //强制控制跳转
      modelAndView.setViewName("/errorpage/error.html");
    }
  }

  //在整个请求结束之后被调用
  @Override
  public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

  }

  public void urlHandle(HttpServletRequest request, long limitTime,int limitCount) throws RequestLimitException {
      /**
       * 省略业务逻辑部分,参考"准备"步骤
       */
      if (count > limitCount){ //符合锁定条件
        Calendar calendar = Calendar.getInstance();
        Date iptime=calendar.getTime();
        BlackList blackList = new BlackList(ip, iptime);
        blackListDao.addBlackList(blackList);
        throw new RequestLimitException();
      }
  }
}

WebMvcConfigurerAdapter class

Configure the spring mvc interceptor WebMvcConfigurerAdapter.

@Configuration
public class MyWebAppConfigurer extends WebMvcConfigurerAdapter {

  @Bean  //把我们的拦截器注入为bean
  public HandlerInterceptor getMyInterceptor(){
    return new URLInterceptor();
  }

  @Override
  public void addInterceptors(InterceptorRegistry registry) {
    // 多个拦截器组成一个拦截器链
    // addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
    // excludePathPatterns 用户排除拦截
    registry.addInterceptor(getMyInterceptor()).addPathPatterns("/url/**");
    super.addInterceptors(registry);
  }
}

Controller Class

  @RequestMapping("/url/test")
  @ResponseBody
  public String URLtest() {
    return "success";
  }

【Related Recommendations】

1. Java Free Video Tutorial

2. Comprehensive analysis of Java annotations

3. Alibaba Java Development Manual

The above is the detailed content of Code example for implementing IP blacklist in java. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
What is the difference between JSON serialization and JDK serialization in storage?What is the difference between JSON serialization and JDK serialization in storage?Apr 19, 2025 pm 05:33 PM

Discussion on the differences between JSON serialization and JDK serialization in storage In the fields of programming and data storage, serialization is to convert objects into storable or transferable formats...

How to efficiently solve the coordinates of the intersection point when the projections of two line segments overlap in three-dimensional space?How to efficiently solve the coordinates of the intersection point when the projections of two line segments overlap in three-dimensional space?Apr 19, 2025 pm 05:30 PM

Solving the intersection coordinates of two line segments in three-dimensional space This article will explore how to solve the intersection coordinates of two line segments in three-dimensional space, especially when these two lines...

How to develop an HTTP request response monitoring software?How to develop an HTTP request response monitoring software?Apr 19, 2025 pm 05:27 PM

How to build HTTP request response monitoring software? This article will explore how to develop a software that can monitor relevant metrics in the client HTTP request and response process...

How to solve the problem that Flink cannot find Python task script when submitting PyFlink job to Yarn Application?How to solve the problem that Flink cannot find Python task script when submitting PyFlink job to Yarn Application?Apr 19, 2025 pm 05:21 PM

How to solve the problem that Flink cannot find Python task script when submitting PyFlink job to YarnApplication? When you are submitting PyFlink jobs to Yarn using Flink...

The output result of Java array is abnormal after expansion. What is the problem?The output result of Java array is abnormal after expansion. What is the problem?Apr 19, 2025 pm 05:18 PM

Java array expansion and strange output results This article will analyze a piece of Java code, which aims to achieve dynamic expansion of arrays, but during operation...

Docker Nginx deployment front-end project: How to resolve blank pages and proxy exceptions?Docker Nginx deployment front-end project: How to resolve blank pages and proxy exceptions?Apr 19, 2025 pm 05:15 PM

Blank pages and proxy exceptions encountered when deploying front-end projects with Docker Nginx. When using Docker and Nginx to deploy front-end and back-end projects, you often encounter some...

Spring Boot 3 Project: How to properly deploy external configuration files to Tomcat?Spring Boot 3 Project: How to properly deploy external configuration files to Tomcat?Apr 19, 2025 pm 05:12 PM

Deployment method of external configuration files of SpringBoot3 project In SpringBoot3 project development, we often need to configure the configuration file application.properties...

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Tools

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

PhpStorm Mac version

PhpStorm Mac version

The latest (2018.2.1) professional PHP integrated development tool

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use