search
HomeJavajavaTutorialCode example for implementing IP blacklist in java

This article mainly introduces the spring boot interceptor implementation IP blacklist example code, which has certain reference value. Interested friends can refer to it

Preface

Recently I have been working on Hexo+GithubPage to build a personal blog, so I haven’t learned much about SpringBoot. So today I made some modifications to the last "Second Anti-Refresh". Last time, annotations and interceptors (@Aspect) were used to implement the function. However, if the requirement is for a global interceptor to intercept most URLs, it is obviously impossible to add them one by one by yourself. Moreover, the last interceptor had requirements for the parameters of the Controller, which was always inconvenient for others to actually reference. Therefore, this time I used inherited HandlerInterceptor to implement the interceptor.

Functional requirements

Intercept certain types of URLs in the project. If a user accesses a large number of the links in a short period of time, the user's IP will be blacklisted and prohibited. User visits web page. (At the same time, you can use @Async to create scheduled tasks to help users unlock the ban.)

Knowledge Record

The functions of spring's interceptor HandlerInterceptor are the same as FilterSimilar, but provides finer control: before the request is responded to, after the request is responded to, Before the view is rendered, and after the request is completed. We cannot modify the request content through the interceptor, but we can suspend the execution of the request by throwing an exception (or returning false).
Configuring interceptors is also very simple. Spring provides the basic class WebMvcConfigurerAdapter for this. We only need to rewrite the addInterceptors method to add registered interceptors.

It only takes 3 steps to implement a custom interceptor:

1. Create our own interceptor class and implement HandlerInterceptor interface.

2. Create a Java class that inherits WebMvcConfigurerAdapter and overrides the addInterceptors method.

3. Instantiate our custom interceptor, and then manually add the object to the interceptor chain (added in the addInterceptors method).

Official start of work

IP tool class

Since the user agent is not clear, it is best to use a tool class to obtain the user's real IP. You can find this on Google, so I won’t post the code.

Database

I am using MySQL database, and the persistence layer framework is MyBatis. Please refer to the "Preparation" steps for details.
I create a table "blaclist" in the "myboot" database. The attributes are as follows:

Field name Explanation
id The id of the record
ip User’s real IP
iptime IP locked time

Entity Class

public class BlackList {

  private int id;
  private String ip;
  private Date iptime; // 日期类型,格式:yyyy-MM-dd HH:mm:ss
  //构造器
  public BlackList() {
  }

  public BlackList(String ip, Date iptime) {
    this.ip = ip;
    this.iptime = iptime;
  }
  // get && set 方法
}

Dao layer

NoteXML configuration and corresponding entity configuration (omitted).

@Mapper
public interface BlackListDao {
  // 根据IP来查找记录
  List<BlackList> findByIp(String ip);
  // 添加记录
  int addBlackList(@Param("blackList") BlackList blackList);
}

Implement HandlerInterceptor interface

public class URLInterceptor implements HandlerInterceptor {

  @Autowired
  BlackListDao blackListDao;

  private Map<String, Integer> redisTemplate = new HashMap<String, Integer>();
  private static final Logger logger = LoggerFactory.getLogger(URLInterceptor.class);

  //在请求处理之前进行调用(Controller方法调用之前)
  @Override
  public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
    return true;
  }

  //请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
  @Override
  public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
    String ip = IPAddressUtil.getClientIpAddress(httpServletRequest);
    List<BlackList> blackLists = blackListDao.findByIp(ip);
    if (blackLists == null || blackLists.size() == 0){
      urlHandle(httpServletRequest, 5000, 10);
    } else {
      //强制控制跳转
      modelAndView.setViewName("/errorpage/error.html");
    }
  }

  //在整个请求结束之后被调用
  @Override
  public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

  }

  public void urlHandle(HttpServletRequest request, long limitTime,int limitCount) throws RequestLimitException {
      /**
       * 省略业务逻辑部分,参考"准备"步骤
       */
      if (count > limitCount){ //符合锁定条件
        Calendar calendar = Calendar.getInstance();
        Date iptime=calendar.getTime();
        BlackList blackList = new BlackList(ip, iptime);
        blackListDao.addBlackList(blackList);
        throw new RequestLimitException();
      }
  }
}

WebMvcConfigurerAdapter class

Configure the spring mvc interceptor WebMvcConfigurerAdapter.

@Configuration
public class MyWebAppConfigurer extends WebMvcConfigurerAdapter {

  @Bean  //把我们的拦截器注入为bean
  public HandlerInterceptor getMyInterceptor(){
    return new URLInterceptor();
  }

  @Override
  public void addInterceptors(InterceptorRegistry registry) {
    // 多个拦截器组成一个拦截器链
    // addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接
    // excludePathPatterns 用户排除拦截
    registry.addInterceptor(getMyInterceptor()).addPathPatterns("/url/**");
    super.addInterceptors(registry);
  }
}

Controller Class

  @RequestMapping("/url/test")
  @ResponseBody
  public String URLtest() {
    return "success";
  }

【Related Recommendations】

1. Java Free Video Tutorial

2. Comprehensive analysis of Java annotations

3. Alibaba Java Development Manual

The above is the detailed content of Code example for implementing IP blacklist in java. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
How do I use Maven or Gradle for advanced Java project management, build automation, and dependency resolution?How do I use Maven or Gradle for advanced Java project management, build automation, and dependency resolution?Mar 17, 2025 pm 05:46 PM

The article discusses using Maven and Gradle for Java project management, build automation, and dependency resolution, comparing their approaches and optimization strategies.

How do I create and use custom Java libraries (JAR files) with proper versioning and dependency management?How do I create and use custom Java libraries (JAR files) with proper versioning and dependency management?Mar 17, 2025 pm 05:45 PM

The article discusses creating and using custom Java libraries (JAR files) with proper versioning and dependency management, using tools like Maven and Gradle.

How do I implement multi-level caching in Java applications using libraries like Caffeine or Guava Cache?How do I implement multi-level caching in Java applications using libraries like Caffeine or Guava Cache?Mar 17, 2025 pm 05:44 PM

The article discusses implementing multi-level caching in Java using Caffeine and Guava Cache to enhance application performance. It covers setup, integration, and performance benefits, along with configuration and eviction policy management best pra

How can I use JPA (Java Persistence API) for object-relational mapping with advanced features like caching and lazy loading?How can I use JPA (Java Persistence API) for object-relational mapping with advanced features like caching and lazy loading?Mar 17, 2025 pm 05:43 PM

The article discusses using JPA for object-relational mapping with advanced features like caching and lazy loading. It covers setup, entity mapping, and best practices for optimizing performance while highlighting potential pitfalls.[159 characters]

How does Java's classloading mechanism work, including different classloaders and their delegation models?How does Java's classloading mechanism work, including different classloaders and their delegation models?Mar 17, 2025 pm 05:35 PM

Java's classloading involves loading, linking, and initializing classes using a hierarchical system with Bootstrap, Extension, and Application classloaders. The parent delegation model ensures core classes are loaded first, affecting custom class loa

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
WWE 2K25: How To Unlock Everything In MyRise
1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Safe Exam Browser

Safe Exam Browser

Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

ZendStudio 13.5.1 Mac

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment