您好,登錄后才能下訂單哦!
小編這次要給大家分享的是如何實(shí)現(xiàn)Springboot過(guò)濾器禁止ip頻繁訪問(wèn)功能,文章內(nèi)容豐富,感興趣的小伙伴可以來(lái)了解一下,希望大家閱讀完這篇文章之后能夠有所收獲。
在開(kāi)發(fā) Web 項(xiàng)目的時(shí)候,經(jīng)常需要過(guò)濾器來(lái)處理一些請(qǐng)求,包括字符集轉(zhuǎn)換什么的,記錄請(qǐng)求日志什么的等等。在之前的 Web 開(kāi)發(fā)中,我們習(xí)慣把過(guò)濾器配置到 web.xml 中,但是在 SpringBoot 中,兵沒(méi)有這個(gè)配置文件,該如何操作呢?
1.編寫(xiě)一個(gè)過(guò)濾器:
import lombok.extern.slf4j.Slf4j; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Iterator; import java.util.Set; import java.util.concurrent.ConcurrentHashMap; @Slf4j @WebFilter(urlPatterns="/dyflight/*") public class IpFilter implements Filter{ /** * 默認(rèn)限制時(shí)間(單位:ms)3600000,3600(s), */ private static final long LIMITED_TIME_MILLIS = 10 * 1000; /** * 用戶連續(xù)訪問(wèn)最高閥值,超過(guò)該值則認(rèn)定為惡意操作的IP,進(jìn)行限制 */ private static final int LIMIT_NUMBER = 5; /** * 用戶訪問(wèn)最小安全時(shí)間,在該時(shí)間內(nèi)如果訪問(wèn)次數(shù)大于閥值,則記錄為惡意IP,否則視為正常訪問(wèn) */ private static final int MIN_SAFE_TIME = 5000; private FilterConfig config; @Override public void init(FilterConfig filterConfig) throws ServletException { this.config = filterConfig; //設(shè)置屬性filterConfig } /* (non-Javadoc) * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) */ @SuppressWarnings("unchecked") @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; ServletContext context = config.getServletContext(); // 獲取限制IP存儲(chǔ)器:存儲(chǔ)被限制的IP信息 //Map<String, Long> limitedIpMap = (Map<String, Long>) context.getAttribute("limitedIpMap"); ConcurrentHashMap<String ,Long> limitedIpMap = (ConcurrentHashMap<String, Long>) context.getAttribute("limitedIpMap"); // 過(guò)濾受限的IP filterLimitedIpMap(limitedIpMap); // 獲取用戶IP String ip = IPUtil.getRemoteIpAddr(request); System.err.println("ip:"+ip); // 判斷是否是被限制的IP,如果是則跳到異常頁(yè)面 if (isLimitedIP(limitedIpMap, ip)) { long limitedTime = limitedIpMap.get(ip) - System.currentTimeMillis(); // 剩余限制時(shí)間(用為從毫秒到秒轉(zhuǎn)化的一定會(huì)存在些許誤差,但基本可以忽略不計(jì)) request.setAttribute("remainingTime", ((limitedTime / 1000) + (limitedTime % 1000 > 0 ? 1 : 0))); System.err.println("ip訪問(wèn)過(guò)于頻繁:"+ip); throw new RuntimeException("ip訪問(wèn)過(guò)于頻繁"); } // 獲取IP存儲(chǔ)器 ConcurrentHashMap<String, Long[]> ipMap = (ConcurrentHashMap<String, Long[]>) context.getAttribute("ipMap"); // 判斷存儲(chǔ)器中是否存在當(dāng)前IP,如果沒(méi)有則為初次訪問(wèn),初始化該ip // 如果存在當(dāng)前ip,則驗(yàn)證當(dāng)前ip的訪問(wèn)次數(shù) // 如果大于限制閥值,判斷達(dá)到閥值的時(shí)間,如果不大于[用戶訪問(wèn)最小安全時(shí)間]則視為惡意訪問(wèn),跳轉(zhuǎn)到異常頁(yè)面 if (ipMap.containsKey(ip)) { Long[] ipInfo = ipMap.get(ip); ipInfo[0] = ipInfo[0] + 1; log.debug("當(dāng)前第[" + (ipInfo[0]) + "]次訪問(wèn)"); if (ipInfo[0] > LIMIT_NUMBER) { Long ipAccessTime = ipInfo[1]; Long currentTimeMillis = System.currentTimeMillis(); log.debug("ip訪問(wèn)過(guò)于頻繁:currentTimeMillis: "+currentTimeMillis+" - ipAccessTime:"+ipAccessTime+" : " + (currentTimeMillis - ipAccessTime) + "<="+ MIN_SAFE_TIME); if (currentTimeMillis - ipAccessTime <= MIN_SAFE_TIME) { limitedIpMap.put(ip, currentTimeMillis + LIMITED_TIME_MILLIS); request.setAttribute("remainingTime", LIMITED_TIME_MILLIS); log.debug("ip訪問(wèn)過(guò)于頻繁:LIMITED_TIME_MILLIS:"+LIMITED_TIME_MILLIS); log.debug("ip訪問(wèn)過(guò)于頻繁:"+ip); throw new RuntimeException("ip訪問(wèn)過(guò)于頻繁"); } else { initIpVisitsNumber(ipMap, ip); } } } else { initIpVisitsNumber(ipMap, ip); System.out.println("您首次訪問(wèn)該網(wǎng)站"); } context.setAttribute("ipMap", ipMap); chain.doFilter(request, response); } @Override public void destroy() { // TODO Auto-generated method stub } /** * @Description 過(guò)濾受限的IP,剔除已經(jīng)到期的限制IP * @param limitedIpMap */ private void filterLimitedIpMap(ConcurrentHashMap<String, Long> limitedIpMap) { if (limitedIpMap == null) { return; } Set<String> keys = limitedIpMap.keySet(); Iterator<String> keyIt = keys.iterator(); long currentTimeMillis = System.currentTimeMillis(); while (keyIt.hasNext()) { long expireTimeMillis = limitedIpMap.get(keyIt.next()); log.debug("expireTimeMillis <= currentTimeMillis:"+ expireTimeMillis+" <="+ currentTimeMillis); if (expireTimeMillis <= currentTimeMillis) { keyIt.remove(); } } } /** * @Description 是否是被限制的IP * @param limitedIpMap * @param ip * @return true : 被限制 | false : 正常 */ private boolean isLimitedIP(ConcurrentHashMap<String, Long> limitedIpMap, String ip) { if (limitedIpMap == null || ip == null) { // 沒(méi)有被限制 return false; } Set<String> keys = limitedIpMap.keySet(); Iterator<String> keyIt = keys.iterator(); while (keyIt.hasNext()) { String key = keyIt.next(); if (key.equals(ip)) { // 被限制的IP return true; } } return false; } /** * 初始化用戶訪問(wèn)次數(shù)和訪問(wèn)時(shí)間 * * @param ipMap * @param ip */ private void initIpVisitsNumber(ConcurrentHashMap<String, Long[]> ipMap, String ip) { Long[] ipInfo = new Long[2]; ipInfo[0] = 0L;// 訪問(wèn)次數(shù) ipInfo[1] = System.currentTimeMillis();// 初次訪問(wèn)時(shí)間 ipMap.put(ip, ipInfo); } }
2. 創(chuàng)建一個(gè)監(jiān)聽(tīng)器:需要初始化倆個(gè)容器:
import lombok.extern.slf4j.Slf4j; import javax.servlet.ServletContext; import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; import javax.servlet.annotation.WebListener; import java.util.concurrent.ConcurrentHashMap; @Slf4j @WebListener public class MyApplicationListener implements ServletContextListener { @Override public void contextInitialized(ServletContextEvent sce) { log.debug("liting: contextInitialized"); log.debug("MyApplicationListener初始化成功"); ServletContext context = sce.getServletContext(); // IP存儲(chǔ)器 ConcurrentHashMap<String, Long[]> ipMap = new ConcurrentHashMap<>(); context.setAttribute("ipMap", ipMap); // 限制IP存儲(chǔ)器:存儲(chǔ)被限制的IP信息 ConcurrentHashMap<String, Long> limitedIpMap = new ConcurrentHashMap<String, Long>(); context.setAttribute("limitedIpMap", limitedIpMap); log.debug("ipmap:"+ipMap.toString()+";limitedIpMap:"+limitedIpMap.toString()+"初始化成功。。。。。"); } @Override public void contextDestroyed(ServletContextEvent sce) { // TODO Auto-generated method stub } }
3.iputil
import javax.servlet.http.HttpServletRequest; import java.net.InetAddress; import java.net.UnknownHostException; public class IPUtil { public static String getRemoteIpAddr(HttpServletRequest request) { String ip = request.getHeader("x-forwarded-for"); if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_CLIENT_IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_X_FORWARDED_FOR"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); if("127.0.0.1".equals(ip)||"0:0:0:0:0:0:0:1".equals(ip)){ //根據(jù)網(wǎng)卡取本機(jī)配置的IP InetAddress inet=null; try { inet = InetAddress.getLocalHost(); } catch (UnknownHostException e) { e.printStackTrace(); } ip= inet.getHostAddress(); } } return ip; } }
4配置
springboot啟動(dòng)類中添加過(guò)濾器和監(jiān)聽(tīng)器的包掃描
@ServletComponentScan(basePackages="cn.xxx.common")
spring web.xml
過(guò)濾器
<filter> <filter-name>ipFilter</filter-name> <filter-class>com.xxxx.common.filter.IpFilter</filter-class> </filter> <filter-mapping> <filter-name>ipFilter</filter-name> <url-pattern>/dyflight/**</url-pattern> </filter-mapping>
監(jiān)聽(tīng)器:
<listener> <listener-class>com.xxxx.common.Listener.MyApplicationListener</listener-class> </listener>
看完這篇關(guān)于如何實(shí)現(xiàn)Springboot過(guò)濾器禁止ip頻繁訪問(wèn)功能的文章,如果覺(jué)得文章內(nèi)容寫(xiě)得不錯(cuò)的話,可以把它分享出去給更多人看到。
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。