public abstract class RequestFilterValve extends ValveBase
 This valve is configured by setting the allow and/or
 deny properties to a regular expressions (in the syntax
 supported by Pattern) to which the appropriate request property will
 be compared. Evaluation proceeds as follows:
 
process() method.
 
 As an option the valve can generate an invalid authenticate
 header instead of denying the request. This can be combined with the
 context attribute preemptiveAuthentication="true" and an
 authenticator to force authentication instead of denial.
 
This Valve may be attached to any Container, depending on the granularity of the filtering you wish to perform.
Lifecycle.SingleUse| Modifier and Type | Field and Description | 
|---|---|
| protected Pattern | allowThe regular expression used to test for allowed requests. | 
| protected boolean | allowValidHelper variable to catch configuration errors. | 
| protected String | allowValueThe current allow configuration value that may or may not compile into a
 valid  Pattern. | 
| protected Pattern | denyThe regular expression used to test for denied requests. | 
| protected int | denyStatusThe HTTP response status code that is used when rejecting denied
 request. | 
| protected boolean | denyValidHelper variable to catch configuration errors. | 
| protected String | denyValueThe current deny configuration value that may or may not compile into a
 valid  Pattern. | 
asyncSupported, container, containerLog, next, smmserverAFTER_DESTROY_EVENT, AFTER_INIT_EVENT, AFTER_START_EVENT, AFTER_STOP_EVENT, BEFORE_DESTROY_EVENT, BEFORE_INIT_EVENT, BEFORE_START_EVENT, BEFORE_STOP_EVENT, CONFIGURE_START_EVENT, CONFIGURE_STOP_EVENT, PERIODIC_EVENT, START_EVENT, STOP_EVENT| Constructor and Description | 
|---|
| RequestFilterValve() | 
| Modifier and Type | Method and Description | 
|---|---|
| protected void | denyRequest(Request request,
           Response response)Reject the request that was denied by this valve. | 
| boolean | getAddConnectorPort()Get the flag deciding whether we add the server connector port to the
 property compared in the filtering method. | 
| String | getAllow()Return the regular expression used to test for allowed requests for this
 Valve, if any; otherwise, return  null. | 
| String | getDeny()Return the regular expression used to test for denied requests for this
 Valve, if any; otherwise, return  null. | 
| int | getDenyStatus()Return response status code that is used to reject denied request. | 
| String | getInfo()Return descriptive information about this Valve implementation. | 
| boolean | getInvalidAuthenticationWhenDeny()Return true if a deny is handled by setting an invalid auth header. | 
| protected abstract Log | getLog() | 
| protected void | initInternal()Sub-classes wishing to perform additional initialization should override
 this method, ensuring that super.initInternal() is the first call in the
 overriding method. | 
| abstract void | invoke(Request request,
      Response response)Extract the desired request property, and pass it (along with the
 specified request and response objects) to the protected
  process()method to perform the actual filtering. | 
| boolean | isAllowed(String property)Perform the test implemented by this Valve, matching against the
 specified request property value. | 
| boolean | isAllowValid()Returns  falseif the last change to theallowpattern did
 not apply successfully. | 
| boolean | isDenyValid()Returns  falseif the last change to thedenypattern did
 not apply successfully. | 
| protected void | process(String property,
       Request request,
       Response response)Perform the filtering that has been configured for this Valve, matching
 against the specified request property. | 
| void | setAddConnectorPort(boolean addConnectorPort)Set the flag deciding whether we add the server connector port to the
 property compared in the filtering method. | 
| void | setAllow(String allow)Set the regular expression used to test for allowed requests for this
 Valve, if any. | 
| void | setDeny(String deny)Set the regular expression used to test for denied requests for this
 Valve, if any. | 
| void | setDenyStatus(int denyStatus)Set response status code that is used to reject denied request. | 
| void | setInvalidAuthenticationWhenDeny(boolean value)Set invalidAuthenticationWhenDeny property. | 
| protected void | startInternal()Start this component and implement the requirements
 of  LifecycleBase.startInternal(). | 
backgroundProcess, event, getContainer, getDomainInternal, getNext, getObjectNameKeyProperties, isAsyncSupported, setAsyncSupported, setContainer, setNext, stopInternal, toStringdestroyInternal, getDomain, getObjectName, postDeregister, postRegister, preDeregister, preRegister, register, setDomain, unregisteraddLifecycleListener, destroy, findLifecycleListeners, fireLifecycleEvent, getState, getStateName, getThrowOnFailure, init, removeLifecycleListener, setState, setState, setThrowOnFailure, start, stopprotected volatile Pattern allow
protected volatile String allowValue
Pattern.protected volatile boolean allowValid
true by default, but becomes false
 if there was an attempt to assign an invalid value to the
 allow pattern.protected volatile Pattern deny
protected volatile String denyValue
Pattern.protected volatile boolean denyValid
true by default, but becomes false
 if there was an attempt to assign an invalid value to the
 deny pattern.protected int denyStatus
public String getAllow()
null.public void setAllow(String allow)
allow - The new allow expressionpublic String getDeny()
null.public void setDeny(String deny)
deny - The new deny expressionpublic final boolean isAllowValid()
false if the last change to the allow pattern did
 not apply successfully. E.g. if the pattern is syntactically
 invalid.public final boolean isDenyValid()
false if the last change to the deny pattern did
 not apply successfully. E.g. if the pattern is syntactically
 invalid.public int getDenyStatus()
public void setDenyStatus(int denyStatus)
public String getInfo()
public boolean getInvalidAuthenticationWhenDeny()
public void setInvalidAuthenticationWhenDeny(boolean value)
public boolean getAddConnectorPort()
true to add the connector portpublic void setAddConnectorPort(boolean addConnectorPort)
addConnectorPort - The new flagpublic abstract void invoke(Request request, Response response) throws IOException, ServletException
process() method to perform the actual filtering.
 This method must be implemented by a concrete subclass.invoke in interface Valveinvoke in class ValveBaserequest - The servlet request to be processedresponse - The servlet response to be createdIOException - if an input/output error occursServletException - if a servlet error occursprotected void initInternal()
                     throws LifecycleException
LifecycleMBeanBaseinitInternal in class ValveBaseLifecycleException - If the initialisation failsprotected void startInternal()
                      throws LifecycleException
ValveBaseLifecycleBase.startInternal().startInternal in class ValveBaseLifecycleException - if this component detects a fatal error
  that prevents this component from being usedprotected void process(String property, Request request, Response response) throws IOException, ServletException
property - The request property on which to filterrequest - The servlet request to be processedresponse - The servlet response to be processedIOException - if an input/output error occursServletException - if a servlet error occursprotected abstract Log getLog()
protected void denyRequest(Request request, Response response) throws IOException, ServletException
If invalidAuthenticationWhenDeny is true
 and the context has preemptiveAuthentication
 set, set an invalid authorization header to trigger basic auth.
request - The servlet request to be processedresponse - The servlet response to be processedIOException - if an input/output error occursServletException - if a servlet error occurspublic boolean isAllowed(String property)
property - The request property value on which to filterCopyright © 2000-2020 Apache Software Foundation. All Rights Reserved.