Package org.apache.catalina.filters
Class RequestFilter
- java.lang.Object
- 
- org.apache.catalina.filters.FilterBase
- 
- org.apache.catalina.filters.RequestFilter
 
 
- 
- All Implemented Interfaces:
- Filter
 - Direct Known Subclasses:
- RemoteAddrFilter,- RemoteHostFilter
 
 public abstract class RequestFilter extends FilterBase Implementation of a Filter that performs filtering based on comparing the appropriate request property (selected based on which subclass you choose to configure into your Container's pipeline) against the regular expressions configured for this Filter.This filter is configured by setting the allowand/ordenyproperties to a regular expressions (in the syntax supported byPattern) to which the appropriate request property will be compared. Evaluation proceeds as follows:- The subclass extracts the request property to be filtered, and calls the common process()method.
- If there is a deny expression configured, the property will be compared to the expression. If a match is found, this request will be rejected with a "Forbidden" HTTP response.
- If there is a allow expression configured, the property will be compared to the expression. If a match is found, this request will be allowed to pass through to the next filter in the current pipeline.
- If a deny expression was specified but no allow expression, allow this request to pass through (because none of the deny expressions matched it).
- The request will be rejected with a "Forbidden" HTTP response.
 
- 
- 
Field SummaryFields Modifier and Type Field Description protected java.util.regex.PatternallowThe regular expression used to test for allowed requests.protected java.util.regex.PatterndenyThe regular expression used to test for denied requests.protected intdenyStatusThe HTTP response status code that is used when rejecting denied request.- 
Fields inherited from class org.apache.catalina.filters.FilterBasesm
 
- 
 - 
Constructor SummaryConstructors Constructor Description RequestFilter()
 - 
Method SummaryAll Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract voiddoFilter(ServletRequest request, ServletResponse response, FilterChain chain)Extract the desired request property, and pass it (along with the specified request and response objects) to the protectedprocess()method to perform the actual filtering.java.lang.StringgetAllow()java.lang.StringgetDeny()intgetDenyStatus()protected booleanisConfigProblemFatal()Determines if an exception when calling a setter or an unknown configuration attribute triggers the failure of the this filter which in turn will prevent the web application from starting.protected voidprocess(java.lang.String property, ServletRequest request, ServletResponse response, FilterChain chain)Perform the filtering that has been configured for this Filter, matching against the specified request property.voidsetAllow(java.lang.String allow)Set the regular expression used to test for allowed requests for this Filter, if any.voidsetDeny(java.lang.String deny)Set the regular expression used to test for denied requests for this Filter, if any.voidsetDenyStatus(int denyStatus)Set response status code that is used to reject denied request.- 
Methods inherited from class org.apache.catalina.filters.FilterBasegetLogger, init
 
- 
 
- 
- 
- 
Field Detail- 
allowprotected java.util.regex.Pattern allow The regular expression used to test for allowed requests.
 - 
denyprotected java.util.regex.Pattern deny The regular expression used to test for denied requests.
 - 
denyStatusprotected int denyStatus The HTTP response status code that is used when rejecting denied request. It is 403 by default, but may be changed to be 404.
 
- 
 - 
Method Detail- 
getAllowpublic java.lang.String getAllow() - Returns:
- the regular expression used to test for allowed requests for this Filter, if any; otherwise, return
             null.
 
 - 
setAllowpublic void setAllow(java.lang.String allow) Set the regular expression used to test for allowed requests for this Filter, if any.- Parameters:
- allow- The new allow expression
 
 - 
getDenypublic java.lang.String getDeny() - Returns:
- the regular expression used to test for denied requests for this Filter, if any; otherwise, return
             null.
 
 - 
setDenypublic void setDeny(java.lang.String deny) Set the regular expression used to test for denied requests for this Filter, if any.- Parameters:
- deny- The new deny expression
 
 - 
getDenyStatuspublic int getDenyStatus() - Returns:
- response status code that is used to reject denied request.
 
 - 
setDenyStatuspublic void setDenyStatus(int denyStatus) Set response status code that is used to reject denied request.- Parameters:
- denyStatus- The status code for deny
 
 - 
doFilterpublic abstract void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletException Extract the desired request property, and pass it (along with the specified request and response objects) to the protectedprocess()method to perform the actual filtering. This method must be implemented by a concrete subclass.- Parameters:
- request- The servlet request to be processed
- response- The servlet response to be created
- chain- The filter chain
- Throws:
- java.io.IOException- if an input/output error occurs
- ServletException- if a servlet error occurs
 
 - 
isConfigProblemFatalprotected boolean isConfigProblemFatal() Description copied from class:FilterBaseDetermines if an exception when calling a setter or an unknown configuration attribute triggers the failure of the this filter which in turn will prevent the web application from starting.- Overrides:
- isConfigProblemFatalin class- FilterBase
- Returns:
- trueif a problem should trigger the failure of this filter, else- false
 
 - 
processprotected void process(java.lang.String property, ServletRequest request, ServletResponse response, FilterChain chain) throws java.io.IOException, ServletExceptionPerform the filtering that has been configured for this Filter, matching against the specified request property.- Parameters:
- property- The request property on which to filter
- request- The servlet request to be processed
- response- The servlet response to be processed
- chain- The filter chain
- Throws:
- java.io.IOException- if an input/output error occurs
- ServletException- if a servlet error occurs
 
 
- 
 
-