有些項目的接口是需要權限訪問，比如限制IP、做權限控制，等等方案，本文是限制ip權限設置訪問策略。

先看測試效果：

測試：

注意訪問需要輸入：http://127.0.0.1:8981/

在配置文件加上本地的ip 10.9.160.135

去掉本地ip 10.9.160.135 提示非法字符

看一下項目結構，新建一個創建IPLimitInterceptor類，在springmvc配置文件配置、新建一個ip校驗工具類 IPWhiteListUtil、ip配置文件: ipwhite.properties。
再看代碼實現

創建IPLimitInterceptor類
PLimitInterceptor繼承HandlerInterceptorAdapter父類

import java.net.InetAddress;import java.util.Properties;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.springframework.core.io.support.PropertiesLoaderUtils;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;public class IPLimitInterceptor extends HandlerInterceptorAdapter {@Overridepublic boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {undefinedString ip = getIpAddress(request);//讀取ip白名單配置文件ipwhite.propertiesProperties properties = PropertiesLoaderUtils.loadAllProperties("ipwhite.properties");String ipWhilte = properties.getProperty("ipWhilte");System.out.println(ipWhilte);//判斷請求ip地址 是否在白名單呢if(IPWhiteListUtil.checkLoginIP(ip,ipWhilte)) {undefinedreturn super.preHandle(request, response, handler);}throw new Exception("IP非法訪問!");}//獲取配置請求的ip地址private String getIpAddress(HttpServletRequest request) {undefinedString ip = request.getHeader("x-forwarded-for");if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {undefinedip = request.getHeader("Proxy-Client-IP");}if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {undefinedip = request.getHeader("WL-Proxy-Client-IP");}if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {undefinedip = request.getHeader("HTTP_CLIENT_IP");}if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {undefinedip = request.getHeader("HTTP_X_FORWARDED_FOR");}if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {undefinedip = request.getRemoteAddr();System.out.println("訪問ip="+ip);if(ip.equals("127.0.0.1")){ //根據網卡取本機配置的IP InetAddress inet=null; try { inet = InetAddress.getLocalHost(); } catch (Exception e) { e.printStackTrace(); } ip= inet.getHostAddress(); } }//對于通過多個代理的情況，第一個IP為客戶端真實IP,多個IP按照','分割 if(ip!=null && ip.length()>15){ //"***.***.***.***".length() = 15 if(ip.indexOf(",")>0){ ip = ip.substring(0,ip.indexOf(",")); } } System.out.println("訪問ip========="+ip);return ip;}}

在springmvc配置文件配置：

<mvc:interceptors><!-- IP鑒權攔截器 --><mvc:interceptor><mvc:mapping path="/**"/><bean class="com.*.*.ipwhite.IPLimitInterceptor"></bean></mvc:interceptor></mvc:interceptors>

再新建一個ip校驗類 IPWhiteListUtil

/*** IP校驗類的方法*/ import java.util.ArrayList;import java.util.HashSet;import java.util.List;import java.util.Set;import java.util.regex.Pattern;public class IPWhiteListUtil {// IP的正則private static Pattern pattern = Pattern.compile("(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\."+ "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\."+ "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\."+ "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})");/**** getAvaliIpList:(根據IP白名單設置獲取可用的IP列表).* @return*/private static Set getAvaliIpList(String allowIp) {Set<String> ipList = new HashSet();for (String allow : allowIp.replaceAll("\\s", "").split(";")) {if (allow.indexOf("*") > -1) {String[] ips = allow.split("\\.");String[] from = new String[] { "0", "0", "0", "0" };String[] end = new String[] { "255", "255", "255", "255" };List<String> tem = new ArrayList();for (int i = 0; i < ips.length; i++)if (ips[i].indexOf("*") > -1) {tem = complete(ips[i]);from[i] = null;end[i] = null;} else {from[i] = ips[i];end[i] = ips[i];}StringBuffer fromIP = new StringBuffer();StringBuffer endIP = new StringBuffer();for (int i = 0; i < 4; i++){if (from[i] != null) {fromIP.append(from[i]).append(".");endIP.append(end[i]).append(".");} else {fromIP.append("[*].");endIP.append("[*].");}}fromIP.deleteCharAt(fromIP.length() - 1);endIP.deleteCharAt(endIP.length() - 1);for (String s : tem) {String ip = fromIP.toString().replace("[*]",s.split(";")[0])+ "-"+ endIP.toString().replace("[*]", s.split(";")[1]);if (validate(ip)) {ipList.add(ip);}}} else {if (validate(allow)) {ipList.add(allow);}}}return ipList;}private static Set getAvaliIpList(Set<String> ipSet) {Set<String> ipList = new HashSet();for (String allow : ipSet) {if (allow.indexOf("*") > -1) {String[] ips = allow.split("\\.");String[] from = new String[] { "0", "0", "0", "0" };String[] end = new String[] { "255", "255", "255", "255" };List<String> tem = new ArrayList();for (int i = 0; i < ips.length; i++)if (ips[i].indexOf("*") > -1) {tem = complete(ips[i]);from[i] = null;end[i] = null;} else {from[i] = ips[i];end[i] = ips[i];}StringBuffer fromIP = new StringBuffer();StringBuffer endIP = new StringBuffer();for (int i = 0; i < 4; i++) {if (from[i] != null) {fromIP.append(from[i]).append(".");endIP.append(end[i]).append(".");} else {fromIP.append("[*].");endIP.append("[*].");}}fromIP.deleteCharAt(fromIP.length() - 1);endIP.deleteCharAt(endIP.length() - 1);for (String s : tem) {String ip = fromIP.toString().replace("[*]",s.split(";")[0])+ "-"+ endIP.toString().replace("[*]", s.split(";")[1]);if (validate(ip)) {ipList.add(ip);}}} else {if (validate(allow)) {ipList.add(allow);}}}return ipList;}/*** 對單個IP節點進行范圍限定** @param arg* @return 返回限定后的IP范圍，格式為List[10;19, 100;199]*/private static List complete(String arg) {List com = new ArrayList();if (arg.length() == 1) {com.add("0;255");} else if (arg.length() == 2) {String s1 = complete(arg, 1);if (s1 != null){com.add(s1);}String s2 = complete(arg, 2);if (s2 != null){com.add(s2);}} else {String s1 = complete(arg, 1);if (s1 != null){com.add(s1);}}return com;}private static String complete(String arg, int length) {String from = "";String end = "";if (length == 1) {from = arg.replace("*", "0");end = arg.replace("*", "9");} else {from = arg.replace("*", "00");end = arg.replace("*", "99");}if (Integer.valueOf(from) > 255){return null;}if (Integer.valueOf(end) > 255){end = "255";}return from + ";" + end;}/*** 在添加至白名單時進行格式校驗** @param ip* @return*/private static boolean validate(String ip) {for (String s : ip.split("-")){if (!pattern.matcher(s).matches()) {return false;}}return true;}/**** checkLoginIP:(根據IP,及可用Ip列表來判斷ip是否包含在白名單之中).* @param ip* @param ipList* @return*/private static boolean checkLoginIP(String ip, Set<String> ipList) {if (ipList.contains(ip)){return true;}else {for (String allow : ipList) {if (allow.indexOf("-") > -1) {String[] from = allow.split("-")[0].split("\\.");String[] end = allow.split("-")[1].split("\\.");String[] tag = ip.split("\\.");// 對IP從左到右進行逐段匹配boolean check = true;for (int i = 0; i < 4; i++) {int s = Integer.valueOf(from[i]);int t = Integer.valueOf(tag[i]);int e = Integer.valueOf(end[i]);if (!(s <= t && t <= e)) {check = false;break;}}if (check) {return true;}}}}return false;}/**** checkLoginIP:(根據IP地址，及IP白名單設置規則判斷IP是否包含在白名單).* @param ip* @param ipWhiteConfig* @return*/public static boolean checkLoginIP(String ip,String ipWhiteConfig){Set ipList = getAvaliIpList(ipWhiteConfig);return checkLoginIP(ip, ipList);}/**** ip在ipList中，則返回true* @param ip* @param ipList* @return*/public static boolean checkIpList(String ip,List<String> ipList){Set<String> ipSet = new HashSet();for(String ipStr : ipList){if(!ipStr.trim().startsWith("#")){ipSet.add(ipStr.trim());}}ipSet = getAvaliIpList(ipSet);return checkLoginIP(ip, ipSet);}// 測試public static void main(String[] args) {String ipWhilte = "192.168.1.1;" + //設置單個IP的白名單"192.168.2.*;" + //設置ip通配符,對一個ip段進行匹配"192.168.3.17-192.168.3.38"; //設置一個IP范圍System.out.println(ipWhilte);boolean flag = checkLoginIP("192.168.2.2",ipWhilte);boolean flag2 = checkLoginIP("192.168.1.2",ipWhilte);boolean flag3 = checkLoginIP("192.168.3.16",ipWhilte);boolean flag4 = checkLoginIP("192.168.3.17",ipWhilte);System.out.println(flag); //trueSystem.out.println(flag2); //falseSystem.out.println(flag3); //falseSystem.out.println(flag4); //true} }

#配置白名單-可改成數據庫獲取或配置文件配置

#//設置單個IP的白名單 “192.168.1.1;”

#//設置ip通配符,對一個ip段進行匹配 “192.168.2.*;”

#//設置一個IP范圍 “192.168.12.17-192.168.12.150”

ipWhilte = 192.168.1.1;192.168.2.*;192.168.2.17-192.168.12.150;10.9.160.135;

測試：

注意訪問需要輸入：http://127.0.0.1:8981/hello

在配置文件加上本地的ip 10.9.160.135

去掉本地ip 10.9.160.135 提示非法字符

總結

以上是生活随笔為你收集整理的Java实现 对ip白名单的限制的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。