diff options
Diffstat (limited to 'spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java')
| -rw-r--r-- | spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java new file mode 100644 index 000000000..dafb89f16 --- /dev/null +++ b/spss/server/serverlib/src/main/java/at/gv/egovernment/moa/spss/util/ExternalURIVerifier.java @@ -0,0 +1,75 @@ +package at.gv.egovernment.moa.spss.util;
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.logging.LogMsg;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+
+public class ExternalURIVerifier {
+
+ public static void verify(String host, int port) throws MOAApplicationException {
+
+
+ if (host == null)
+ return;
+ if (host.equalsIgnoreCase(""))
+ return;
+
+ try {
+ ConfigurationProvider config = ConfigurationProvider.getInstance();
+
+ boolean allowExternalUris = config.getAllowExternalUris();
+ List blacklist = config.getBlackListedUris();
+
+ InetAddress hostInetAddress = InetAddress.getByName(host);
+ String ip = hostInetAddress.getHostAddress();
+
+
+ if (allowExternalUris) {
+ Iterator it = blacklist.iterator();
+ while (it.hasNext()) {
+ String[] array = (String[])it.next();
+ String bhost = array[0];
+ String bport = array[1];
+ if (bport == null || port == -1) {
+ // check only host
+ if (ip.startsWith(bhost)) {
+ Logger.debug(new LogMsg("Blacklist check: " + host + " (" + ip + ") blacklisted"));
+ throw new MOAApplicationException("4002", new Object[]{host + "(" + ip + ")"});
+ }
+ }
+ else {
+ // check host and port
+ int iport = new Integer(bport).intValue();
+ if (ip.startsWith(bhost) && (iport == port)) {
+ Logger.debug(new LogMsg("Blacklist check: " + host + ":" + port + " (" + ip + ":" + port + " blacklisted"));
+ throw new MOAApplicationException("4002", new Object[]{host + ":" + port + " (" + ip + ":" + port + ")"});
+ }
+
+ }
+ }
+ }
+ else {
+ Logger.debug(new LogMsg("No external URIs allowed (" + host + ")"));
+ throw new MOAApplicationException("4001", new Object[]{host});
+ }
+
+ Logger.debug(new LogMsg("URI allowed: " + ip + ":" + port));
+
+ } catch (ConfigurationException e) {
+ throw new MOAApplicationException("config.10", null);
+ } catch (UnknownHostException e) {
+ throw new MOAApplicationException("4003", new Object[]{host});
+ }
+
+
+
+ }
+
+}
|