在Web开发中,IP白名单是保证系统安全的一种重要机制。通过限制访问的IP地址范围,我们可以有效防止未经授权的访问。本文将详细讲解如何在Spring Boot中自定义过滤器实现IP白名单功能。
项目环境
Spring Boot 版本:3.3
前端技术:Thymeleaf 模板引擎 + jQuery + Bootstrap
包名:com.icoderoad
项目配置
pom.xml 配置
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf-spring5</artifactId>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>bootstrap</artifactId>
<version>5.2.3</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>jquery</artifactId>
<version>3.6.4</version>
</dependency>
</dependencies>application.yaml 配置
ip-whitelist:
allowed-ips:
- 127.0.0.1
- 192.168.1.100自定义过滤器实现
读取配置类
使用 @ConfigurationProperties 注解读取配置。
package com.icoderoad.config;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
import java.util.List;
@Data
@Component
@ConfigurationProperties(prefix = "ip-whitelist")
public class IpWhitelistConfig {
private List<String> allowedIps;
}自定义过滤器
创建一个过滤器类,用于拦截请求并校验IP地址。
package com.icoderoad.filter;
import com.icoderoad.config.IpWhitelistConfig;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
import java.io.IOException;
@Component
public class IpWhitelistFilter implements Filter {
private final IpWhitelistConfig ipWhitelistConfig;
public IpWhitelistFilter(IpWhitelistConfig ipWhitelistConfig) {
this.ipWhitelistConfig = ipWhitelistConfig;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String clientIp = httpRequest.getRemoteAddr();
if (ipWhitelistConfig.getAllowedIps().contains(clientIp)) {
chain.doFilter(request, response);
} else {
response.getWriter().write("Access Denied");
}
}
}注册过滤器
通过配置类注册过滤器。
package com.icoderoad.config;
import com.icoderoad.filter.IpWhitelistFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class FilterConfig {
@Bean
public FilterRegistrationBean<IpWhitelistFilter> ipWhitelistFilterRegistration(IpWhitelistFilter filter) {
FilterRegistrationBean<IpWhitelistFilter> registrationBean = new FilterRegistrationBean<>();
registrationBean.setFilter(filter);
registrationBean.addUrlPatterns("/*");
return registrationBean;
}
}前端页面实现
HTML 页面
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>IP 白名单演示</title>
<link rel="stylesheet" href="http://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css">
<script src="http://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js"></script>
<script src="http://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js"></script>
</head>
<body>
<div class="container mt-5">
<h1>IP 白名单功能演示</h1>
<p>如果您看到此页面,说明您的 IP 地址已被允许访问。</p>
</div>
</body>
</html>总结
本文展示了如何在 Spring Boot 中自定义过滤器实现 IP 白名单功能。从配置读取到过滤器实现,再到前端页面的结合,完整覆盖了开发流程。通过这种方式,可以轻松实现对系统访问的安全管控。
