有没有办法通过在 WildFly 中配置来限制访问?
问题描述:
有没有办法通过在 WildFly 中进行配置来限制访问.我想知道我们是否可以添加一个只能访问服务器的IP列表?有没有办法在服务器级别将 IP 列入黑名单?
Is there any way to restrict access by configuring in WildFly. I would like to know whether we can add a list of IPs that can only access the server? Is there any way to blacklist IPs in server level?
我正在检查这样的功能:http://boseca.blogspot.in/2010/12/programmatically-addremove-ip-security.html
I am checking a feature like this: http://boseca.blogspot.in/2010/12/programmatically-addremove-ip-security.html
答
您也可以通过添加 filter-ref 和表达式过滤器来实现 JBOSS 级别的 IP 过滤器,如下所示
You can also implement the IP filter on JBOSS level by adding a filter-ref and expression filter as shown below
<subsystem xmlns="urn:jboss:domain:undertow:3.0" statistics-enabled="true" instance-id="instanceid">
<buffer-cache name="default"/>
<server name="default-server">
<ajp-listener name="ajp" max-connections="1200" write-timeout="600000" read-timeout="30000" allow-equals-in-cookie-value="true" record-request-start-time="true" socket-binding="ajp"/>
<http-listener name="default" allow-equals-in-cookie-value="true" socket-binding="http"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<access-log suffix=".log" prefix="access" pattern="%a %h %{i,sm_user} %u %t %r %s %b %T"/>
<filter-ref name="limit-connections"/>
<filter-ref name="ipaccess"/>
<single-sign-on/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<request-limit name="limit-connections" queue-size="100" max-concurrent-requests="1200"/>
<expression-filter module="io.undertow.core" name="ipaccess" expression="ip-access-control[default-allow=false, acl={'10.0.0.1 deny', '10.0.0.0/24 allow'}]"/>
</filters>
</subsystem>