Access restrictions¶
IP-based access restrictions¶
This section explains where and how IP-based access restrictions are applied in the code.
Before a request is processed further, the system checks whether it is allowed or forbidden:
ProxyRule.java
for (Restriction restriction : restrictions) {
if (restriction.denies(request)) {
logger.trace("Request denied. Access forbidden for: {}. ", request.getClientIp());
return new HandleAction(HttpStatus.SC_FORBIDDEN);
}
}
If the address resembles a permitted or forbidden one, the access is regulated accordingly:
ClientIpRestriction.java
@Override
public boolean denies(HttpRequestMessage request) {
InetSocketAddress socketAddress = ... ;
for (IpFilterRule rule : ipFilterRuleList) {
if (rule.matches(socketAddress)) {
return rule.ruleType() == IpFilterRuleType.DENY;
}
}
return false;
}