Liferay Hook - 获取用户IP登录

时间:2013-05-20 09:44:56

标签: java liferay

我有一个Liferay-Hook ovrride AuthenticateByEmailAddress(...)方法。

我想获取用户的IP地址登录并根据它限制访问权限。

如何通过此方法获取用户IP? 我使用ServiceBuilder来制作portlet 我在Tomcat工作。

5 个答案:

答案 0 :(得分:6)

这是Liferay 6.0.6中对我有用的内容。

在我的钩子中,我也更改了默认的login.jsp。这实际上是默认的login.jsp,还有两件事。首先,从请求中获取IP:

<%String ip = PortalUtil.getHttpServletRequest(renderRequest).getRemoteAddr();%>

并添加额外参数:

<portlet:actionURL secure="<%= PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS || request.isSecure() %>" var="loginURL">
            <portlet:param name="saveLastPath" value="0" />
            <portlet:param name="struts_action" value="/login/login" />
            <portlet:param name="requestIp" value="<%= ip %>" />
        </portlet:actionURL>

现在,在您的覆盖AuthenticateByEmailAddress()中,您可以从parameterMap获取它:

String ip = parameterMap.get("requestIp")[0];

答案 1 :(得分:3)

只是想一想,但如果您想基于IP进行限制,而不是在应用程序中执行此操作,则可以在部署应用程序的Web服务器中执行此操作。

例如,在Tomcat中,您可以将安全约束放在web.xml中。

restrict access by ip这也可以在JBoss中完成,它实际上取决于您使用的Web服务器,但这似乎是最简单的解决方案而不是在您的应用程序中进行过滤。

编辑:在下面的评论之后,只需在您覆盖的方法中执行PortalUtil.getHttpServletRequest(request).getRemoteAddr();,并将您的业务逻辑放在那里,看看用户是否更改了ip(将此IP与持久化的IP进行比较等)。 Liferay已经拥有一些此功能here

答案 2 :(得分:0)

我认为这些类是由Service Builder创建的。 然后你可以简单地使用:

String user = request.getRemoteUser();//take current logged in user ID
int userId = Integer.valueOf(user);//convert it into integer
User newUser = UserLocalServiceUtil.getUser(userId);//get the Liferay user using the user ID you get in the line above
userIp=newUser.getLoginIP();//after you have the current user take his LoginIP with the get method that Liferay has already

在Liferay数据库中,您有一个名为user_的表,Liferay会保留有关其用户的所有信息。使用UserLocalServiceUtil,您可以获取此信息并根据需要使用它。

我希望这很有帮助。祝您的门户好运:)

答案 3 :(得分:0)

在Liferay Portal中,我通过以下方式获得了正确的客户端IP地址。

FacesContext facesContext = FacesContext.getCurrentInstance();
PortletRequest portletRequest = (PortletRequest) facesContext.getExternalContext().getRequest();
HttpServletRequest request = PortalUtil.getHttpServletRequest(portletRequest);
HttpServletRequest originalServletRequest = PortalUtil.getOriginalServletRequest(request);
String ipAddress=originalServletRequest.getHeader("x-forwarded-for");

答案 4 :(得分:0)

由于只有一个答案有效,而且我对这个解决方案不太满意,所以我做了一些挖掘。

以下是我提出的建议:

创建一个新过滤器并在liferay中注册。在那里,您将请求存储在本地线程中,并在请求结束时将其删除。

然后您可以从过滤器中获取请求。

RequestFilter.java 

@WebFilter(urlPatterns = "/*")
public class RequestFilter implements Filter {

    private static final ThreadLocal<HttpServletRequest> REQUEST = new ThreadLocal<>();

    public static HttpServletRequest getRequest() {
        HttpServletRequest req = REQUEST.get();
        if (req == null) {
            throw new IllegalStateException("Attempt to fetch thread-local request outside of filter chain");
        }
        return req;
    }

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        REQUEST.set((HttpServletRequest)req);
        try {
            chain.doFilter(req, res);
        } finally {
            REQUEST.remove();
        }
    }

    @Override
    public void destroy() {
    }
}

MyAuthFailure.java 

public class MyAuthFailure implements AuthFailure {
    private static final Log LOG = LogFactoryUtil.getLog(MyAuthFailure.class);

    @Override
    public void onFailureByEmailAddress(long companyId, String emailAddress, 
            Map<String, String[]> headers, Map<String, String[]> params) throws AuthException {
        logFailure(companyId, emailAddress);
    }

    @Override
    public void onFailureByScreenName(long companyId, String screenName, 
            Map<String, String[]> headers, Map<String, String[]> params) throws AuthException {
        logFailure(companyId, screenName);
    }

    @Override
    public void onFailureByUserId(long companyId, long userId, 
            Map<String, String[]> headers, Map<String, String[]> params) throws AuthException {
        logFailure(companyId, userId);
    }

    protected void logFailure(String user) {
        String ip = RequestFilter.getRequest().getRemoteAddr();
        LOG.error("User " + user + " tried to login from IP " + ip);
    }
}

的liferay-hook.xml 

<?xml version="1.0"?>
<!DOCTYPE hook PUBLIC "-//Liferay//DTD Hook 6.2.0//EN" "http://www.liferay.com/dtd/liferay-hook_6_2_0.dtd">

<hook>
    <portal-properties>portal.properties</portal-properties>
    <custom-jsp-dir>/WEB-INF/jsp</custom-jsp-dir>
    <servlet-filter>
        <servlet-filter-name>requestFilter</servlet-filter-name>
        <servlet-filter-impl>com.stackoverflow.RequestFilter</servlet-filter-impl>
    </servlet-filter>
</hook>

portal.properties 

auth.failure=com.stackoverflow.MyAuthFailure
相关问题
最新问题