[jboss-dev-forums] [JBoss Web Development] - Add a global valve in AS7 (7.2.x)
Jean-Frederic Clere
do-not-reply at jboss.com
Mon Nov 26 10:45:59 EST 2012
Jean-Frederic Clere [https://community.jboss.org/people/jfclere] modified the document:
"Add a global valve in AS7 (7.2.x)"
To view the document, visit: https://community.jboss.org/docs/DOC-47954
--------------------------------------------------------------
The global valve feature has been added by pull request #3326.
To use it you need to put the valve class(es) in a jar and the jar in a module, tell do that with an example:
Let's use the Tomcat RemoteAddrValve.
In tomcat you would have something like in server.xml
<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="127.*"/>
In AS7 in standalone.xml in the web subsystem:
|
| <valve name="myvalve" module="mymodule" class-name="org.apache.catalina.valves.RemoteAddrValve"> |
|
| <param param-name="deny" param-value="127.*"/> |
|
| </valve> |
Or via the jboss-cli:
./valve=myvalve:add(class-name=org.apache.catalina.valves.RemoteAddrValve,module=mymodule,enabled=false)
./valve=myvalve:add-param(param-name=deny,param-value=127.*)
./valve=myvalve:write-attribute(name=enabled, value=true)
/:reload
The class needs to be in a jar.
Compile the RemoteAddrValve.java from the jbossweb sources or extract it from jbossweb.jar.
then create the jar:
jar cvf myjar.jar org/apache/catalina/valves/RemoteAddrValve.class
then create the module:
mkdir modules/mymodule
mkdir modules/mymodule/main
mv myjar.jar modules/mymodule/main
add create the modules/mymodule/main/module.xml with the content:
<module xmlns="urn:jboss:module:1.1" name="mymodule">
<properties>
<property name="jboss.api" value="private"/>
</properties>
<resources>
<resource-root path="myjar.jar"/>
</resources>
<dependencies>
<module name="sun.jdk"/>
<module name="javax.servlet.api"/>
<module name="org.jboss.as.web"/>
</dependencies>
</module>
To test the valve start AS7 on 0.0.0.0 (bin/standalone.sh -b 0.0.0.0) and use curl:
curl -v http://localhost:8080/ http://localhost:8080/
* About to connect() to localhost port 8080 (#0)
* Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.24.0 (i686-redhat-linux-gnu) libcurl/7.24.0 NSS/3.13.5.0 zlib/1.2.5 libidn/1.24 libssh2/1.4.1
> Host: localhost:8080
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Server: Apache-Coyote/1.1
< Transfer-Encoding: chunked
< Date: Mon, 26 Nov 2012 10:57:17 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0
using curl and the hostname should give the normal AS7 page, if not try from a another box:
[jfclere at neo6 ~]$ curl -v http://jfcpc:8080/ http://jfcpc:8080/
* About to connect() to jfcpc port 8080 (#0)
* Trying 10.33.144.3... connected
* Connected to jfcpc (10.33.144.3) port 8080 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.12.6.2 zlib/1.2.3 libidn/1.9 libssh2/1.2.4
> Host: jfcpc:8080
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: Apache-Coyote/1.1
< Accept-Ranges: bytes
< ETag: W/"2432-1353665779000"
--------------------------------------------------------------
Comment by going to Community
[https://community.jboss.org/docs/DOC-47954]
Create a new document in JBoss Web Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=102&containerType=14&container=2112]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20121126/6afab6fc/attachment.html
More information about the jboss-dev-forums
mailing list