Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Java in General and the fly likes Ideas to block the xml when it is posted to a certain URL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Ideas to block the xml when it is posted to a certain URL" Watch "Ideas to block the xml when it is posted to a certain URL" New topic
Author

Ideas to block the xml when it is posted to a certain URL

muruga dhanapal
Greenhorn

Joined: Jun 02, 2010
Posts: 24
Hi All,
We are using Virtual machine to connect our dev servers. By connecting to the VDI, we are working inside a secure firewall. In Development we have a property file where we specify the URLs to post XMLs to development server for unit testing. By using an bat file we post XMLs to a particular environment. Interestingly through the above approach we can process XML even to production by specifying the necessary URL, Currently I got a requirement to block posting an XML through the above said approach. I need your idea to block the xml when it is posted to a certain URL even if the same url comes inside the firewall. Is there any possibility to handle in the java code for blocing a specific URL.
Emanuel Kadziela
Ranch Hand

Joined: Mar 24, 2005
Posts: 186
Do you mean block a URL, or block a request? To block a URL just don't list it in your bat file .

I think what you want is to block requests. In the production server you do not want to accept or process requests coming in from your dev environment. You can do that in your app server or servlets by blocking ip addresses. Alternately, you can require a parameter in your request which indicates where the request is coming from. For the outside world, this would always be set to something like "production", but in your dev requests, it would be set to "dev".
muruga dhanapal
Greenhorn

Joined: Jun 02, 2010
Posts: 24
We have a simple servlet through which we post our xml to do unit testing in dev server. similarly in the config file instead of dev sever url say for eg: http://DevServer:11080/Submissoninterface if am replacing it with production server and the corresponding port number I can post an xml directly to the production server. Ideally the production server should process only the xmls which comes in from the valid user system. Any xmls which are processed from outside should be blocked.

Could you please elaborate how to block ip addresses in servlets or app server ?
Emanuel Kadziela
Ranch Hand

Joined: Mar 24, 2005
Posts: 186
Yes, so you don't want to block URLs, you want to block requests in production.

You have to make your servlet aware of whether it is being ran in production or in dev, qa, etc. You can do this via a property (properties file, system property, etc.). In production, the property gets set to "production" and in dev to "dev", etc. Once your servlet is aware of its environment, you call request.getRemoteAddr() to get the ip address. You need a list of addresses or blocks for which you do not want to process requests in production (you can also inject this as some property). If the environment is "production" and the request comes from one of the ip addresses in the blacklist you don't process it. Voila!
Jayesh A Lalwani
Bartender

Joined: Jan 17, 2008
Posts: 2274
    
  28

You don;t have a load balancer?. Generally you can block certain URL patterns at the load balancer. Not need to write java code
Emanuel Kadziela
Ranch Hand

Joined: Mar 24, 2005
Posts: 186
The load balancer solution will not work. According to the first description, their dev machines have direct access to the production servers - they are able to post requests from the dev machines to the production servers. This means they can bypass the load balancer and post directly to any of the production servers. I don't see how they can avoid making the servers or the servlets themselves capable of blocking unwanted requests. I suppose if you want to avoid writing code, this blocking can also be done at the app server level, where they can specify a list of blocked IPs, but it depends on the server vendor and what kind of support for this capability it provides.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Ideas to block the xml when it is posted to a certain URL
 
Similar Threads
Architectural consideration.
Convert multiple xmls to pdf using xsl-fo
HttpClient and sendRedirect
Connecting Sockets thru Proxy
Steps of deployment of EJB on Weblogic 8.1?