Add a whitelist to the dubbo interface - the use of dubbo Filter

In development, sometimes it is necessary to restrict access permissions, and whitelisting is one way. For Java web applications, Spring's interceptor can intercept calls to the web interface; for dubbo interfaces, Spring's interceptor does not work.
Dubbo provides the Filter extension, which can be implemented by customizing the Filter. This article uses an example to demonstrate how to implement the IP whitelist of the dubbo interface.
Extend Filter
to implement the com.alibaba.dubbo.rpc.Filter interface:

public class AuthorityFilter implements Filter {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthorityFilter.class);

    private IpWhiteList ipWhiteList;

    //dubbo is automatically injected through the setter method
    public void setIpWhiteList(IpWhiteList ipWhiteList) {
        this.ipWhiteList = ipWhiteList;
    }

    @Override
    public Result invoke(Invoker<?> invoker, Invocation invocation) throws RpcException {
        if (!ipWhiteList.isEnabled()) {
            LOGGER.debug("Whitelist disabled");
            return invoker.invoke(invocation);
        }

        String clientIp = RpcContext.getContext().getRemoteHost();
        LOGGER.debug("Access ip is {}", clientIp);
        List<String> allowedIps = ipWhiteList.getAllowedIps();
        if (allowedIps.contains(clientIp)) {
            return invoker.invoke(invocation);
        } else {
            return new RpcResult();
        }
    }
}

Note: You can only inject other beans through the setter method, and do not mark the annotation!
dubbo will inject these beans by itself, you don't need to mark @Resource to let Spring inject, see extension point loading
configuration file
Reference: Call interception extension Add the plain text file META-INF/dubbo/com.alibaba.dubbo
in the resources directory. rpc.Filter, the content is as follows:

xxxFilter=com.xxx.AuthorityFilter  

Modify the provider configuration file of dubbo, and add the configured filter in dubbo:provider, as follows:

<dubbo:provider filter="xxxFilter" />  

In this way, the IP whitelist function of the dubbo interface can be implemented.



filter example:

/**
 *
 */
public class BizExctionFilter implements Filter {
	private static Logger logger = LoggerFactory.getLogger(BizExctionFilter.class);

	@Override
	public Result invoke(Invoker<?> arg0, Invocation arg1) throws RpcException {
		Result result = arg0.invoke(arg1);
		if (result.hasException()) {
			Throwable exception = result.getException();
			if (exception instanceof BaseDubboException) {
				StringBuilder error = new StringBuilder(arg0.getInterface().getName()).append(" ********* 业务异常(").append(arg1.getMethodName()).append(") ********* ");
				error.append(" REQ_ID:").append(ReqIdUtil.getReqId());
				error.append(",error_code=").append(((BaseDubboException) exception).getCode());
				error.append(",error_msg=").append(exception.getMessage());
				logger.error(error.toString());
			}
		}

		return result;
	}

}