import java.io.*;
import java.net.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class ExportRestriction extends HttpServlet {

  public void doGet(HttpServletRequest req, HttpServletResponse res)
                               throws ServletException, IOException {
    res.setContentType("text/html");
    PrintWriter out = res.getWriter();

    // ...Some introductory HTML...

    // Get the client's hostname
    String remoteHost = req.getRemoteHost();

    // See if the client is allowed
    if (! isHostAllowed(remoteHost)) {
      out.println("Access <BLINK>denied</BLINK>");  // filter out the blink!
    }
    else {
      out.println("Access granted");
      // Display download links, etc...
    }
  }

  // We assume hosts ending with .com, .edu, .net, .org,
  // .gov, .mil, .us, and .ca are legal even though this is an 
  // over-simplification now that .com, .net, and .org have 
  // become global top-level domains.  We also assume
  // clients without a domain name are local and that
  // local is allowed.  (After all, if local isn't allowed
  // you would have to be outside the U.S. and Canada -- so
  // why would you be using this servlet?)
  private boolean isHostAllowed(String host) {
    return (host.endsWith(".com") ||
            host.endsWith(".edu") ||
            host.endsWith(".net") ||
            host.endsWith(".org") ||
            host.endsWith(".gov") ||
            host.endsWith(".mil") ||
            host.endsWith(".us") ||
            host.endsWith(".ca") ||
            (host.indexOf('.') == -1));  // no domain, assume OK
  }
}