KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > jmx > snmp > IPAcl > SnmpAcl


1 /*
2  * @(#)file SnmpAcl.java
3  * @(#)author Sun Microsystems, Inc.
4  * @(#)version 4.32
5  * @(#)date 08/02/09
6  *
7  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
8  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
9  *
10  */
11
12
13 package com.sun.jmx.snmp.IPAcl;
14
15
16
17 // java import
18 //
19 import java.io.Serializable JavaDoc;
20 import java.io.File JavaDoc;
21 import java.io.FileInputStream JavaDoc;
22 import java.io.FileNotFoundException JavaDoc;
23 import java.net.InetAddress JavaDoc;
24 import java.net.UnknownHostException JavaDoc;
25 import java.util.Hashtable JavaDoc;
26 import java.util.Vector JavaDoc;
27 import java.util.Enumeration JavaDoc;
28 import java.util.HashSet JavaDoc;
29 import java.security.acl.AclEntry JavaDoc;
30 import java.security.acl.NotOwnerException JavaDoc;
31
32 // SNMP Runtime import
33 //
34 import com.sun.jmx.snmp.InetAddressAcl;
35 import com.sun.jmx.trace.Trace;
36
37 /**
38  * Defines an implementation of the {@link com.sun.jmx.snmp.InetAddressAcl InetAddressAcl} interface.
39  * <p>
40  * In this implementation the ACL information is stored on a flat file and
41  * its default location is "$JRE/lib/snmp.acl" - See
42  * {@link #getDefaultAclFileName()}
43  * <p>
44  * <OL>
45   *
46  * <p><b>This API is a Sun Microsystems internal API and is subject
47  * to change without notice.</b></p>
48  * @version 4.32 12/19/03
49  * @author Sun Microsystems, Inc
50  */
51
52 public class SnmpAcl implements InetAddressAcl, Serializable JavaDoc {
53   
54     static final PermissionImpl READ = new PermissionImpl("READ");
55     static final PermissionImpl WRITE = new PermissionImpl("WRITE");
56   
57     /**
58      * Constructs the Java Dynamic Management(TM) Access Control List
59      * based on IP addresses. The ACL will take the given owner name.
60      * The current IP address will be the owner of the ACL.
61      *
62      * @param Owner The name of the ACL Owner.
63      *
64      * @exception UnknownHostException If the local host is unknown.
65      * @exception IllegalArgumentException If the ACL file doesn't exist.
66      */
67     public SnmpAcl(String JavaDoc Owner)
68     throws UnknownHostException JavaDoc, IllegalArgumentException JavaDoc {
69     this(Owner,null);
70     }
71   
72     /**
73      * Constructs the Java Dynamic Management(TM) Access Control List
74      * based on IP addresses. The ACL will take the given owner name.
75      * The current IP address will be the owner of the ACL.
76      *
77      * @param Owner The name of the ACL Owner.
78      * @param aclFileName The name of the ACL File.
79      *
80      * @exception UnknownHostException If the local host is unknown.
81      * @exception IllegalArgumentException If the ACL file doesn't exist.
82      */
83     public SnmpAcl(String JavaDoc Owner, String JavaDoc aclFileName)
84     throws UnknownHostException JavaDoc, IllegalArgumentException JavaDoc {
85         trapDestList= new Hashtable JavaDoc();
86         informDestList= new Hashtable JavaDoc();
87         
88         // PrincipalImpl() take the current host as entry
89 owner = new PrincipalImpl();
90         try {
91             acl = new AclImpl(owner,Owner);
92             AclEntry JavaDoc ownEntry = new AclEntryImpl(owner);
93             ownEntry.addPermission(READ);
94             ownEntry.addPermission(WRITE);
95             acl.addEntry(owner,ownEntry);
96         } catch (NotOwnerException JavaDoc ex) {
97             if (isDebugOn()) {
98                 debug("constructor",
99               "Should never get NotOwnerException as the owner"+
100               " is built in this constructor");
101             }
102         }
103         if (aclFileName == null) setDefaultFileName();
104     else setAuthorizedListFile(aclFileName);
105         readAuthorizedListFile();
106     }
107   
108     /**
109      * Returns an enumeration of the entries in this ACL. Each element in the
110      * enumeration is of type <CODE>java.security.acl.AclEntry</CODE>.
111      *
112      * @return An enumeration of the entries in this ACL.
113      */
114     public Enumeration JavaDoc entries() {
115         return acl.entries();
116     }
117   
118     /**
119      * Returns ann enumeration of community strings. Community strings are returned as String.
120      * @return The enumeration of community strings.
121      */
122     public Enumeration JavaDoc communities() {
123     HashSet JavaDoc set = new HashSet JavaDoc();
124     Vector JavaDoc res = new Vector JavaDoc();
125     for (Enumeration JavaDoc e = acl.entries() ; e.hasMoreElements() ;) {
126         AclEntryImpl entry = (AclEntryImpl) e.nextElement();
127         for (Enumeration JavaDoc cs = entry.communities();
128          cs.hasMoreElements() ;) {
129         set.add((String JavaDoc) cs.nextElement());
130         }
131     }
132     Object JavaDoc[] objs = set.toArray();
133     for(int i = 0; i < objs.length; i++)
134         res.addElement(objs[i]);
135
136     return res.elements();
137     }
138
139     /**
140      * Returns the name of the ACL.
141      *
142      * @return The name of the ACL.
143      */
144     public String JavaDoc getName() {
145         return acl.getName();
146     }
147   
148     /**
149      * Returns the read permission instance used.
150      *
151      * @return The read permission instance.
152      */
153     static public PermissionImpl getREAD() {
154         return READ;
155     }
156   
157     /**
158      * Returns the write permission instance used.
159      *
160      * @return The write permission instance.
161      */
162     static public PermissionImpl getWRITE() {
163         return WRITE;
164     }
165   
166     /**
167      * Get the default name for the ACL file.
168      * In this implementation this is "$JRE/lib/snmp.acl"
169      * @return The default name for the ACL file.
170      **/
171     public static String JavaDoc getDefaultAclFileName() {
172     final String JavaDoc fileSeparator =
173         System.getProperty("file.separator");
174     final StringBuffer JavaDoc defaultAclName =
175         new StringBuffer JavaDoc(System.getProperty("java.home")).
176         append(fileSeparator).append("lib").append(fileSeparator).
177         append("snmp.acl");
178     return defaultAclName.toString();
179     }
180
181     /**
182      * Sets the full path of the file containing the ACL information.
183      *
184      * @param filename The full path of the file containing the ACL information.
185      * @throws IllegalArgumentException If the passed ACL file doesn't exist.
186      */
187     public void setAuthorizedListFile(String JavaDoc filename)
188     throws IllegalArgumentException JavaDoc {
189     File JavaDoc file = new File JavaDoc(filename);
190     if (!file.isFile() ) {
191         if (isDebugOn()) {
192         debug("setAuthorizedListFile",
193               "ACL file not found: " + filename);
194         }
195         throw new
196         IllegalArgumentException JavaDoc("The specified file ["+file+"] "+
197                      "doesn't exist or is not a file, "+
198                      "no configuration loaded");
199     }
200         if (isTraceOn()) {
201             trace("setAuthorizedListFile", "Default file set to " + filename);
202         }
203         authorizedListFile = filename;
204     }
205   
206     /**
207      * Resets this ACL to the values contained in the configuration file.
208      *
209      * @exception NotOwnerException If the principal attempting the reset is not an owner of this ACL.
210      * @exception UnknownHostException If IP addresses for hosts contained in the ACL file couldn't be found.
211      */
212     public void rereadTheFile() throws NotOwnerException JavaDoc, UnknownHostException JavaDoc {
213         alwaysAuthorized = false;
214         acl.removeAll(owner);
215         trapDestList.clear();
216         informDestList.clear();
217         AclEntry JavaDoc ownEntry = new AclEntryImpl(owner);
218         ownEntry.addPermission(READ);
219         ownEntry.addPermission(WRITE);
220         acl.addEntry(owner,ownEntry);
221         readAuthorizedListFile();
222     }
223   
224     /**
225      * Returns the full path of the file used to get ACL information.
226      *
227      * @return The full path of the file used to get ACL information.
228      */
229     public String JavaDoc getAuthorizedListFile() {
230         return authorizedListFile;
231     }
232   
233     /**
234      * Checks whether or not the specified host has <CODE>READ</CODE> access.
235      *
236      * @param address The host address to check.
237      *
238      * @return <CODE>true</CODE> if the host has read permission, <CODE>false</CODE> otherwise.
239      */
240     public boolean checkReadPermission(InetAddress JavaDoc address) {
241         if (alwaysAuthorized) return ( true );
242         PrincipalImpl p = new PrincipalImpl(address);
243         return acl.checkPermission(p, READ);
244     }
245   
246     /**
247      * Checks whether or not the specified host and community have <CODE>READ</CODE> access.
248      *
249      * @param address The host address to check.
250      * @param community The community associated with the host.
251      *
252      * @return <CODE>true</CODE> if the pair (host, community) has read permission, <CODE>false</CODE> otherwise.
253      */
254     public boolean checkReadPermission(InetAddress JavaDoc address, String JavaDoc community) {
255         if (alwaysAuthorized) return ( true );
256         PrincipalImpl p = new PrincipalImpl(address);
257         return acl.checkPermission(p, community, READ);
258     }
259   
260     /**
261      * Checks whether or not a community string is defined.
262      *
263      * @param community The community to check.
264      *
265      * @return <CODE>true</CODE> if the community is known, <CODE>false</CODE> otherwise.
266      */
267     public boolean checkCommunity(String JavaDoc community) {
268         return acl.checkCommunity(community);
269     }
270   
271     /**
272      * Checks whether or not the specified host has <CODE>WRITE</CODE> access.
273      *
274      * @param address The host address to check.
275      *
276      * @return <CODE>true</CODE> if the host has write permission, <CODE>false</CODE> otherwise.
277      */
278     public boolean checkWritePermission(InetAddress JavaDoc address) {
279         if (alwaysAuthorized) return ( true );
280         PrincipalImpl p = new PrincipalImpl(address);
281         return acl.checkPermission(p, WRITE);
282     }
283
284     /**
285      * Checks whether or not the specified host and community have <CODE>WRITE</CODE> access.
286      *
287      * @param address The host address to check.
288      * @param community The community associated with the host.
289      *
290      * @return <CODE>true</CODE> if the pair (host, community) has write permission, <CODE>false</CODE> otherwise.
291      */
292     public boolean checkWritePermission(InetAddress JavaDoc address, String JavaDoc community) {
293         if (alwaysAuthorized) return ( true );
294         PrincipalImpl p = new PrincipalImpl(address);
295         return acl.checkPermission(p, community, WRITE);
296     }
297   
298     /**
299      * Returns an enumeration of trap destinations.
300      *
301      * @return An enumeration of the trap destinations (enumeration of <CODE>InetAddress<CODE>).
302      */
303     public Enumeration JavaDoc getTrapDestinations() {
304         return trapDestList.keys();
305     }
306   
307     /**
308      * Returns an enumeration of trap communities for a given host.
309      *
310      * @param i The address of the host.
311      *
312      * @return An enumeration of trap communities for a given host (enumeration of <CODE>String<CODE>).
313      */
314     public Enumeration JavaDoc getTrapCommunities(InetAddress JavaDoc i) {
315         Vector JavaDoc list = null;
316         if ((list = (Vector JavaDoc)trapDestList.get(i)) != null ) {
317             if (isTraceOn()) {
318                 trace("getTrapCommunities", "["+i.toString()+"] is in list");
319             }
320             return list.elements();
321         } else {
322             list = new Vector JavaDoc();
323             if (isTraceOn()) {
324                 trace("getTrapCommunities", "["+i.toString()+"] is not in list");
325             }
326             return list.elements();
327         }
328     }
329   
330     /**
331      * Returns an enumeration of inform destinations.
332      *
333      * @return An enumeration of the inform destinations (enumeration of <CODE>InetAddress<CODE>).
334      */
335     public Enumeration JavaDoc getInformDestinations() {
336         return informDestList.keys();
337     }
338   
339     /**
340      * Returns an enumeration of inform communities for a given host.
341      *
342      * @param i The address of the host.
343      *
344      * @return An enumeration of inform communities for a given host (enumeration of <CODE>String<CODE>).
345      */
346     public Enumeration JavaDoc getInformCommunities(InetAddress JavaDoc i) {
347         Vector JavaDoc list = null;
348         if ((list = (Vector JavaDoc)informDestList.get(i)) != null ) {
349             if (isTraceOn()) {
350                 trace("getInformCommunities", "["+i.toString()+"] is in list");
351             }
352             return list.elements();
353         } else {
354             list = new Vector JavaDoc();
355             if (isTraceOn()) {
356                 trace("getInformCommunities", "["+i.toString()+"] is not in list");
357             }
358             return list.elements();
359         }
360     }
361   
362     /**
363      * Converts the input configuration file into ACL.
364      */
365     private void readAuthorizedListFile() {
366
367         alwaysAuthorized = false;
368
369         if (authorizedListFile == null) {
370             if (isTraceOn()) {
371                 trace("readAuthorizedListFile", "alwaysAuthorized set to true");
372             }
373             alwaysAuthorized = true ;
374         } else {
375             // Read the file content
376 Parser parser = null;
377             try {
378                 parser= new Parser(new FileInputStream JavaDoc(getAuthorizedListFile()));
379             } catch (FileNotFoundException JavaDoc e) {
380                 if (isDebugOn()) {
381                     debug("readAuthorizedListFile", "The specified file was not found, authorize everybody");
382                 }
383                 alwaysAuthorized = true ;
384                 return;
385             }
386           
387             try {
388                 JDMSecurityDefs n = parser.SecurityDefs();
389                 n.buildAclEntries(owner, acl);
390                 n.buildTrapEntries(trapDestList);
391                 n.buildInformEntries(informDestList);
392             } catch (ParseException e) {
393                 if (isDebugOn()) {
394                     debug("readAuthorizedListFile", "Parsing exception " + e);
395                 }
396         throw new IllegalArgumentException JavaDoc(e.getMessage());
397             } catch (Error JavaDoc err) {
398                 if (isDebugOn()) {
399                     debug("readAuthorizedListFile", "Error exception");
400                 }
401         throw new IllegalArgumentException JavaDoc(err.getMessage());
402             }
403           
404             for(Enumeration JavaDoc e = acl.entries(); e.hasMoreElements();) {
405                 AclEntryImpl aa = (AclEntryImpl) e.nextElement();
406                 if (isTraceOn()) {
407                     trace("readAuthorizedListFile", "===> " + aa.getPrincipal().toString());
408                 }
409                 for (Enumeration JavaDoc eee = aa.permissions();eee.hasMoreElements();) {
410                     java.security.acl.Permission JavaDoc perm = (java.security.acl.Permission JavaDoc)eee.nextElement();
411                     if (isTraceOn()) {
412                         trace("readAuthorizedListFile", "perm = " + perm);
413                     }
414                 }
415             }
416         }
417     }
418   
419     /**
420      * Set the default full path for "snmp.acl" input file.
421      * Do not complain if the file does not exists.
422      */
423     private void setDefaultFileName() {
424     try {
425         setAuthorizedListFile(getDefaultAclFileName());
426     } catch (IllegalArgumentException JavaDoc x) {
427         // OK...
428 }
429     }
430   
431     
432     // TRACES & DEBUG
433 //---------------
434
435     boolean isTraceOn() {
436         return Trace.isSelected(Trace.LEVEL_TRACE, Trace.INFO_SNMP);
437     }
438
439     void trace(String JavaDoc clz, String JavaDoc func, String JavaDoc info) {
440         Trace.send(Trace.LEVEL_TRACE, Trace.INFO_SNMP, clz, func, info);
441     }
442
443     void trace(String JavaDoc func, String JavaDoc info) {
444         trace(dbgTag, func, info);
445     }
446     
447     boolean isDebugOn() {
448         return Trace.isSelected(Trace.LEVEL_DEBUG, Trace.INFO_SNMP);
449     }
450
451     void debug(String JavaDoc clz, String JavaDoc func, String JavaDoc info) {
452         Trace.send(Trace.LEVEL_DEBUG, Trace.INFO_SNMP, clz, func, info);
453     }
454
455     void debug(String JavaDoc func, String JavaDoc info) {
456         debug(dbgTag, func, info);
457     }
458     
459     String JavaDoc dbgTag = "SnmpAcl";
460     
461     // PRIVATE VARIABLES
462 //------------------
463
464     /**
465      * Represents the Access Control List.
466      */
467     private AclImpl acl = null;
468     /**
469      * Flag indicating whether the access is always authorized.
470      * <BR>This is the case if there is no flat file defined.
471      */
472     private boolean alwaysAuthorized = false;
473     /**
474      * Represents the Access Control List flat file.
475      */
476     private String JavaDoc authorizedListFile = null;
477     /**
478      * Contains the hosts list for trap destination.
479      */
480     private Hashtable JavaDoc trapDestList = null;
481     /**
482      * Contains the hosts list for inform destination.
483      */
484     private Hashtable JavaDoc informDestList = null;
485     
486     private PrincipalImpl owner = null;
487 }
488
Popular Tags