Java > Open Source Codes > org > objectweb > cjdbc > controller > core > security > ControllerSecurityManager


1 /**
2  * C-JDBC: Clustered JDBC.
3  * Copyright (C) 2002-2004 French National Institute For Research In Computer
4  * Science And Control (INRIA).
5  * Contact: c-jdbc@objectweb.org
6  *
7  * This library is free software; you can redistribute it and/or modify it
8  * under the terms of the GNU Lesser General Public License as published by the
9  * Free Software Foundation; either version 2.1 of the License, or any later
10  * version.
11  *
12  * This library is distributed in the hope that it will be useful, but WITHOUT
13  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
15  * for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public License
18  * along with this library; if not, write to the Free Software Foundation,
19  * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
20  *
21  * Initial developer(s): Nicolas Modrzyk
22  * Contributor(s): _______________________
23  */
24
25 package org.objectweb.cjdbc.controller.core.security;
26
27 import java.net.Socket ;
28 import java.util.ArrayList ;
29
30 import org.apache.regexp.RE;
31 import org.objectweb.cjdbc.common.net.SSLConfiguration;
32 import org.objectweb.cjdbc.common.xml.ControllerXmlTags;
33 import org.objectweb.cjdbc.common.xml.XmlComponent;
34
35 /**
36  * Call this to check if security is enforced ....
37  *
38  * @author <a HREF="mailto:Nicolas.Modrzyk@inrialpes.fr">Nicolas Modrzyk </a>
39  * @version 1.0
40  */
41 public class ControllerSecurityManager implements XmlComponent
42 {
43   private boolean allowAdditionalDriver = true;
44   private boolean allowConsoleShutdown = true;
45   private boolean allowLocalConsoleOnly = true;
46   private boolean allowClientShutdown = true;
47   private boolean allowLocalClientOnly = true;
48   private boolean defaultConnect = true;
49   private ArrayList accept;
50   private ArrayList saccept;
51   private ArrayList block;
52   private ArrayList sblock;
53   private SSLConfiguration sslConfig;
54
55   /**
56    * Create a new security manager
57    */
58   public ControllerSecurityManager()
59   {
60     block = new ArrayList ();
61     accept = new ArrayList ();
62     saccept = new ArrayList ();
63     sblock = new ArrayList ();
64   }
65
66   /**
67    * Check connection policy for a client socket
68    *
69    * @param clientSocket that is trying to connect
70    * @return true if connection is allowed, false otherwise
71    */
72   public boolean allowConnection(Socket clientSocket)
73   {
74     if (checkList(accept, clientSocket))
75       return true;
76     if (checkList(block, clientSocket))
77       return false;
78     return defaultConnect;
79   }
80
81   /**
82    * Add an ip range to the secure list
83    *
84    * @param range to accept like 192.167.1.*
85    * @param baccept true if accept false if block
86    */
87   public void addToSecureList(RE range, boolean baccept)
88   {
89     if (baccept)
90       accept.add(range);
91     else
92       block.add(range);
93   }
94
95   /**
96    * Add an ip range to the secure list. Same as above, but we want to store the
97    * original string pattern as well.
98    *
99    * @param range to accept
100    * @param baccept true if accept false if block
101    * @throws Exception if the pattern is not valid
102    */
103   public void addToSecureList(String range, boolean baccept) throws Exception
104   {
105     RE re = new RE(range);
106     addToSecureList(re, baccept);
107     if (baccept)
108       saccept.add(range);
109     else
110       sblock.add(range);
111   }
112
113   /**
114    * Add this host name or ipaddress to the secure list
115    *
116    * @param host name or ipaddress
117    * @param baccept true if accept false if block
118    */
119   public void addHostToSecureList(String host, boolean baccept)
120   {
121     if (baccept)
122       accept.add(host);
123     else
124       block.add(host);
125   }
126
127   private static boolean checkList(ArrayList list, Socket clientSocket)
128   {
129     String hostAddress = clientSocket.getInetAddress().getHostAddress();
130     String hostName = clientSocket.getInetAddress().getHostName();
131     String ipaddress = clientSocket.getInetAddress().toString();
132     Object o;
133     RE re;
134     String s;
135     for (int i = 0; i < list.size(); i++)
136     {
137       o = list.get(i);
138       if (o instanceof RE)
139       {
140         re = (RE) o;
141         if (re.match(ipaddress))
142           return true;
143       }
144       if (o instanceof String )
145       {
146         s = (String ) o;
147         if (s.equalsIgnoreCase(hostAddress) || s.equalsIgnoreCase(hostName))
148           return true;
149       }
150     }
151     return false;
152   }
153
154   /**
155    * @return Returns the allowAdditionalDriver.
156    */
157   public boolean getAllowAdditionalDriver()
158   {
159     return allowAdditionalDriver;
160   }
161
162   /**
163    * @param allowAdditionalDriver The allowAdditionalDriver to set.
164    */
165   public void setAllowAdditionalDriver(boolean allowAdditionalDriver)
166   {
167     this.allowAdditionalDriver = allowAdditionalDriver;
168   }
169
170   /**
171    * @return Returns the allowClientShutdown.
172    */
173   public boolean getAllowClientShutdown()
174   {
175     return allowClientShutdown;
176   }
177
178   /**
179    * @param allowClientShutdown The allowClientShutdown to set.
180    */
181   public void setAllowClientShutdown(boolean allowClientShutdown)
182   {
183     this.allowClientShutdown = allowClientShutdown;
184   }
185
186   /**
187    * @return Returns the allowConsoleShutdown.
188    */
189   public boolean getAllowConsoleShutdown()
190   {
191     return allowConsoleShutdown;
192   }
193
194   /**
195    * @param allowConsoleShutdown The allowConsoleShutdown to set.
196    */
197   public void setAllowConsoleShutdown(boolean allowConsoleShutdown)
198   {
199     this.allowConsoleShutdown = allowConsoleShutdown;
200   }
201
202   /**
203    * @return Returns the allowLocalClientOnly.
204    */
205   public boolean getAllowLocalClientOnly()
206   {
207     return allowLocalClientOnly;
208   }
209
210   /**
211    * @param allowLocalClientOnly The allowLocalClientOnly to set.
212    */
213   public void setAllowLocalClientOnly(boolean allowLocalClientOnly)
214   {
215     this.allowLocalClientOnly = allowLocalClientOnly;
216   }
217
218   /**
219    * @return Returns the allowLocalConsoleOnly.
220    */
221   public boolean getAllowLocalConsoleOnly()
222   {
223     return allowLocalConsoleOnly;
224   }
225
226   /**
227    * @param allowLocalConsoleOnly The allowLocalConsoleOnly to set.
228    */
229   public void setAllowLocalConsoleOnly(boolean allowLocalConsoleOnly)
230   {
231     this.allowLocalConsoleOnly = allowLocalConsoleOnly;
232   }
233
234   /**
235    * @return Returns the defaultConnect.
236    */
237   public boolean getDefaultConnect()
238   {
239     return defaultConnect;
240   }
241
242   /**
243    * @param defaultConnect The defaultConnect to set.
244    */
245   public void setDefaultConnect(boolean defaultConnect)
246   {
247     this.defaultConnect = defaultConnect;
248   }
249
250   /**
251    * @return Returns the saccept.
252    */
253   public ArrayList getSaccept()
254   {
255     return saccept;
256   }
257
258   /**
259    * @return Returns the sblock.
260    */
261   public ArrayList getSblock()
262   {
263     return sblock;
264   }
265
266   /**
267    * @return Returns the accept.
268    */
269   public ArrayList getAccept()
270   {
271     return accept;
272   }
273
274   /**
275    * @return Returns the block.
276    */
277   public ArrayList getBlock()
278   {
279     return block;
280   }
281
282   /**
283    * @param block The block to set.
284    */
285   public void setBlock(ArrayList block)
286   {
287     this.block = block;
288   }
289
290   /**
291    * @see org.objectweb.cjdbc.common.xml.XmlComponent#getXml()
292    */
293   public String getXml()
294   {
295     StringBuffer sb = new StringBuffer ();
296     sb.append("<" + ControllerXmlTags.ELT_SECURITY + " "
297         + ControllerXmlTags.ATT_DEFAULT_CONNECT + "=\""
298         + this.getDefaultConnect() + "\">");
299
300     sb.append("<" + ControllerXmlTags.ELT_JAR + " "
301         + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowAdditionalDriver()
302         + "\"/>");
303
304     sb.append("<" + ControllerXmlTags.ELT_SHUTDOWN + ">");
305     sb.append("<" + ControllerXmlTags.ELT_CLIENT + " "
306         + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowClientShutdown()
307         + "\" " + ControllerXmlTags.ATT_ONLY_LOCALHOST + "=\""
308         + this.getAllowLocalClientOnly() + "\" " + "/>");
309     sb.append("<" + ControllerXmlTags.ELT_CONSOLE + " "
310         + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowConsoleShutdown()
311         + "\" " + ControllerXmlTags.ATT_ONLY_LOCALHOST + "=\""
312         + this.getAllowLocalConsoleOnly() + "\" " + "/>");
313     sb.append("</" + ControllerXmlTags.ELT_SHUTDOWN + ">");
314
315     sb.append("<" + ControllerXmlTags.ELT_ACCEPT + ">");
316     ArrayList list = this.getSaccept();
317     String tmp;
318     for (int i = 0; i < list.size(); i++)
319     {
320       sb.append("<" + ControllerXmlTags.ELT_IPRANGE + " "
321           + ControllerXmlTags.ATT_VALUE + "=\"" + list.get(i) + "\"/>");
322     }
323     list = this.getAccept();
324     for (int i = 0; i < list.size(); i++)
325     {
326       if (list.get(i) instanceof RE)
327         continue;
328       tmp = (String ) list.get(i);
329       if (tmp.indexOf(".") == -1)
330         sb.append("<" + ControllerXmlTags.ELT_HOSTNAME + " "
331             + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
332       else
333         sb.append("<" + ControllerXmlTags.ELT_IPADDRESS + " "
334             + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
335     }
336     sb.append("</" + ControllerXmlTags.ELT_ACCEPT + ">");
337
338     sb.append("<" + ControllerXmlTags.ELT_BLOCK + ">");
339     list = this.getSblock();
340     for (int i = 0; i < list.size(); i++)
341     {
342       sb.append("<" + ControllerXmlTags.ELT_IPRANGE + " "
343           + ControllerXmlTags.ATT_VALUE + "=\"" + list.get(i) + "\"/>");
344     }
345     list = this.getBlock();
346     for (int i = 0; i < list.size(); i++)
347     {
348       if (list.get(i) instanceof RE)
349         continue;
350       tmp = (String ) list.get(i);
351       if (tmp.indexOf(".") == -1)
352         sb.append("<" + ControllerXmlTags.ELT_HOSTNAME + " "
353             + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
354       else
355         sb.append("<" + ControllerXmlTags.ELT_IPADDRESS + " "
356             + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
357     }
358     sb.append("</" + ControllerXmlTags.ELT_BLOCK + ">");
359
360     sb.append("</" + ControllerXmlTags.ELT_SECURITY + ">");
361     return sb.toString();
362   }
363
364   /**
365    * is ssl enabled for this controller
366    *
367    * @return Returns wether ssl is enabled or not
368    */
369   public boolean isSSLEnabled()
370   {
371     return sslConfig != null;
372   }
373
374   /**
375    * Returns the sslConfig value.
376    *
377    * @return Returns the sslConfig.
378    */
379   public SSLConfiguration getSslConfig()
380   {
381     return sslConfig;
382   }
383
384   /**
385    * Sets the sslConfig value.
386    *
387    * @param sslConfig The sslConfig to set.
388    */
389   public void setSslConfig(SSLConfiguration sslConfig)
390   {
391     this.sslConfig = sslConfig;
392   }
393 }
394

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags