KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > snmp4j > agent > security > MutableVACM


1 /*_############################################################################
2   _##
3   _## SNMP4J-Agent - MutableVACM.java
4   _##
5   _## Copyright (C) 2005-2007 Frank Fock (SNMP4J.org)
6   _##
7   _## Licensed under the Apache License, Version 2.0 (the "License");
8   _## you may not use this file except in compliance with the License.
9   _## You may obtain a copy of the License at
10   _##
11   _## http://www.apache.org/licenses/LICENSE-2.0
12   _##
13   _## Unless required by applicable law or agreed to in writing, software
14   _## distributed under the License is distributed on an "AS IS" BASIS,
15   _## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16   _## See the License for the specific language governing permissions and
17   _## limitations under the License.
18   _##
19   _##########################################################################*/

20
21
22 package org.snmp4j.agent.security;
23
24 import org.snmp4j.smi.OctetString;
25 import org.snmp4j.smi.OID;
26 // JavaDoc
27
import org.snmp4j.security.SecurityModel;
28 import org.snmp4j.security.SecurityLevel;
29 import org.snmp4j.agent.mo.snmp.StorageType;
30
31 /**
32  * The <code>MutableVACM</code> interface extends the basic {@link VACM}
33  * by providing methods to change the configuration of the view-based access
34  * model.
35  *
36  * @author Frank Fock
37  * @version 1.0
38  */

39 public interface MutableVACM extends VACM {
40
41   int VACM_MATCH_EXACT = 1;
42   int VACM_MATCH_PREFIX = 2;
43
44   int VACM_VIEW_INCLUDED = 1;
45   int VACM_VIEW_EXCLUDED = 2;
46
47   /**
48    * Adds a security name to group mapping to the VACM.
49    * @param securityModel
50    * the security model the mapping is based on, see
51    * {@link SecurityModel} for possible values.
52    * @param securityName
53    * the security name to map to a group.
54    * @param groupName
55    * the name of the group.
56    * @param storageType
57    * the storage type to use for the entry. Possible values are defined
58    * by {@link StorageType}.
59    */

60   void addGroup(int securityModel,
61                 OctetString securityName,
62                 OctetString groupName,
63                 int storageType);
64
65   /**
66    * Removes a security name to group mapping from the VACM.
67    * @param securityModel
68    * the security model the mapping is based on, see
69    * {@link SecurityModel} for possible values.
70    * @param securityName
71    * the mapped security name.
72    * @return
73    * <code>true</code> if the entry has been removed, <code>false</code>
74    * otherwise (i.e. if such an entry does not exists).
75    */

76   boolean removeGroup(int securityModel,
77                       OctetString securityName);
78
79   /**
80    * Adds an access entry for the specified group name.
81    * @param groupName
82    * the group name for which to create an access entry.
83    * @param prefix
84    * if <code>match</code> is {@link #VACM_MATCH_PREFIX} the context name
85    * checked by the VACM must exatcly match this value, otherwise a prefix
86    * match is sufficient.
87    * @param securityModel
88    * the security model that must be used to gain access on behalf of this
89    * entry, see {@link SecurityModel} for possible values.
90    * @param securityLevel
91    * the minimum security level that must be used to gain access on behalf of
92    * this entry, see {@link SecurityLevel} for possible values.
93    * @param match
94    * specifies the type of context match used by this entry. Possible values
95    * are {@link #VACM_MATCH_EXACT} and {@link #VACM_MATCH_PREFIX}.
96    * @param readView
97    * the MIB view of the SNMP context to which this conceptual row authorizes
98    * read access. If the value is the empty string or if there is no active
99    * MIB view having this value of vacmViewTreeFamilyViewName, then no access
100    * is granted.
101    * @param writeView
102    * the MIB view of the SNMP context to which this conceptual row authorizes
103    * write access. If the value is the empty string or if there is no active
104    * MIB view having this value of vacmViewTreeFamilyViewName, then no access
105    * is granted.
106    * @param notifyView
107    * the MIB view of the SNMP context to which this conceptual row authorizes
108    * access for notifications. If the value is the empty string or if there
109    * is no active MIB view having this value of vacmViewTreeFamilyViewName,
110    * then no access is granted.
111    * @param storageType
112    * the storage type to use for the entry. Possible values are defined
113    * by {@link StorageType}.
114    */

115   void addAccess(OctetString groupName,
116                  OctetString prefix,
117                  int securityModel,
118                  int securityLevel,
119                  int match,
120                  OctetString readView,
121                  OctetString writeView,
122                  OctetString notifyView,
123                  int storageType);
124
125   /**
126    * Removes an access entry from the VACM.
127    * @param groupName
128    * the group name for which to remove an access entry.
129    * @param prefix
130    * the context name or prefix of the access entry.
131    * @param securityModel
132    * the security model that must be used to gain access on behalf of this
133    * entry, see {@link SecurityModel} for possible values.
134    * @param securityLevel
135    * the minimum security level that must be used to gain access on behalf of
136    * this entry, see {@link SecurityLevel} for possible values.
137    * @return
138    * <code>true</code> if the entry has been removed, <code>false</code>
139    * otherwise (i.e. if such an entry does not exists).
140    */

141   boolean removeAccess(OctetString groupName,
142                        OctetString prefix,
143                        int securityModel,
144                        int securityLevel);
145
146   /**
147    * Adds a view tree family to an VACM view.
148    * @param viewName
149    * the view name to which a tree family is to be added.
150    * @param subtree
151    * the MIB subtree which when combined with the corresponding instance of
152    * <code>mask</code> (vacmViewTreeFamilyMask) defines a family of view
153    * subtrees.
154    * @param mask
155    * The bit mask which, in combination with the corresponding instance of
156    * <code>subtree</code> (vacmViewTreeFamilySubtree), defines a family of
157    * view subtrees. See RFC 3415 vacmViewTreeFamilySubtree definition for
158    * more details on the bit mask.
159    * @param type
160    * specifies whether the subtree is included {@link #VACM_VIEW_INCLUDED}
161    * or excluded {@link #VACM_VIEW_EXCLUDED} from the view.
162    * @param storageType
163    * the storage type to use for the entry. Possible values are defined
164    * by {@link StorageType}.
165    */

166   void addViewTreeFamily(OctetString viewName,
167                          OID subtree,
168                          OctetString mask,
169                          int type,
170                          int storageType);
171
172   /**
173    * Removes a view tree family from a VACM view.
174    * @param viewName
175    * the view name from which a subtree family is to be removed.
176    * @param subtree
177    * the MIB subtree associated with this entry.
178    * @return
179    * <code>true</code> if the entry has been removed, <code>false</code>
180    * otherwise (i.e. if such an entry does not exists).
181    */

182   boolean removeViewTreeFamily(OctetString viewName,
183                                OID subtree);
184 }
185
Popular Tags