FileDocCategorySizeDatePackage
SnmpAcl.javaAPI DocJava SE 5 API15791Fri Aug 26 14:55:02 BST 2005com.sun.jmx.snmp.IPAcl

SnmpAcl

public class SnmpAcl extends Object implements Serializable, com.sun.jmx.snmp.InetAddressAcl
Defines an implementation of the {@link com.sun.jmx.snmp.InetAddressAcl InetAddressAcl} interface.

In this implementation the ACL information is stored on a flat file and its default location is "$JRE/lib/snmp.acl" - See {@link #getDefaultAclFileName()}

    This API is a Sun Microsystems internal API and is subject to change without notice.

version
4.32 12/19/03
author
Sun Microsystems, Inc

Fields Summary
static final PermissionImpl
READ
static final PermissionImpl
WRITE
String
dbgTag
private AclImpl
acl
Represents the Access Control List.
private boolean
alwaysAuthorized
Flag indicating whether the access is always authorized.
This is the case if there is no flat file defined.
private String
authorizedListFile
Represents the Access Control List flat file.
private Hashtable
trapDestList
Contains the hosts list for trap destination.
private Hashtable
informDestList
Contains the hosts list for inform destination.
private PrincipalImpl
owner
Constructors Summary
public SnmpAcl(String Owner)
Constructs the Java Dynamic Management(TM) Access Control List based on IP addresses. The ACL will take the given owner name. The current IP address will be the owner of the ACL.

param
Owner The name of the ACL Owner.
exception
UnknownHostException If the local host is unknown.
exception
IllegalArgumentException If the ACL file doesn't exist.

  
                                                                
       
	      
	this(Owner,null);
    
public SnmpAcl(String Owner, String aclFileName)
Constructs the Java Dynamic Management(TM) Access Control List based on IP addresses. The ACL will take the given owner name. The current IP address will be the owner of the ACL.

param
Owner The name of the ACL Owner.
param
aclFileName The name of the ACL File.
exception
UnknownHostException If the local host is unknown.
exception
IllegalArgumentException If the ACL file doesn't exist.

   
        trapDestList= new Hashtable();
        informDestList= new Hashtable();
        
        // PrincipalImpl() take the current host as entry
        owner = new PrincipalImpl();
        try {
            acl = new AclImpl(owner,Owner);
            AclEntry ownEntry = new AclEntryImpl(owner);
            ownEntry.addPermission(READ);
            ownEntry.addPermission(WRITE);
            acl.addEntry(owner,ownEntry);
        } catch (NotOwnerException ex) {
            if (isDebugOn()) {
                debug("constructor", 
		      "Should never get NotOwnerException as the owner"+
		      " is built in this constructor");
            }
        }
        if (aclFileName == null) setDefaultFileName();
	else setAuthorizedListFile(aclFileName);
        readAuthorizedListFile();
    
Methods Summary
public booleancheckCommunity(java.lang.String community)
Checks whether or not a community string is defined.

param
community The community to check.
return
true if the community is known, false otherwise.

        return acl.checkCommunity(community);
    
public booleancheckReadPermission(java.net.InetAddress address)
Checks whether or not the specified host has READ access.

param
address The host address to check.
return
true if the host has read permission, false otherwise.

        if (alwaysAuthorized) return ( true );
        PrincipalImpl p = new PrincipalImpl(address);
        return acl.checkPermission(p, READ);
    
public booleancheckReadPermission(java.net.InetAddress address, java.lang.String community)
Checks whether or not the specified host and community have READ access.

param
address The host address to check.
param
community The community associated with the host.
return
true if the pair (host, community) has read permission, false otherwise.

        if (alwaysAuthorized) return ( true );
        PrincipalImpl p = new PrincipalImpl(address);
        return acl.checkPermission(p, community, READ);
    
public booleancheckWritePermission(java.net.InetAddress address)
Checks whether or not the specified host has WRITE access.

param
address The host address to check.
return
true if the host has write permission, false otherwise.

        if (alwaysAuthorized) return ( true );
        PrincipalImpl p = new PrincipalImpl(address);
        return acl.checkPermission(p, WRITE);
    
public booleancheckWritePermission(java.net.InetAddress address, java.lang.String community)
Checks whether or not the specified host and community have WRITE access.

param
address The host address to check.
param
community The community associated with the host.
return
true if the pair (host, community) has write permission, false otherwise.

        if (alwaysAuthorized) return ( true );
        PrincipalImpl p = new PrincipalImpl(address);
        return acl.checkPermission(p, community, WRITE);
    
public java.util.Enumerationcommunities()
Returns ann enumeration of community strings. Community strings are returned as String.

return
The enumeration of community strings.

	HashSet set = new HashSet();
	Vector res = new Vector();
	for (Enumeration e = acl.entries() ; e.hasMoreElements() ;) {
	    AclEntryImpl entry = (AclEntryImpl) e.nextElement();
	    for (Enumeration cs = entry.communities(); 
		 cs.hasMoreElements() ;) {
		set.add((String) cs.nextElement());
	    }
	}
	Object[] objs = set.toArray();
	for(int i = 0; i < objs.length; i++)
	    res.addElement(objs[i]);

	return res.elements();
    
voiddebug(java.lang.String clz, java.lang.String func, java.lang.String info)

        Trace.send(Trace.LEVEL_DEBUG, Trace.INFO_SNMP, clz, func, info);
    
voiddebug(java.lang.String func, java.lang.String info)

        debug(dbgTag, func, info);
    
public java.util.Enumerationentries()
Returns an enumeration of the entries in this ACL. Each element in the enumeration is of type java.security.acl.AclEntry.

return
An enumeration of the entries in this ACL.

        return acl.entries();
    
public java.lang.StringgetAuthorizedListFile()
Returns the full path of the file used to get ACL information.

return
The full path of the file used to get ACL information.

        return authorizedListFile;
    
public static java.lang.StringgetDefaultAclFileName()
Get the default name for the ACL file. In this implementation this is "$JRE/lib/snmp.acl"

return
The default name for the ACL file.

	final String fileSeparator = 
	    System.getProperty("file.separator");
	final StringBuffer defaultAclName = 
	    new StringBuffer(System.getProperty("java.home")).
	    append(fileSeparator).append("lib").append(fileSeparator).
	    append("snmp.acl");
	return defaultAclName.toString();
    
public java.util.EnumerationgetInformCommunities(java.net.InetAddress i)
Returns an enumeration of inform communities for a given host.

param
i The address of the host.
return
An enumeration of inform communities for a given host (enumeration of String).

        Vector list = null;
        if ((list = (Vector)informDestList.get(i)) != null ) {
            if (isTraceOn()) {
                trace("getInformCommunities", "["+i.toString()+"] is in list");
            }
            return list.elements();
        } else {
            list = new Vector();
            if (isTraceOn()) {
                trace("getInformCommunities", "["+i.toString()+"] is not in list");
            }
            return list.elements();
        } 
    
public java.util.EnumerationgetInformDestinations()
Returns an enumeration of inform destinations.

return
An enumeration of the inform destinations (enumeration of InetAddress).

        return informDestList.keys();
    
public java.lang.StringgetName()
Returns the name of the ACL.

return
The name of the ACL.

        return acl.getName();
    
public static PermissionImplgetREAD()
Returns the read permission instance used.

return
The read permission instance.

        return READ;
    
public java.util.EnumerationgetTrapCommunities(java.net.InetAddress i)
Returns an enumeration of trap communities for a given host.

param
i The address of the host.
return
An enumeration of trap communities for a given host (enumeration of String).

        Vector list = null;
        if ((list = (Vector)trapDestList.get(i)) != null ) {
            if (isTraceOn()) {
                trace("getTrapCommunities", "["+i.toString()+"] is in list");
            }
            return list.elements();
        } else {
            list = new Vector();
            if (isTraceOn()) {
                trace("getTrapCommunities", "["+i.toString()+"] is not in list");
            }
            return list.elements();
        } 
    
public java.util.EnumerationgetTrapDestinations()
Returns an enumeration of trap destinations.

return
An enumeration of the trap destinations (enumeration of InetAddress).

        return trapDestList.keys();
    
public static PermissionImplgetWRITE()
Returns the write permission instance used.

return
The write permission instance.

        return WRITE;
    
booleanisDebugOn()

        return Trace.isSelected(Trace.LEVEL_DEBUG, Trace.INFO_SNMP);
    
booleanisTraceOn()

        return Trace.isSelected(Trace.LEVEL_TRACE, Trace.INFO_SNMP);
    
private voidreadAuthorizedListFile()
Converts the input configuration file into ACL.


        alwaysAuthorized = false;

        if (authorizedListFile == null) {
            if (isTraceOn()) {
                trace("readAuthorizedListFile", "alwaysAuthorized set to true");
            }
            alwaysAuthorized = true ;
        } else {
            // Read the file content
            Parser parser = null;  
            try {
                parser= new Parser(new FileInputStream(getAuthorizedListFile()));
            } catch (FileNotFoundException e) {
                if (isDebugOn()) {
                    debug("readAuthorizedListFile", "The specified file was not found, authorize everybody");
                }
                alwaysAuthorized = true ;
                return;
            }
          
            try {
                JDMSecurityDefs n = parser.SecurityDefs();
                n.buildAclEntries(owner, acl);
                n.buildTrapEntries(trapDestList);
                n.buildInformEntries(informDestList);
            } catch (ParseException e) {
                if (isDebugOn()) {
                    debug("readAuthorizedListFile", "Parsing exception " + e);
                }
		throw new IllegalArgumentException(e.getMessage());
            } catch (Error err) {
                if (isDebugOn()) {
                    debug("readAuthorizedListFile", "Error exception");
                }
		throw new IllegalArgumentException(err.getMessage());
            }
          
            for(Enumeration e = acl.entries(); e.hasMoreElements();) {
                AclEntryImpl aa = (AclEntryImpl) e.nextElement();
                if (isTraceOn()) {
                    trace("readAuthorizedListFile", "===> " + aa.getPrincipal().toString());
                }
                for (Enumeration eee = aa.permissions();eee.hasMoreElements();) {
                    java.security.acl.Permission perm = (java.security.acl.Permission)eee.nextElement();
                    if (isTraceOn()) {
                        trace("readAuthorizedListFile", "perm = " + perm);
                    }
                }
            }
        }
    
public voidrereadTheFile()
Resets this ACL to the values contained in the configuration file.

exception
NotOwnerException If the principal attempting the reset is not an owner of this ACL.
exception
UnknownHostException If IP addresses for hosts contained in the ACL file couldn't be found.

        alwaysAuthorized = false;
        acl.removeAll(owner);
        trapDestList.clear();
        informDestList.clear();
        AclEntry ownEntry = new AclEntryImpl(owner);
        ownEntry.addPermission(READ);
        ownEntry.addPermission(WRITE);  
        acl.addEntry(owner,ownEntry);
        readAuthorizedListFile();
    
public voidsetAuthorizedListFile(java.lang.String filename)
Sets the full path of the file containing the ACL information.

param
filename The full path of the file containing the ACL information.
throws
IllegalArgumentException If the passed ACL file doesn't exist.

	File file = new File(filename);
	if (!file.isFile() ) {
	    if (isDebugOn()) {
		debug("setAuthorizedListFile", 
		      "ACL file not found: " + filename);
	    }
	    throw new 
		IllegalArgumentException("The specified file ["+file+"] "+
					 "doesn't exist or is not a file, "+
					 "no configuration loaded");
	}
        if (isTraceOn()) {
            trace("setAuthorizedListFile", "Default file set to " + filename);
        }
        authorizedListFile = filename;
    
private voidsetDefaultFileName()
Set the default full path for "snmp.acl" input file. Do not complain if the file does not exists.

	try {
	    setAuthorizedListFile(getDefaultAclFileName());
	} catch (IllegalArgumentException x) {
	    // OK...
	}
    
voidtrace(java.lang.String clz, java.lang.String func, java.lang.String info)

        Trace.send(Trace.LEVEL_TRACE, Trace.INFO_SNMP, clz, func, info);
    
voidtrace(java.lang.String func, java.lang.String info)

        trace(dbgTag, func, info);