File Doc Category Size Date Package
SnmpAcl.java API Doc Java SE 6 API 15795 Tue Jun 10 00:22:06 BST 2008 com.sun.jmx.snmp.IPAcl

SnmpAcl

java.lang.Object

public class SnmpAcl extends Object implements Serializable, com.sun.jmx.snmp.InetAddressAcl

Defines an implementation of the {@link com.sun.jmx.snmp.InetAddressAcl InetAddressAcl} interface.

In this implementation the ACL information is stored on a flat file and its default location is "$JRE/lib/snmp.acl" - See {@link #getDefaultAclFileName()}

This API is a Sun Microsystems internal API and is subject to change without notice.

version: 4.34 04/07/06
author: Sun Microsystems, Inc

Fields Summary
static final PermissionImpl
READ
static final PermissionImpl
WRITE
String
dbgTag
private AclImpl
acl
Represents the Access Control List.
private boolean
alwaysAuthorized
Flag indicating whether the access is always authorized.
This is the case if there is no flat file defined.
private String
authorizedListFile
Represents the Access Control List flat file.
private Hashtable
trapDestList
Contains the hosts list for trap destination.
private Hashtable
informDestList
Contains the hosts list for inform destination.
private PrincipalImpl
owner
Constructors Summary
public SnmpAcl(String Owner)
Constructs the Java Dynamic Management(TM) Access Control List based on IP addresses. The ACL will take the given owner name. The current IP address will be the owner of the ACL.
param
Owner The name of the ACL Owner.
exception
UnknownHostException If the local host is unknown.
exception
IllegalArgumentException If the ACL file doesn't exist.
this(Owner,null);
public SnmpAcl(String Owner, String aclFileName)
Constructs the Java Dynamic Management(TM) Access Control List based on IP addresses. The ACL will take the given owner name. The current IP address will be the owner of the ACL.
param
Owner The name of the ACL Owner.
param
aclFileName The name of the ACL File.
exception
UnknownHostException If the local host is unknown.
exception
IllegalArgumentException If the ACL file doesn't exist.
trapDestList= new Hashtable(); informDestList= new Hashtable(); // PrincipalImpl() take the current host as entry owner = new PrincipalImpl(); try { acl = new AclImpl(owner,Owner); AclEntry ownEntry = new AclEntryImpl(owner); ownEntry.addPermission(READ); ownEntry.addPermission(WRITE); acl.addEntry(owner,ownEntry); } catch (NotOwnerException ex) { if (isDebugOn()) { debug("constructor", "Should never get NotOwnerException as the owner"+ " is built in this constructor"); } } if (aclFileName == null) setDefaultFileName(); else setAuthorizedListFile(aclFileName); readAuthorizedListFile();
Methods Summary
public boolean checkCommunity(java.lang.String community)
Checks whether or not a community string is defined.
param
community The community to check.
return
true if the community is known, false otherwise.
return acl.checkCommunity(community);
public boolean checkReadPermission(java.net.InetAddress address)
Checks whether or not the specified host has READ access.
param
address The host address to check.
return
true if the host has read permission, false otherwise.
if (alwaysAuthorized) return ( true ); PrincipalImpl p = new PrincipalImpl(address); return acl.checkPermission(p, READ);
public boolean checkReadPermission(java.net.InetAddress address, java.lang.String community)
Checks whether or not the specified host and community have READ access.
param
address The host address to check.
param
community The community associated with the host.
return
true if the pair (host, community) has read permission, false otherwise.
if (alwaysAuthorized) return ( true ); PrincipalImpl p = new PrincipalImpl(address); return acl.checkPermission(p, community, READ);
public boolean checkWritePermission(java.net.InetAddress address)
Checks whether or not the specified host has WRITE access.
param
address The host address to check.
return
true if the host has write permission, false otherwise.
if (alwaysAuthorized) return ( true ); PrincipalImpl p = new PrincipalImpl(address); return acl.checkPermission(p, WRITE);
public boolean checkWritePermission(java.net.InetAddress address, java.lang.String community)
Checks whether or not the specified host and community have WRITE access.
param
address The host address to check.
param
community The community associated with the host.
return
true if the pair (host, community) has write permission, false otherwise.
if (alwaysAuthorized) return ( true ); PrincipalImpl p = new PrincipalImpl(address); return acl.checkPermission(p, community, WRITE);
public java.util.Enumeration communities()
Returns ann enumeration of community strings. Community strings are returned as String.
return
The enumeration of community strings.
HashSet set = new HashSet(); Vector res = new Vector(); for (Enumeration e = acl.entries() ; e.hasMoreElements() ;) { AclEntryImpl entry = (AclEntryImpl) e.nextElement(); for (Enumeration cs = entry.communities(); cs.hasMoreElements() ;) { set.add((String) cs.nextElement()); } } Object[] objs = set.toArray(); for(int i = 0; i < objs.length; i++) res.addElement(objs[i]); return res.elements();
void debug(java.lang.String clz, java.lang.String func, java.lang.String info)
Trace.send(Trace.LEVEL_DEBUG, Trace.INFO_SNMP, clz, func, info);
void debug(java.lang.String func, java.lang.String info)
debug(dbgTag, func, info);
public java.util.Enumeration entries()
Returns an enumeration of the entries in this ACL. Each element in the enumeration is of type java.security.acl.AclEntry.
return
An enumeration of the entries in this ACL.
return acl.entries();
public java.lang.String getAuthorizedListFile()
Returns the full path of the file used to get ACL information.
return
The full path of the file used to get ACL information.
return authorizedListFile;
public static java.lang.String getDefaultAclFileName()
Get the default name for the ACL file. In this implementation this is "$JRE/lib/snmp.acl"
return
The default name for the ACL file.
final String fileSeparator = System.getProperty("file.separator"); final StringBuffer defaultAclName = new StringBuffer(System.getProperty("java.home")). append(fileSeparator).append("lib").append(fileSeparator). append("snmp.acl"); return defaultAclName.toString();
public java.util.Enumeration getInformCommunities(java.net.InetAddress i)
Returns an enumeration of inform communities for a given host.
param
i The address of the host.
return
An enumeration of inform communities for a given host (enumeration of String).
Vector list = null; if ((list = (Vector)informDestList.get(i)) != null ) { if (isTraceOn()) { trace("getInformCommunities", "["+i.toString()+"] is in list"); } return list.elements(); } else { list = new Vector(); if (isTraceOn()) { trace("getInformCommunities", "["+i.toString()+"] is not in list"); } return list.elements(); }
public java.util.Enumeration getInformDestinations()
Returns an enumeration of inform destinations.
return
An enumeration of the inform destinations (enumeration of InetAddress).
return informDestList.keys();
public java.lang.String getName()
Returns the name of the ACL.
return
The name of the ACL.
return acl.getName();
public static PermissionImpl getREAD()
Returns the read permission instance used.
return
The read permission instance.
return READ;
public java.util.Enumeration getTrapCommunities(java.net.InetAddress i)
Returns an enumeration of trap communities for a given host.
param
i The address of the host.
return
An enumeration of trap communities for a given host (enumeration of String).
Vector list = null; if ((list = (Vector)trapDestList.get(i)) != null ) { if (isTraceOn()) { trace("getTrapCommunities", "["+i.toString()+"] is in list"); } return list.elements(); } else { list = new Vector(); if (isTraceOn()) { trace("getTrapCommunities", "["+i.toString()+"] is not in list"); } return list.elements(); }
public java.util.Enumeration getTrapDestinations()
Returns an enumeration of trap destinations.
return
An enumeration of the trap destinations (enumeration of InetAddress).
return trapDestList.keys();
public static PermissionImpl getWRITE()
Returns the write permission instance used.
return
The write permission instance.
return WRITE;
boolean isDebugOn()
return Trace.isSelected(Trace.LEVEL_DEBUG, Trace.INFO_SNMP);
boolean isTraceOn()
return Trace.isSelected(Trace.LEVEL_TRACE, Trace.INFO_SNMP);
private void readAuthorizedListFile()
Converts the input configuration file into ACL.
alwaysAuthorized = false; if (authorizedListFile == null) { if (isTraceOn()) { trace("readAuthorizedListFile", "alwaysAuthorized set to true"); } alwaysAuthorized = true ; } else { // Read the file content Parser parser = null; try { parser= new Parser(new FileInputStream(getAuthorizedListFile())); } catch (FileNotFoundException e) { if (isDebugOn()) { debug("readAuthorizedListFile", "The specified file was not found, authorize everybody"); } alwaysAuthorized = true ; return; } try { JDMSecurityDefs n = parser.SecurityDefs(); n.buildAclEntries(owner, acl); n.buildTrapEntries(trapDestList); n.buildInformEntries(informDestList); } catch (ParseException e) { if (isDebugOn()) { debug("readAuthorizedListFile", "Parsing exception " + e); } throw new IllegalArgumentException(e.getMessage()); } catch (Error err) { if (isDebugOn()) { debug("readAuthorizedListFile", "Error exception"); } throw new IllegalArgumentException(err.getMessage()); } for(Enumeration e = acl.entries(); e.hasMoreElements();) { AclEntryImpl aa = (AclEntryImpl) e.nextElement(); if (isTraceOn()) { trace("readAuthorizedListFile", "===> " + aa.getPrincipal().toString()); } for (Enumeration eee = aa.permissions();eee.hasMoreElements();) { java.security.acl.Permission perm = (java.security.acl.Permission)eee.nextElement(); if (isTraceOn()) { trace("readAuthorizedListFile", "perm = " + perm); } } } }
public void rereadTheFile()
Resets this ACL to the values contained in the configuration file.
exception
NotOwnerException If the principal attempting the reset is not an owner of this ACL.
exception
UnknownHostException If IP addresses for hosts contained in the ACL file couldn't be found.
alwaysAuthorized = false; acl.removeAll(owner); trapDestList.clear(); informDestList.clear(); AclEntry ownEntry = new AclEntryImpl(owner); ownEntry.addPermission(READ); ownEntry.addPermission(WRITE); acl.addEntry(owner,ownEntry); readAuthorizedListFile();
public void setAuthorizedListFile(java.lang.String filename)
Sets the full path of the file containing the ACL information.
param
filename The full path of the file containing the ACL information.
throws
IllegalArgumentException If the passed ACL file doesn't exist.
File file = new File(filename); if (!file.isFile() ) { if (isDebugOn()) { debug("setAuthorizedListFile", "ACL file not found: " + filename); } throw new IllegalArgumentException("The specified file ["+file+"] "+ "doesn't exist or is not a file, "+ "no configuration loaded"); } if (isTraceOn()) { trace("setAuthorizedListFile", "Default file set to " + filename); } authorizedListFile = filename;
private void setDefaultFileName()
Set the default full path for "snmp.acl" input file. Do not complain if the file does not exists.
try { setAuthorizedListFile(getDefaultAclFileName()); } catch (IllegalArgumentException x) { // OK... }
void trace(java.lang.String clz, java.lang.String func, java.lang.String info)
Trace.send(Trace.LEVEL_TRACE, Trace.INFO_SNMP, clz, func, info);
void trace(java.lang.String func, java.lang.String info)
trace(dbgTag, func, info);