server/ACL/ACL.java

//---PACKAGE DECLARATION---
//package uk.org.iscream.cms.server.util;

//---IMPORTS---
import uk.org.iscream.cms.server.util.*;
import java.util.LinkedList;
import java.util.Iterator;
import java.net.InetAddress;

/**
 * Access Control List
 *
 * @author  $Author$
 * @version $Id$
 */
public class ACL {

//---FINAL ATTRIBUTES---

    /**
     * The current CVS revision of this class
     */
    public static final String REVISION = "$Revision$";

    public static final boolean ALLOW = true;
    public static final boolean DENY = false;

//---STATIC METHODS---

//---CONSTRUCTORS---

    public ACL() {
        // default to ACL.ALLOW
        this(ACL.ALLOW);
    }
    
    public ACL(boolean defaultMode) {
        _defaultMode = defaultMode;
    }

//---PUBLIC METHODS---

    public void add(boolean allow, String expression) {
        _acl.add(new ACLItem(allow, expression));
    }
    
    public boolean check(String address) {
        Iterator i = _acl.iterator();
        while(i.hasNext()) {
            ACLItem item = (ACLItem) i.next();
            if(StringUtils.wildcardCheck(address, item._expression)) {
                return item._allow;
            }
        }
        // what to do here?
        // -- basically a default of deny/allow is needed
        return _defaultMode;
    }
    
    public boolean check(InetAddress address) {
        Iterator i = _acl.iterator();
        while(i.hasNext()) {
            ACLItem item = (ACLItem) i.next();
            if(StringUtils.wildcardCheck(address.getHostName(), item._expression)) {
                return item._allow;
            }
            if(StringUtils.wildcardCheck(address.getHostAddress(), item._expression)) {
                return item._allow;
            }
        }
        // what to do here?
        // -- basically a default of deny/allow is needed
        return _defaultMode;
    }
    
    public String getACL() {
        String acl = "";
        Iterator i = _acl.iterator();
        while(i.hasNext()) {
            ACLItem item = (ACLItem) i.next();
            if(item._allow) {
                acl += "ALLOW:" + item._expression + " ";
            }
            else {
                acl += "DENY:" + item._expression + " ";
            }
        }
        return acl.substring(0, acl.length()-1);
    }
    
    /**
     * Overrides the {@link java.lang.Object#toString() Object.toString()}
     * method to provide clean logging (every class should have this).
     *
     * This uses the uk.org.iscream.cms.server.util.FormatName class
     * to format the toString()
     *
     * @return the name of this class and its CVS revision
     */
    public String toString() {
        return FormatName.getName(
            _name,
            getClass().getName(),
            REVISION);
    }

//---PRIVATE METHODS---

//---ACCESSOR/MUTATOR METHODS---

//---ATTRIBUTES---

    /**
     * This is the friendly identifier of the
     * component this class is running in.
     * eg, a Filter may be called "filter1",
     * If this class does not have an owning
     * component,  a name from the configuration
     * can be placed here.  This name could also
     * be changed to null for utility classes.
     */
    private String _name = null;

    private LinkedList _acl = new LinkedList();
    private boolean _defaultMode;

//---STATIC ATTRIBUTES---

//---INNER CLASSES---

    private class ACLItem {
        
        private ACLItem(boolean allow, String expression) {
            _allow = allow;
            _expression = expression;
        }
        
        private boolean _allow;
        private String _expression;
        
    }

}
Revision:	1.1
Committed:	Wed Dec 19 23:43:27 2001 UTC (22 years, 11 months ago) by tdb
Branch:	MAIN
Log Message:	Initial checkin of ACL code for i-scream server. At present it should allow for ServerSocket's to be wrapped up with an access control list. Very simple to use, will javadoc sometime soon. Essentially construct a ACLServerSocket instead of a ServerSocket, then set an ACL (defaults to open ACL). Then it can be used as a ServerSocket due to inheritance, and will only return from the allow() method if the connecting Socket is permitted by the ACL.
#	User	Rev	Content
1	tdb	1.1	//---PACKAGE DECLARATION---
2			//package uk.org.iscream.cms.server.util;
3
4			//---IMPORTS---
5			import uk.org.iscream.cms.server.util.*;
6			import java.util.LinkedList;
7			import java.util.Iterator;
8			import java.net.InetAddress;
9
10			/**
11			* Access Control List
12			*
13			* @author $Author$
14			* @version $Id$
15			*/
16			public class ACL {
17
18			//---FINAL ATTRIBUTES---
19
20			/**
21			* The current CVS revision of this class
22			*/
23			public static final String REVISION = "$Revision$";
24
25			public static final boolean ALLOW = true;
26			public static final boolean DENY = false;
27
28			//---STATIC METHODS---
29
30			//---CONSTRUCTORS---
31
32			public ACL() {
33			// default to ACL.ALLOW
34			this(ACL.ALLOW);
35			}
36
37			public ACL(boolean defaultMode) {
38			_defaultMode = defaultMode;
39			}
40
41			//---PUBLIC METHODS---
42
43			public void add(boolean allow, String expression) {
44			_acl.add(new ACLItem(allow, expression));
45			}
46
47			public boolean check(String address) {
48			Iterator i = _acl.iterator();
49			while(i.hasNext()) {
50			ACLItem item = (ACLItem) i.next();
51			if(StringUtils.wildcardCheck(address, item._expression)) {
52			return item._allow;
53			}
54			}
55			// what to do here?
56			// -- basically a default of deny/allow is needed
57			return _defaultMode;
58			}
59
60			public boolean check(InetAddress address) {
61			Iterator i = _acl.iterator();
62			while(i.hasNext()) {
63			ACLItem item = (ACLItem) i.next();
64			if(StringUtils.wildcardCheck(address.getHostName(), item._expression)) {
65			return item._allow;
66			}
67			if(StringUtils.wildcardCheck(address.getHostAddress(), item._expression)) {
68			return item._allow;
69			}
70			}
71			// what to do here?
72			// -- basically a default of deny/allow is needed
73			return _defaultMode;
74			}
75
76			public String getACL() {
77			String acl = "";
78			Iterator i = _acl.iterator();
79			while(i.hasNext()) {
80			ACLItem item = (ACLItem) i.next();
81			if(item._allow) {
82			acl += "ALLOW:" + item._expression + " ";
83			}
84			else {
85			acl += "DENY:" + item._expression + " ";
86			}
87			}
88			return acl.substring(0, acl.length()-1);
89			}
90
91			/**
92			* Overrides the {@link java.lang.Object#toString() Object.toString()}
93			* method to provide clean logging (every class should have this).
94			*
95			* This uses the uk.org.iscream.cms.server.util.FormatName class
96			* to format the toString()
97			*
98			* @return the name of this class and its CVS revision
99			*/
100			public String toString() {
101			return FormatName.getName(
102			_name,
103			getClass().getName(),
104			REVISION);
105			}
106
107			//---PRIVATE METHODS---
108
109			//---ACCESSOR/MUTATOR METHODS---
110
111			//---ATTRIBUTES---
112
113			/**
114			* This is the friendly identifier of the
115			* component this class is running in.
116			* eg, a Filter may be called "filter1",
117			* If this class does not have an owning
118			* component, a name from the configuration
119			* can be placed here. This name could also
120			* be changed to null for utility classes.
121			*/
122			private String _name = null;
123
124			private LinkedList _acl = new LinkedList();
125			private boolean _defaultMode;
126
127			//---STATIC ATTRIBUTES---
128
129			//---INNER CLASSES---
130
131			private class ACLItem {
132
133			private ACLItem(boolean allow, String expression) {
134			_allow = allow;
135			_expression = expression;
136			}
137
138			private boolean _allow;
139			private String _expression;
140
141			}
142
143			}