ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/experimental/server/ACL/ACL.java
Revision: 1.3
Committed: Fri Dec 21 16:49:18 2001 UTC (22 years, 10 months ago) by tdb
Branch: MAIN
Changes since 1.2: +25 -25 lines
Log Message:
Changed the LinkedList/Iterator to an ArrayList.get(n) solution. According to
Paul's research this should run at least 4 times as fast as the LinkedList in the
iterating stage. (and twice as quick as an ArrayList/Iterator solution!). Using a
plain array could make this go twice as fast again, but it's a lot more work :-)

File Contents

# User Rev Content
1 tdb 1.1 //---PACKAGE DECLARATION---
2     //package uk.org.iscream.cms.server.util;
3    
4     //---IMPORTS---
5     import uk.org.iscream.cms.server.util.*;
6 tdb 1.3 import java.util.ArrayList;
7 tdb 1.1 import java.net.InetAddress;
8    
9     /**
10 tdb 1.2 * Access Control List for use primarily
11     * with the ACLServerSocket. It could, however
12     * have other uses as it has a fairly generic
13     * behaviour. Rules are added using the add
14     * method, and then checks can be made using
15     * the relevant check method.
16 tdb 1.1 *
17     * @author $Author$
18     * @version $Id$
19     */
20     public class ACL {
21    
22     //---FINAL ATTRIBUTES---
23    
24     /**
25     * The current CVS revision of this class
26     */
27     public static final String REVISION = "$Revision$";
28 tdb 1.2
29     /**
30     * static to be used when adding an ALLOW rule to the ACL.
31     */
32 tdb 1.1 public static final boolean ALLOW = true;
33 tdb 1.2
34     /**
35     * static to be used when adding a DENY rule to the ACL.
36     */
37 tdb 1.1 public static final boolean DENY = false;
38    
39     //---STATIC METHODS---
40    
41     //---CONSTRUCTORS---
42    
43 tdb 1.2 /**
44     * Construct a new Access Control List. The default
45     * mode is to ALLOW anything that isn't explicitly
46     * blocked by a rule.
47     */
48 tdb 1.1 public ACL() {
49     // default to ACL.ALLOW
50     this(ACL.ALLOW);
51     }
52    
53 tdb 1.2 /**
54     * Construct a new Access Control List with a given
55     * default mode. This mode specifies what should
56     * happen if a check does not match any rules.
57     *
58     * @param defaultMode the default mode for non-matched checks
59     */
60 tdb 1.1 public ACL(boolean defaultMode) {
61     _defaultMode = defaultMode;
62     }
63    
64     //---PUBLIC METHODS---
65    
66 tdb 1.2 /**
67     * Add a new rule to the ACL immediately after the
68     * previous rule. The rule can either be an ACL.ALLOW
69     * rule, or an ACL.DENY rule. The expression can
70     * contain a wildcard (a * only). Rules can only be
71     * added to the end of the list.
72     *
73     * param allow whether this is an ALLOW or DENY rule
74     * param expression what this rule matches using wildcards
75     */
76 tdb 1.1 public void add(boolean allow, String expression) {
77 tdb 1.2 _acl.add(new ACLRule(allow, expression));
78 tdb 1.1 }
79    
80 tdb 1.2 /**
81     * Check to see if a string is permitted by the
82     * ACL. Useful for testing, and non-Socket uses
83     * of this class.
84     *
85     * @param address the string to check
86     * @return whether the address was permitted by the ACL
87     */
88 tdb 1.1 public boolean check(String address) {
89 tdb 1.3 for(int i=0; i < _acl.size(); i++) {
90     ACLRule rule = (ACLRule) _acl.get(i);
91     if(StringUtils.wildcardCheck(address, rule._expression)) {
92     return rule._allow;
93 tdb 1.1 }
94     }
95     return _defaultMode;
96     }
97    
98 tdb 1.2 /**
99     * Check to see if an InetAddress is permitted
100     * by the ACL. Perfect for Socket uses of this
101     * class. It should be made clear that this will
102     * check both the hostname AND IP address against
103     * each rule in turn. The hostname will always be
104     * checked BEFORE the IP address.
105     *
106     * @param address the InetAddress to check
107     * @return whether the InetAddress was permitted by the ACL
108     */
109 tdb 1.1 public boolean check(InetAddress address) {
110 tdb 1.3 for(int i=0; i < _acl.size(); i++) {
111     ACLRule rule = (ACLRule) _acl.get(i);
112     if(StringUtils.wildcardCheck(address.getHostName(), rule._expression)) {
113     return rule._allow;
114 tdb 1.1 }
115 tdb 1.3 if(StringUtils.wildcardCheck(address.getHostAddress(), rule._expression)) {
116     return rule._allow;
117 tdb 1.1 }
118     }
119     return _defaultMode;
120     }
121    
122 tdb 1.2 /**
123     * Gets the ACL as a String for debugging.
124     *
125     * @return A String representation of this ACL.
126     */
127     public String getStringACL() {
128 tdb 1.1 String acl = "";
129 tdb 1.3 for(int i=0; i < _acl.size(); i++) {
130     ACLRule rule = (ACLRule) _acl.get(i);
131     if(rule._allow) {
132     acl += "ALLOW:" + rule._expression + " ";
133 tdb 1.1 }
134     else {
135 tdb 1.3 acl += "DENY:" + rule._expression + " ";
136 tdb 1.1 }
137     }
138 tdb 1.3 if(_defaultMode) {
139     acl += "DEFAULT:ALLOW";
140     }
141     else {
142     acl += "DEFAULT:DENY";
143     }
144     return acl;
145 tdb 1.1 }
146    
147     /**
148     * Overrides the {@link java.lang.Object#toString() Object.toString()}
149     * method to provide clean logging (every class should have this).
150     *
151     * This uses the uk.org.iscream.cms.server.util.FormatName class
152     * to format the toString()
153     *
154     * @return the name of this class and its CVS revision
155     */
156     public String toString() {
157     return FormatName.getName(
158     _name,
159     getClass().getName(),
160     REVISION);
161     }
162    
163     //---PRIVATE METHODS---
164    
165     //---ACCESSOR/MUTATOR METHODS---
166    
167     //---ATTRIBUTES---
168    
169     /**
170     * This is the friendly identifier of the
171     * component this class is running in.
172     * eg, a Filter may be called "filter1",
173     * If this class does not have an owning
174     * component, a name from the configuration
175     * can be placed here. This name could also
176     * be changed to null for utility classes.
177     */
178     private String _name = null;
179 tdb 1.2
180     /**
181 tdb 1.3 * The ACL is stored in this ArrayList.
182 tdb 1.2 */
183 tdb 1.3 private ArrayList _acl = new ArrayList();
184 tdb 1.2
185     /**
186     * The default mode of this ACL.
187     */
188 tdb 1.1 private boolean _defaultMode;
189    
190     //---STATIC ATTRIBUTES---
191    
192     //---INNER CLASSES---
193    
194 tdb 1.2 /**
195     * Wrapper class for an ACL rule.
196     */
197     private class ACLRule {
198 tdb 1.1
199 tdb 1.2 /**
200     * Construct an ACL rule.
201     *
202     * @param allow whether this is an ALLOW or DENY rule
203     * @param expression what this rule matches
204     */
205     private ACLRule(boolean allow, String expression) {
206 tdb 1.1 _allow = allow;
207     _expression = expression;
208     }
209    
210 tdb 1.2 /**
211     * Whether this is an ALLOW or DENY rule.
212     */
213 tdb 1.1 private boolean _allow;
214 tdb 1.2
215     /**
216     * What this rule matches.
217     */
218 tdb 1.1 private String _expression;
219    
220     }
221    
222     }