ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/experimental/server/ACL/ACL.java
Revision: 1.1
Committed: Wed Dec 19 23:43:27 2001 UTC (22 years, 11 months ago) by tdb
Branch: MAIN
Log Message:
Initial checkin of ACL code for i-scream server. At present it should allow for
ServerSocket's to be wrapped up with an access control list. Very simple to
use, will javadoc sometime soon. Essentially construct a ACLServerSocket
instead of a ServerSocket, then set an ACL (defaults to open ACL). Then it
can be used as a ServerSocket due to inheritance, and will only return from
the allow() method if the connecting Socket is permitted by the ACL.

File Contents

# Content
1 //---PACKAGE DECLARATION---
2 //package uk.org.iscream.cms.server.util;
3
4 //---IMPORTS---
5 import uk.org.iscream.cms.server.util.*;
6 import java.util.LinkedList;
7 import java.util.Iterator;
8 import java.net.InetAddress;
9
10 /**
11 * Access Control List
12 *
13 * @author $Author$
14 * @version $Id$
15 */
16 public class ACL {
17
18 //---FINAL ATTRIBUTES---
19
20 /**
21 * The current CVS revision of this class
22 */
23 public static final String REVISION = "$Revision$";
24
25 public static final boolean ALLOW = true;
26 public static final boolean DENY = false;
27
28 //---STATIC METHODS---
29
30 //---CONSTRUCTORS---
31
32 public ACL() {
33 // default to ACL.ALLOW
34 this(ACL.ALLOW);
35 }
36
37 public ACL(boolean defaultMode) {
38 _defaultMode = defaultMode;
39 }
40
41 //---PUBLIC METHODS---
42
43 public void add(boolean allow, String expression) {
44 _acl.add(new ACLItem(allow, expression));
45 }
46
47 public boolean check(String address) {
48 Iterator i = _acl.iterator();
49 while(i.hasNext()) {
50 ACLItem item = (ACLItem) i.next();
51 if(StringUtils.wildcardCheck(address, item._expression)) {
52 return item._allow;
53 }
54 }
55 // what to do here?
56 // -- basically a default of deny/allow is needed
57 return _defaultMode;
58 }
59
60 public boolean check(InetAddress address) {
61 Iterator i = _acl.iterator();
62 while(i.hasNext()) {
63 ACLItem item = (ACLItem) i.next();
64 if(StringUtils.wildcardCheck(address.getHostName(), item._expression)) {
65 return item._allow;
66 }
67 if(StringUtils.wildcardCheck(address.getHostAddress(), item._expression)) {
68 return item._allow;
69 }
70 }
71 // what to do here?
72 // -- basically a default of deny/allow is needed
73 return _defaultMode;
74 }
75
76 public String getACL() {
77 String acl = "";
78 Iterator i = _acl.iterator();
79 while(i.hasNext()) {
80 ACLItem item = (ACLItem) i.next();
81 if(item._allow) {
82 acl += "ALLOW:" + item._expression + " ";
83 }
84 else {
85 acl += "DENY:" + item._expression + " ";
86 }
87 }
88 return acl.substring(0, acl.length()-1);
89 }
90
91 /**
92 * Overrides the {@link java.lang.Object#toString() Object.toString()}
93 * method to provide clean logging (every class should have this).
94 *
95 * This uses the uk.org.iscream.cms.server.util.FormatName class
96 * to format the toString()
97 *
98 * @return the name of this class and its CVS revision
99 */
100 public String toString() {
101 return FormatName.getName(
102 _name,
103 getClass().getName(),
104 REVISION);
105 }
106
107 //---PRIVATE METHODS---
108
109 //---ACCESSOR/MUTATOR METHODS---
110
111 //---ATTRIBUTES---
112
113 /**
114 * This is the friendly identifier of the
115 * component this class is running in.
116 * eg, a Filter may be called "filter1",
117 * If this class does not have an owning
118 * component, a name from the configuration
119 * can be placed here. This name could also
120 * be changed to null for utility classes.
121 */
122 private String _name = null;
123
124 private LinkedList _acl = new LinkedList();
125 private boolean _defaultMode;
126
127 //---STATIC ATTRIBUTES---
128
129 //---INNER CLASSES---
130
131 private class ACLItem {
132
133 private ACLItem(boolean allow, String expression) {
134 _allow = allow;
135 _expression = expression;
136 }
137
138 private boolean _allow;
139 private String _expression;
140
141 }
142
143 }