ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/projects/cms/source/server/uk/org/iscream/cms/server/filter/plugins/KeyChecker__Plugin.java
Revision: 1.5
Committed: Mon Feb 24 20:18:49 2003 UTC (21 years, 3 months ago) by tdb
Branch: MAIN
CVS Tags: HEAD
Changes since 1.4: +2 -2 lines
State: FILE REMOVED
Log Message: 
Fairly major commit. This will break the current version of ihost, but this
had to be done really to give Pete something to test the new ihost against.

The main change here is removal of the TCP Heartbeat functionality from the
filter. This meant the following features stopped working :-
  - Heartbeat testing
  - Configuration checking
  - Service checks

The heartbeat testing, specifically the monitor, now looks at the presence
of UDP packets instead. Before it just looked for the presence of a TCP
heartbeat packet, so the change their is fairly negligible. Of course this
means heartbeat testing now relies on the UDP working... but I don't see
this as a problem.

Configuration checking has been repositioned in to the filtermanager. This
is a backwards compatible change - the filtermanager should still perform
as it should for older hosts. But now there's an extra command to check the
configuration is up-to-date, with a similar format to the old TCP protocol
in the filter. (although we may optimise this soon)

The service checks are broken. This isn't a major issue for us as they were
pretty useless in the first place. The concept is good, but the checks are
just far too primitive. I expect at some point I'll work on a seperate
component that just monitors services, which will replace this function.

Further changes in the server include removal of the key checking code,
as this relied on a bolt on to the TCP heartbeat protocol to ship the
key. This got more akward than originally planned, so I'm happy to drop the
idea. In the long term we hope to replace this with a public key systems
for signing and even encryption.

Finally, general tidy up to remove other bits of code that check for
TCP heartbeat packets when they don't need to any more.

File Contents

# User Rev Content
1 tdb 1.2 /*
2     * i-scream central monitoring system
3 tdb 1.3 * http://www.i-scream.org.uk
4 tdb 1.2 * Copyright (C) 2000-2002 i-scream
5     *
6     * This program is free software; you can redistribute it and/or
7     * modify it under the terms of the GNU General Public License
8     * as published by the Free Software Foundation; either version 2
9     * of the License, or (at your option) any later version.
10     *
11     * This program is distributed in the hope that it will be useful,
12     * but WITHOUT ANY WARRANTY; without even the implied warranty of
13     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14     * GNU General Public License for more details.
15     *
16     * You should have received a copy of the GNU General Public License
17     * along with this program; if not, write to the Free Software
18     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19     */
20    
21 tdb 1.1 //---PACKAGE DECLARATION---
22     package uk.org.iscream.cms.server.filter.plugins;
23    
24     //---IMPORTS---
25     import uk.org.iscream.cms.server.filter.PluginFilter;
26     import uk.org.iscream.cms.server.filter.*;
27     import uk.org.iscream.cms.server.core.*;
28 tdb 1.4 import uk.org.iscream.cms.util.*;
29 tdb 1.1 import uk.org.iscream.cms.server.componentmanager.*;
30    
31     /**
32     * This plugin is designed to check if the key in the
33     * UDP packet is currently valid.
34     *
35 tdb 1.2 * @author $Author: tdb $
36 tdb 1.5 * @version $Id: KeyChecker__Plugin.java,v 1.4 2003/02/05 16:43:47 tdb Exp $
37 tdb 1.1 */
38     public class KeyChecker__Plugin implements PluginFilter {
39    
40     //---FINAL ATTRIBUTES---
41    
42     /**
43     * The current CVS revision of this class
44     */
45 tdb 1.5 public final String REVISION = "$Revision: 1.4 $";
46 tdb 1.1
47     public final String DESC = "Checks the key attribute in the packet attributes. This key must be valid and current for the packet to be allowed through.";
48    
49     //---STATIC METHODS---
50    
51     //---CONSTRUCTORS---
52    
53     //---PUBLIC METHODS---
54    
55     // apply the filter and return true if successful.
56     public boolean runFilter(XMLPacket packet){
57    
58     // only want to check data packets
59     // any others will probably get filtered out further up the filter chain
60     if(packet.getParam("packet.attributes.type").equals("data")) {
61     String key = packet.getParam("packet.attributes.key");
62     // check to make sure the packet has a key
63     if(key != null) {
64     return KeyManager.getInstance().checkKey(packet.getParam("packet.attributes.machine_name"), key);
65     }
66     else {
67     // if the packet doesn't have a key we'll see
68     // whether or not we should allow it anyway...
69     // default to enforcing host auth
70     boolean enforceHostAuth = true;
71     try {
72     // try to get see what's in the config
73     String enforce = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.EnforceHostAuth");
74     enforceHostAuth = (Integer.parseInt(enforce) == 1);
75     }
76     catch(PropertyNotFoundException e) {
77     // if it's not set, not enforced
78     _logger.write(toString(), Logger.WARNING, "EnforceHostAuth property not found: " + e);
79     enforceHostAuth = false;
80     }
81     catch(NumberFormatException e) {
82     // if it's not a number, not enforced
83     _logger.write(toString(), Logger.WARNING, "EnforceHostAuth property malformed: " + e);
84     enforceHostAuth = false;
85     }
86     // if enforceHostAuth is true we want to fail the packet
87     // and vice-versa
88     return !enforceHostAuth;
89     }
90     }
91    
92     // a good catchall, I guess
93     //it's not a data in which case it should go through
94     return true;
95     }
96    
97     /**
98     * Overrides the {@link java.lang.Object#toString() Object.toString()}
99     * method to provide clean logging (every class should have this).
100     *
101 tdb 1.4 * This uses the uk.org.iscream.cms.util.NameFormat class
102 tdb 1.1 * to format the toString()
103     *
104     * @return the name of this class and its CVS revision
105     */
106     public String toString() {
107     return FormatName.getName(
108     _name,
109     getClass().getName(),
110     REVISION);
111     }
112    
113     /**
114     * return the String representation of what the filter does
115     */
116     public String getDescription(){
117     return DESC;
118     }
119    
120     //---PRIVATE METHODS---
121    
122     //---ACCESSOR/MUTATOR METHODS---
123    
124     //---ATTRIBUTES---
125    
126     /**
127     * This is the friendly identifier of the
128     * component this class is running in.
129     * eg, a Filter may be called "filter1",
130     * If this class does not have an owning
131     * component, a name from the configuration
132     * can be placed here. This name could also
133     * be changed to null for utility classes.
134     */
135     private String _name = FilterMain.NAME;
136    
137     /**
138     * This holds a reference to the
139     * system logger that is being used.
140     */
141     private Logger _logger = ReferenceManager.getInstance().getLogger();
142    
143     //---STATIC ATTRIBUTES---
144    
145     }