filter/plugins/SourceChecker__Plugin.java

/* 
 * i-scream central monitoring system
 * Copyright (C) 2000-2002 i-scream
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 */

//---PACKAGE DECLARATION---
package uk.org.iscream.cms.server.filter.plugins;

//---IMPORTS---
import uk.org.iscream.cms.server.filter.PluginFilter;
import uk.org.iscream.cms.server.filter.*;
import uk.org.iscream.cms.server.core.*;
import uk.org.iscream.cms.server.util.*;
import uk.org.iscream.cms.server.componentmanager.*;

/**
 * This plugin is designed to check the source of incoming
 * packets, and ensure the source machine is permitted to
 * send packets through the system.
 *
 * @author  $Author: tdb $
 * @version $Id: SourceChecker__Plugin.java,v 1.2 2002/03/21 17:26:00 tdb Exp $
 */
public class SourceChecker__Plugin implements PluginFilter {

//---FINAL ATTRIBUTES---

    /**
     * The current CVS revision of this class
     */
    public final String REVISION = "$Revision: 1.2 $";
    
    public final String DESC = "Checks the machine_name attribute in the packet attributes. This must machine must be permitted by the ACL to allow the packet through.";
    
//---STATIC METHODS---

//---CONSTRUCTORS---

    public SourceChecker__Plugin() {
        // setup an empty ACL defaulting to ALLOW
        _acl = new ACL(ACL.ALLOW);
    }

//---PUBLIC METHODS---

    // apply the filter and return true if successful.
    public boolean runFilter(XMLPacket packet){
        String newStringACL;
        // get hold of the ACL in the configuration
        try {
            newStringACL = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.SourceCheckerPluginACL");
        }
        catch(PropertyNotFoundException e) {
            // if we can't find it, we'll just use a null ACL
            newStringACL = "";
            _logger.write(toString(), Logger.WARNING, "No ACL found for SourceChecker__Plugin, using empty ACL instead : " + e);
        }
        // check to see if the ACL has changed
        if(!newStringACL.equals(_stringACL)) {
            _logger.write(toString(), Logger.SYSMSG, "Reloading Access Control List");
            // clear the ACL
            _acl.clear();
            // set the default to something sane
            _acl.setDefaultMode(ACL.ALLOW);
            // add the new ACL (this may change the default)
            _acl.add(newStringACL);
            _stringACL = newStringACL;
        }
        
        // only want to check data or heartbeat packets
        // any others will probably get filtered out further up the filter chain
        if(packet.getParam("packet.attributes.type").equals("data") ||
           packet.getParam("packet.attributes.type").equals("heartbeat")) {
            // check the machine name against the ACL
            // we could check the IP too... but it's a lot of work for _every_ packet... maybe...
            return _acl.check(packet.getParam("packet.attributes.machine_name"));
        }
        
        // a good catchall, I guess
        // it's not a data or heartbeat packet, in which case it should go through
        return true;
    }

    /**
     * Overrides the {@link java.lang.Object#toString() Object.toString()}
     * method to provide clean logging (every class should have this).
     *
     * This uses the uk.org.iscream.cms.server.util.NameFormat class
     * to format the toString()
     *
     * @return the name of this class and its CVS revision
     */
    public String toString() {
        return FormatName.getName(
            _name,
            getClass().getName(),
            REVISION);
    }

    /**
     * return the String representation of what the filter does
     */
    public String getDescription(){
        return DESC;
    }

//---PRIVATE METHODS---

//---ACCESSOR/MUTATOR METHODS---

//---ATTRIBUTES---

    /**
     * This is the friendly identifier of the
     * component this class is running in.
     * eg, a Filter may be called "filter1",
     * If this class does not have an owning
     * component,  a name from the configuration
     * can be placed here.  This name could also
     * be changed to null for utility classes.
     */
    private String _name = FilterMain.NAME;

    /**
     * This holds a reference to the
     * system logger that is being used.
     */
    private Logger _logger = ReferenceManager.getInstance().getLogger();

    /**
     * This holds the ACL for the plugin.
     */
    private ACL _acl;
    
    /**
     * The current String representation of our ACL.
     */
    private String _stringACL = "";

//---STATIC ATTRIBUTES---

}
Revision:	1.3
Committed:	Sat May 18 18:16:02 2002 UTC (22 years ago) by tdb
Branch:	MAIN
Changes since 1.2:	+21 -2 lines
Log Message:	i-scream is now licensed under the GPL. I've added the GPL headers to every source file, and put a full copy of the license in the appropriate places. I think I've covered everything. This is going to be a mad commit ;)
#	User	Rev	Content
1	tdb	1.3	/*
2			* i-scream central monitoring system
3			* Copyright (C) 2000-2002 i-scream
4			*
5			* This program is free software; you can redistribute it and/or
6			* modify it under the terms of the GNU General Public License
7			* as published by the Free Software Foundation; either version 2
8			* of the License, or (at your option) any later version.
9			*
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			*
15			* You should have received a copy of the GNU General Public License
16			* along with this program; if not, write to the Free Software
17			* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
18			*/
19
20	tdb	1.1	//---PACKAGE DECLARATION---
21			package uk.org.iscream.cms.server.filter.plugins;
22
23			//---IMPORTS---
24			import uk.org.iscream.cms.server.filter.PluginFilter;
25			import uk.org.iscream.cms.server.filter.*;
26			import uk.org.iscream.cms.server.core.*;
27			import uk.org.iscream.cms.server.util.*;
28			import uk.org.iscream.cms.server.componentmanager.*;
29
30			/**
31			* This plugin is designed to check the source of incoming
32			* packets, and ensure the source machine is permitted to
33			* send packets through the system.
34			*
35	tdb	1.2	* @author $Author: tdb $
36	tdb	1.3	* @version $Id: SourceChecker__Plugin.java,v 1.2 2002/03/21 17:26:00 tdb Exp $
37	tdb	1.1	*/
38			public class SourceChecker__Plugin implements PluginFilter {
39
40			//---FINAL ATTRIBUTES---
41
42			/**
43			* The current CVS revision of this class
44			*/
45	tdb	1.3	public final String REVISION = "$Revision: 1.2 $";
46	tdb	1.1
47			public final String DESC = "Checks the machine_name attribute in the packet attributes. This must machine must be permitted by the ACL to allow the packet through.";
48
49			//---STATIC METHODS---
50
51			//---CONSTRUCTORS---
52
53			public SourceChecker__Plugin() {
54	tdb	1.2	// setup an empty ACL defaulting to ALLOW
55			_acl = new ACL(ACL.ALLOW);
56	tdb	1.1	}
57
58			//---PUBLIC METHODS---
59
60			// apply the filter and return true if successful.
61			public boolean runFilter(XMLPacket packet){
62	tdb	1.2	String newStringACL;
63			// get hold of the ACL in the configuration
64			try {
65			newStringACL = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.SourceCheckerPluginACL");
66			}
67			catch(PropertyNotFoundException e) {
68			// if we can't find it, we'll just use a null ACL
69			newStringACL = "";
70			_logger.write(toString(), Logger.WARNING, "No ACL found for SourceChecker__Plugin, using empty ACL instead : " + e);
71			}
72			// check to see if the ACL has changed
73			if(!newStringACL.equals(_stringACL)) {
74			_logger.write(toString(), Logger.SYSMSG, "Reloading Access Control List");
75			// clear the ACL
76			_acl.clear();
77			// set the default to something sane
78			_acl.setDefaultMode(ACL.ALLOW);
79			// add the new ACL (this may change the default)
80			_acl.add(newStringACL);
81			_stringACL = newStringACL;
82			}
83	tdb	1.1
84			// only want to check data or heartbeat packets
85			// any others will probably get filtered out further up the filter chain
86	tdb	1.2	if(packet.getParam("packet.attributes.type").equals("data") \|\|
87			packet.getParam("packet.attributes.type").equals("heartbeat")) {
88	tdb	1.1	// check the machine name against the ACL
89			// we could check the IP too... but it's a lot of work for _every_ packet... maybe...
90			return _acl.check(packet.getParam("packet.attributes.machine_name"));
91			}
92
93			// a good catchall, I guess
94	tdb	1.2	// it's not a data or heartbeat packet, in which case it should go through
95	tdb	1.1	return true;
96			}
97
98			/**
99			* Overrides the {@link java.lang.Object#toString() Object.toString()}
100			* method to provide clean logging (every class should have this).
101			*
102			* This uses the uk.org.iscream.cms.server.util.NameFormat class
103			* to format the toString()
104			*
105			* @return the name of this class and its CVS revision
106			*/
107			public String toString() {
108			return FormatName.getName(
109			_name,
110			getClass().getName(),
111			REVISION);
112			}
113
114			/**
115			* return the String representation of what the filter does
116			*/
117			public String getDescription(){
118			return DESC;
119			}
120
121			//---PRIVATE METHODS---
122
123			//---ACCESSOR/MUTATOR METHODS---
124
125			//---ATTRIBUTES---
126
127			/**
128			* This is the friendly identifier of the
129			* component this class is running in.
130			* eg, a Filter may be called "filter1",
131			* If this class does not have an owning
132			* component, a name from the configuration
133			* can be placed here. This name could also
134			* be changed to null for utility classes.
135			*/
136			private String _name = FilterMain.NAME;
137
138			/**
139			* This holds a reference to the
140			* system logger that is being used.
141			*/
142			private Logger _logger = ReferenceManager.getInstance().getLogger();
143
144			/**
145			* This holds the ACL for the plugin.
146			*/
147			private ACL _acl;
148	tdb	1.2
149			/**
150			* The current String representation of our ACL.
151			*/
152			private String _stringACL = "";
153	tdb	1.1
154			//---STATIC ATTRIBUTES---
155
156			}