1 |
//---PACKAGE DECLARATION--- |
2 |
package uk.org.iscream.cms.server.filter.plugins; |
3 |
|
4 |
//---IMPORTS--- |
5 |
import uk.org.iscream.cms.server.filter.PluginFilter; |
6 |
import uk.org.iscream.cms.server.filter.*; |
7 |
import uk.org.iscream.cms.server.core.*; |
8 |
import uk.org.iscream.cms.server.util.*; |
9 |
import uk.org.iscream.cms.server.componentmanager.*; |
10 |
|
11 |
/** |
12 |
* This plugin is designed to check the source of incoming |
13 |
* packets, and ensure the source machine is permitted to |
14 |
* send packets through the system. |
15 |
* |
16 |
* @author $Author$ |
17 |
* @version $Id$ |
18 |
*/ |
19 |
public class SourceChecker__Plugin implements PluginFilter { |
20 |
|
21 |
//---FINAL ATTRIBUTES--- |
22 |
|
23 |
/** |
24 |
* The current CVS revision of this class |
25 |
*/ |
26 |
public final String REVISION = "$Revision: 1.1 $"; |
27 |
|
28 |
public final String DESC = "Checks the machine_name attribute in the packet attributes. This must machine must be permitted by the ACL to allow the packet through."; |
29 |
|
30 |
//---STATIC METHODS--- |
31 |
|
32 |
//---CONSTRUCTORS--- |
33 |
|
34 |
public SourceChecker__Plugin() { |
35 |
// get our ACL from the configuration |
36 |
try { |
37 |
String stringACL = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.SourceCheckerPluginACL"); |
38 |
_acl = new ACL(stringACL); |
39 |
} |
40 |
catch(PropertyNotFoundException e) { |
41 |
_logger.write(toString(), Logger.WARNING, "No ACL found for SourceChecker__Plugin: " + e); |
42 |
} |
43 |
} |
44 |
|
45 |
//---PUBLIC METHODS--- |
46 |
|
47 |
// apply the filter and return true if successful. |
48 |
public boolean runFilter(XMLPacket packet){ |
49 |
|
50 |
// only want to check data or heartbeat packets |
51 |
// any others will probably get filtered out further up the filter chain |
52 |
if(_acl != null && |
53 |
(packet.getParam("packet.attributes.type").equals("data") || |
54 |
packet.getParam("packet.attributes.type").equals("heartbeat"))) { |
55 |
// check the machine name against the ACL |
56 |
// we could check the IP too... but it's a lot of work for _every_ packet... maybe... |
57 |
return _acl.check(packet.getParam("packet.attributes.machine_name")); |
58 |
} |
59 |
|
60 |
// a good catchall, I guess |
61 |
// either it's not a data or heartbeat packet, in which case it should go through |
62 |
// or we don't have an ACL set |
63 |
return true; |
64 |
} |
65 |
|
66 |
/** |
67 |
* Overrides the {@link java.lang.Object#toString() Object.toString()} |
68 |
* method to provide clean logging (every class should have this). |
69 |
* |
70 |
* This uses the uk.org.iscream.cms.server.util.NameFormat class |
71 |
* to format the toString() |
72 |
* |
73 |
* @return the name of this class and its CVS revision |
74 |
*/ |
75 |
public String toString() { |
76 |
return FormatName.getName( |
77 |
_name, |
78 |
getClass().getName(), |
79 |
REVISION); |
80 |
} |
81 |
|
82 |
/** |
83 |
* return the String representation of what the filter does |
84 |
*/ |
85 |
public String getDescription(){ |
86 |
return DESC; |
87 |
} |
88 |
|
89 |
//---PRIVATE METHODS--- |
90 |
|
91 |
//---ACCESSOR/MUTATOR METHODS--- |
92 |
|
93 |
//---ATTRIBUTES--- |
94 |
|
95 |
/** |
96 |
* This is the friendly identifier of the |
97 |
* component this class is running in. |
98 |
* eg, a Filter may be called "filter1", |
99 |
* If this class does not have an owning |
100 |
* component, a name from the configuration |
101 |
* can be placed here. This name could also |
102 |
* be changed to null for utility classes. |
103 |
*/ |
104 |
private String _name = FilterMain.NAME; |
105 |
|
106 |
/** |
107 |
* This holds a reference to the |
108 |
* system logger that is being used. |
109 |
*/ |
110 |
private Logger _logger = ReferenceManager.getInstance().getLogger(); |
111 |
|
112 |
/** |
113 |
* This holds the ACL for the plugin. |
114 |
*/ |
115 |
private ACL _acl; |
116 |
|
117 |
//---STATIC ATTRIBUTES--- |
118 |
|
119 |
} |