00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025 package org.objectweb.cjdbc.controller.core.security;
00026
00027 import java.net.Socket;
00028 import java.util.ArrayList;
00029
00030 import org.apache.regexp.RE;
00031 import org.objectweb.cjdbc.common.net.SSLConfiguration;
00032 import org.objectweb.cjdbc.common.xml.ControllerXmlTags;
00033 import org.objectweb.cjdbc.common.xml.XmlComponent;
00034
00035
00036
00037
00038
00039
00040
00041 public class ControllerSecurityManager implements XmlComponent
00042 {
00043 private boolean allowAdditionalDriver = true;
00044 private boolean allowConsoleShutdown = true;
00045 private boolean allowLocalConsoleOnly = true;
00046 private boolean allowClientShutdown = true;
00047 private boolean allowLocalClientOnly = true;
00048 private boolean defaultConnect = true;
00049 private ArrayList accept;
00050 private ArrayList saccept;
00051 private ArrayList block;
00052 private ArrayList sblock;
00053 private SSLConfiguration sslConfig;
00054
00055
00056
00057
00058 public ControllerSecurityManager()
00059 {
00060 block = new ArrayList();
00061 accept = new ArrayList();
00062 saccept = new ArrayList();
00063 sblock = new ArrayList();
00064 }
00065
00066
00067
00068
00069
00070
00071
00072 public boolean allowConnection(Socket clientSocket)
00073 {
00074 if (checkList(accept, clientSocket))
00075 return true;
00076 if (checkList(block, clientSocket))
00077 return false;
00078 return defaultConnect;
00079 }
00080
00081
00082
00083
00084
00085
00086
00087 public void addToSecureList(RE range, boolean baccept)
00088 {
00089 if (baccept)
00090 accept.add(range);
00091 else
00092 block.add(range);
00093 }
00094
00095
00096
00097
00098
00099
00100
00101
00102
00103 public void addToSecureList(String range, boolean baccept) throws Exception
00104 {
00105 RE re = new RE(range);
00106 addToSecureList(re, baccept);
00107 if (baccept)
00108 saccept.add(range);
00109 else
00110 sblock.add(range);
00111 }
00112
00113
00114
00115
00116
00117
00118
00119 public void addHostToSecureList(String host, boolean baccept)
00120 {
00121 if (baccept)
00122 accept.add(host);
00123 else
00124 block.add(host);
00125 }
00126
00127 private static boolean checkList(ArrayList list, Socket clientSocket)
00128 {
00129 String hostAddress = clientSocket.getInetAddress().getHostAddress();
00130 String hostName = clientSocket.getInetAddress().getHostName();
00131 String ipaddress = clientSocket.getInetAddress().toString();
00132 Object o;
00133 RE re;
00134 String s;
00135 for (int i = 0; i < list.size(); i++)
00136 {
00137 o = list.get(i);
00138 if (o instanceof RE)
00139 {
00140 re = (RE) o;
00141 if (re.match(ipaddress))
00142 return true;
00143 }
00144 if (o instanceof String)
00145 {
00146 s = (String) o;
00147 if (s.equalsIgnoreCase(hostAddress) || s.equalsIgnoreCase(hostName))
00148 return true;
00149 }
00150 }
00151 return false;
00152 }
00153
00154
00155
00156
00157 public boolean getAllowAdditionalDriver()
00158 {
00159 return allowAdditionalDriver;
00160 }
00161
00162
00163
00164
00165 public void setAllowAdditionalDriver(boolean allowAdditionalDriver)
00166 {
00167 this.allowAdditionalDriver = allowAdditionalDriver;
00168 }
00169
00170
00171
00172
00173 public boolean getAllowClientShutdown()
00174 {
00175 return allowClientShutdown;
00176 }
00177
00178
00179
00180
00181 public void setAllowClientShutdown(boolean allowClientShutdown)
00182 {
00183 this.allowClientShutdown = allowClientShutdown;
00184 }
00185
00186
00187
00188
00189 public boolean getAllowConsoleShutdown()
00190 {
00191 return allowConsoleShutdown;
00192 }
00193
00194
00195
00196
00197 public void setAllowConsoleShutdown(boolean allowConsoleShutdown)
00198 {
00199 this.allowConsoleShutdown = allowConsoleShutdown;
00200 }
00201
00202
00203
00204
00205 public boolean getAllowLocalClientOnly()
00206 {
00207 return allowLocalClientOnly;
00208 }
00209
00210
00211
00212
00213 public void setAllowLocalClientOnly(boolean allowLocalClientOnly)
00214 {
00215 this.allowLocalClientOnly = allowLocalClientOnly;
00216 }
00217
00218
00219
00220
00221 public boolean getAllowLocalConsoleOnly()
00222 {
00223 return allowLocalConsoleOnly;
00224 }
00225
00226
00227
00228
00229 public void setAllowLocalConsoleOnly(boolean allowLocalConsoleOnly)
00230 {
00231 this.allowLocalConsoleOnly = allowLocalConsoleOnly;
00232 }
00233
00234
00235
00236
00237 public boolean getDefaultConnect()
00238 {
00239 return defaultConnect;
00240 }
00241
00242
00243
00244
00245 public void setDefaultConnect(boolean defaultConnect)
00246 {
00247 this.defaultConnect = defaultConnect;
00248 }
00249
00250
00251
00252
00253 public ArrayList getSaccept()
00254 {
00255 return saccept;
00256 }
00257
00258
00259
00260
00261 public ArrayList getSblock()
00262 {
00263 return sblock;
00264 }
00265
00266
00267
00268
00269 public ArrayList getAccept()
00270 {
00271 return accept;
00272 }
00273
00274
00275
00276
00277 public ArrayList getBlock()
00278 {
00279 return block;
00280 }
00281
00282
00283
00284
00285 public void setBlock(ArrayList block)
00286 {
00287 this.block = block;
00288 }
00289
00290
00291
00292
00293 public String getXml()
00294 {
00295 StringBuffer sb = new StringBuffer();
00296 sb.append("<" + ControllerXmlTags.ELT_SECURITY + " "
00297 + ControllerXmlTags.ATT_DEFAULT_CONNECT + "=\""
00298 + this.getDefaultConnect() + "\">");
00299
00300 sb.append("<" + ControllerXmlTags.ELT_JAR + " "
00301 + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowAdditionalDriver()
00302 + "\"/>");
00303
00304 sb.append("<" + ControllerXmlTags.ELT_SHUTDOWN + ">");
00305 sb.append("<" + ControllerXmlTags.ELT_CLIENT + " "
00306 + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowClientShutdown()
00307 + "\" " + ControllerXmlTags.ATT_ONLY_LOCALHOST + "=\""
00308 + this.getAllowLocalClientOnly() + "\" " + "/>");
00309 sb.append("<" + ControllerXmlTags.ELT_CONSOLE + " "
00310 + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowConsoleShutdown()
00311 + "\" " + ControllerXmlTags.ATT_ONLY_LOCALHOST + "=\""
00312 + this.getAllowLocalConsoleOnly() + "\" " + "/>");
00313 sb.append("</" + ControllerXmlTags.ELT_SHUTDOWN + ">");
00314
00315 sb.append("<" + ControllerXmlTags.ELT_ACCEPT + ">");
00316 ArrayList list = this.getSaccept();
00317 String tmp;
00318 for (int i = 0; i < list.size(); i++)
00319 {
00320 sb.append("<" + ControllerXmlTags.ELT_IPRANGE + " "
00321 + ControllerXmlTags.ATT_VALUE + "=\"" + list.get(i) + "\"/>");
00322 }
00323 list = this.getAccept();
00324 for (int i = 0; i < list.size(); i++)
00325 {
00326 if (list.get(i) instanceof RE)
00327 continue;
00328 tmp = (String) list.get(i);
00329 if (tmp.indexOf(".") == -1)
00330 sb.append("<" + ControllerXmlTags.ELT_HOSTNAME + " "
00331 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
00332 else
00333 sb.append("<" + ControllerXmlTags.ELT_IPADDRESS + " "
00334 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
00335 }
00336 sb.append("</" + ControllerXmlTags.ELT_ACCEPT + ">");
00337
00338 sb.append("<" + ControllerXmlTags.ELT_BLOCK + ">");
00339 list = this.getSblock();
00340 for (int i = 0; i < list.size(); i++)
00341 {
00342 sb.append("<" + ControllerXmlTags.ELT_IPRANGE + " "
00343 + ControllerXmlTags.ATT_VALUE + "=\"" + list.get(i) + "\"/>");
00344 }
00345 list = this.getBlock();
00346 for (int i = 0; i < list.size(); i++)
00347 {
00348 if (list.get(i) instanceof RE)
00349 continue;
00350 tmp = (String) list.get(i);
00351 if (tmp.indexOf(".") == -1)
00352 sb.append("<" + ControllerXmlTags.ELT_HOSTNAME + " "
00353 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
00354 else
00355 sb.append("<" + ControllerXmlTags.ELT_IPADDRESS + " "
00356 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>");
00357 }
00358 sb.append("</" + ControllerXmlTags.ELT_BLOCK + ">");
00359
00360 sb.append("</" + ControllerXmlTags.ELT_SECURITY + ">");
00361 return sb.toString();
00362 }
00363
00364
00365
00366
00367
00368
00369 public boolean isSSLEnabled()
00370 {
00371 return sslConfig != null;
00372 }
00373
00374
00375
00376
00377
00378
00379 public SSLConfiguration getSslConfig()
00380 {
00381 return sslConfig;
00382 }
00383
00384
00385
00386
00387
00388
00389 public void setSslConfig(SSLConfiguration sslConfig)
00390 {
00391 this.sslConfig = sslConfig;
00392 }
00393 }