CJDBCversion1.0.4: src/org/objectweb/cjdbc/controller/core/security/ControllerSecurityManager.java ソースファイル

00001 00025 package org.objectweb.cjdbc.controller.core.security; 00026 00027 import java.net.Socket; 00028 import java.util.ArrayList; 00029 00030 import org.apache.regexp.RE; 00031 import org.objectweb.cjdbc.common.net.SSLConfiguration; 00032 import org.objectweb.cjdbc.common.xml.ControllerXmlTags; 00033 import org.objectweb.cjdbc.common.xml.XmlComponent; 00034 00041 public class ControllerSecurityManager implements XmlComponent 00042 { 00043 private boolean allowAdditionalDriver = true; 00044 private boolean allowConsoleShutdown = true; 00045 private boolean allowLocalConsoleOnly = true; 00046 private boolean allowClientShutdown = true; 00047 private boolean allowLocalClientOnly = true; 00048 private boolean defaultConnect = true; 00049 private ArrayList accept; 00050 private ArrayList saccept; 00051 private ArrayList block; 00052 private ArrayList sblock; 00053 private SSLConfiguration sslConfig; 00054 00058 public ControllerSecurityManager() 00059 { 00060 block = new ArrayList(); 00061 accept = new ArrayList(); 00062 saccept = new ArrayList(); 00063 sblock = new ArrayList(); 00064 } 00065 00072 public boolean allowConnection(Socket clientSocket) 00073 { 00074 if (checkList(accept, clientSocket)) 00075 return true; 00076 if (checkList(block, clientSocket)) 00077 return false; 00078 return defaultConnect; 00079 } 00080 00087 public void addToSecureList(RE range, boolean baccept) 00088 { 00089 if (baccept) 00090 accept.add(range); 00091 else 00092 block.add(range); 00093 } 00094 00103 public void addToSecureList(String range, boolean baccept) throws Exception 00104 { 00105 RE re = new RE(range); 00106 addToSecureList(re, baccept); 00107 if (baccept) 00108 saccept.add(range); 00109 else 00110 sblock.add(range); 00111 } 00112 00119 public void addHostToSecureList(String host, boolean baccept) 00120 { 00121 if (baccept) 00122 accept.add(host); 00123 else 00124 block.add(host); 00125 } 00126 00127 private static boolean checkList(ArrayList list, Socket clientSocket) 00128 { 00129 String hostAddress = clientSocket.getInetAddress().getHostAddress(); 00130 String hostName = clientSocket.getInetAddress().getHostName(); 00131 String ipaddress = clientSocket.getInetAddress().toString(); 00132 Object o; 00133 RE re; 00134 String s; 00135 for (int i = 0; i < list.size(); i++) 00136 { 00137 o = list.get(i); 00138 if (o instanceof RE) 00139 { 00140 re = (RE) o; 00141 if (re.match(ipaddress)) 00142 return true; 00143 } 00144 if (o instanceof String) 00145 { 00146 s = (String) o; 00147 if (s.equalsIgnoreCase(hostAddress) || s.equalsIgnoreCase(hostName)) 00148 return true; 00149 } 00150 } 00151 return false; 00152 } 00153 00157 public boolean getAllowAdditionalDriver() 00158 { 00159 return allowAdditionalDriver; 00160 } 00161 00165 public void setAllowAdditionalDriver(boolean allowAdditionalDriver) 00166 { 00167 this.allowAdditionalDriver = allowAdditionalDriver; 00168 } 00169 00173 public boolean getAllowClientShutdown() 00174 { 00175 return allowClientShutdown; 00176 } 00177 00181 public void setAllowClientShutdown(boolean allowClientShutdown) 00182 { 00183 this.allowClientShutdown = allowClientShutdown; 00184 } 00185 00189 public boolean getAllowConsoleShutdown() 00190 { 00191 return allowConsoleShutdown; 00192 } 00193 00197 public void setAllowConsoleShutdown(boolean allowConsoleShutdown) 00198 { 00199 this.allowConsoleShutdown = allowConsoleShutdown; 00200 } 00201 00205 public boolean getAllowLocalClientOnly() 00206 { 00207 return allowLocalClientOnly; 00208 } 00209 00213 public void setAllowLocalClientOnly(boolean allowLocalClientOnly) 00214 { 00215 this.allowLocalClientOnly = allowLocalClientOnly; 00216 } 00217 00221 public boolean getAllowLocalConsoleOnly() 00222 { 00223 return allowLocalConsoleOnly; 00224 } 00225 00229 public void setAllowLocalConsoleOnly(boolean allowLocalConsoleOnly) 00230 { 00231 this.allowLocalConsoleOnly = allowLocalConsoleOnly; 00232 } 00233 00237 public boolean getDefaultConnect() 00238 { 00239 return defaultConnect; 00240 } 00241 00245 public void setDefaultConnect(boolean defaultConnect) 00246 { 00247 this.defaultConnect = defaultConnect; 00248 } 00249 00253 public ArrayList getSaccept() 00254 { 00255 return saccept; 00256 } 00257 00261 public ArrayList getSblock() 00262 { 00263 return sblock; 00264 } 00265 00269 public ArrayList getAccept() 00270 { 00271 return accept; 00272 } 00273 00277 public ArrayList getBlock() 00278 { 00279 return block; 00280 } 00281 00285 public void setBlock(ArrayList block) 00286 { 00287 this.block = block; 00288 } 00289 00293 public String getXml() 00294 { 00295 StringBuffer sb = new StringBuffer(); 00296 sb.append("<" + ControllerXmlTags.ELT_SECURITY + " " 00297 + ControllerXmlTags.ATT_DEFAULT_CONNECT + "=\"" 00298 + this.getDefaultConnect() + "\">"); 00299 00300 sb.append("<" + ControllerXmlTags.ELT_JAR + " " 00301 + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowAdditionalDriver() 00302 + "\"/>"); 00303 00304 sb.append("<" + ControllerXmlTags.ELT_SHUTDOWN + ">"); 00305 sb.append("<" + ControllerXmlTags.ELT_CLIENT + " " 00306 + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowClientShutdown() 00307 + "\" " + ControllerXmlTags.ATT_ONLY_LOCALHOST + "=\"" 00308 + this.getAllowLocalClientOnly() + "\" " + "/>"); 00309 sb.append("<" + ControllerXmlTags.ELT_CONSOLE + " " 00310 + ControllerXmlTags.ATT_ALLOW + "=\"" + this.getAllowConsoleShutdown() 00311 + "\" " + ControllerXmlTags.ATT_ONLY_LOCALHOST + "=\"" 00312 + this.getAllowLocalConsoleOnly() + "\" " + "/>"); 00313 sb.append("</" + ControllerXmlTags.ELT_SHUTDOWN + ">"); 00314 00315 sb.append("<" + ControllerXmlTags.ELT_ACCEPT + ">"); 00316 ArrayList list = this.getSaccept(); 00317 String tmp; 00318 for (int i = 0; i < list.size(); i++) 00319 { 00320 sb.append("<" + ControllerXmlTags.ELT_IPRANGE + " " 00321 + ControllerXmlTags.ATT_VALUE + "=\"" + list.get(i) + "\"/>"); 00322 } 00323 list = this.getAccept(); 00324 for (int i = 0; i < list.size(); i++) 00325 { 00326 if (list.get(i) instanceof RE) 00327 continue; 00328 tmp = (String) list.get(i); 00329 if (tmp.indexOf(".") == -1) 00330 sb.append("<" + ControllerXmlTags.ELT_HOSTNAME + " " 00331 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>"); 00332 else 00333 sb.append("<" + ControllerXmlTags.ELT_IPADDRESS + " " 00334 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>"); 00335 } 00336 sb.append("</" + ControllerXmlTags.ELT_ACCEPT + ">"); 00337 00338 sb.append("<" + ControllerXmlTags.ELT_BLOCK + ">"); 00339 list = this.getSblock(); 00340 for (int i = 0; i < list.size(); i++) 00341 { 00342 sb.append("<" + ControllerXmlTags.ELT_IPRANGE + " " 00343 + ControllerXmlTags.ATT_VALUE + "=\"" + list.get(i) + "\"/>"); 00344 } 00345 list = this.getBlock(); 00346 for (int i = 0; i < list.size(); i++) 00347 { 00348 if (list.get(i) instanceof RE) 00349 continue; 00350 tmp = (String) list.get(i); 00351 if (tmp.indexOf(".") == -1) 00352 sb.append("<" + ControllerXmlTags.ELT_HOSTNAME + " " 00353 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>"); 00354 else 00355 sb.append("<" + ControllerXmlTags.ELT_IPADDRESS + " " 00356 + ControllerXmlTags.ATT_VALUE + "=\"" + tmp + "\"/>"); 00357 } 00358 sb.append("</" + ControllerXmlTags.ELT_BLOCK + ">"); 00359 00360 sb.append("</" + ControllerXmlTags.ELT_SECURITY + ">"); 00361 return sb.toString(); 00362 } 00363 00369 public boolean isSSLEnabled() 00370 { 00371 return sslConfig != null; 00372 } 00373 00379 public SSLConfiguration getSslConfig() 00380 { 00381 return sslConfig; 00382 } 00383 00389 public void setSslConfig(SSLConfiguration sslConfig) 00390 { 00391 this.sslConfig = sslConfig; 00392 } 00393 }