Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.hsqldb.server
Class ServerAcl

java.lang.Object
  extended by org.hsqldb.server.ServerAcl

public final class ServerAcl
extends Object

A list of ACL permit and deny entries with a permitAccess method which tells whether candidate addresses are permitted or denied by this ACL list.

The ACL file is reloaded whenever a modification to it is detected. If you copy in a file with an older file date, you will need to touch it.

The public runtime method is permitAccess(). The public setup method is the constructor.

Each non-comment line in the ACL file must be a rule of the format: 


     {allow|deny} [/significant-bits]
For example 

     allow ahostname
     deny ahost.domain.com
     allow 127.0.0.1
     allow 2001:db8::/32

In order to detect bit specification mistakes, we require that non-significant bits be zero in the values. An undesirable consequence of this is, you can't use a specification like the following to mean "all of the hosts on the same network as x.admc.com": 


     allow x.admc.com/24

See Also:
ServerAcl(File), permitAccess(java.lang.String)

Nested Class Summary
static class ServerAcl.AclFormatException
           
 
Constructor Summary
ServerAcl(File aclFile)
           
 
Method Summary
static String colonNotation(byte[] uba)
           
static String dottedNotation(byte[] uba)
           
static void main(String[] sa)
          Utility method that allows interactive testing of individal ACL records, as well as the net effect of the ACL record list.
 boolean permitAccess(byte[] addr)
           
 boolean permitAccess(String s)
          Uses system network libraries to resolve the given String to an IP addr, then determine whether this address is permitted or denied.
 void setPrintWriter(PrintWriter pw)
           
 String toString()
           
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

ServerAcl

public ServerAcl(File aclFile)
          throws IOException,
                 ServerAcl.AclFormatException
Throws:
IOException
ServerAcl.AclFormatException
Method Detail

dottedNotation

public static String dottedNotation(byte[] uba)
Parameters:
uba - Unsigned byte array

colonNotation

public static String colonNotation(byte[] uba)
Parameters:
uba - Unsigned byte array

setPrintWriter

public void setPrintWriter(PrintWriter pw)

toString

public String toString()
Overrides:
toString in class Object

permitAccess

public boolean permitAccess(String s)
Uses system network libraries to resolve the given String to an IP addr, then determine whether this address is permitted or denied. Specified name may be a numerical-based String like "1.2.3.4", a constant known to the networking libraries, or a host name to be resolved by the systems name resolution system. If the given String can't be resolved to an IP addr, false is returned.

See Also:
permitAccess(byte[])

permitAccess

public boolean permitAccess(byte[] addr)
Returns:
true if access for the candidate address should be permitted, false if access should be denied.
Throws:
RuntimeException - if no rule covers the candidate address. This would be the case if this class is applied to some network protocol other than ipv4 or ipv6, without adding a default rule for it.

main

public static void main(String[] sa)
                 throws ServerAcl.AclFormatException,
                        IOException
Utility method that allows interactive testing of individal ACL records, as well as the net effect of the ACL record list. Run "java -cp path/to/hsqldb.jar org.hsqldb.server.ServerAcl --help" for Syntax help.

Throws:
ServerAcl.AclFormatException
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2001 - 2010 HSQL Development Group.