| java.lang.Object org.xins.server.AccessRuleList
AccessRuleList | final public class AccessRuleList implements AccessRuleContainer(Code) | | Access rule list.
Descriptor format
An access rule list descriptor, a character string, can be
converted to produce an
AccessRuleList object. A valid descriptor
consists of a list of access rule descriptors (see class
AccessRule ) and/or access rule file descriptors (see class
AccessRuleFile ), separated by semi-colon characters (';' ).
Optionally, the rules can have any amount of whitespace (space-, tab-,
newline- and carriage return-characters), before and after them. The last
descriptor cannot end with a semi-colon.
Descriptor examples
An example of an access rule list descriptor is:
allow 194.134.168.213/32 *;
deny 194.134.168.213/24 _*;
allow 194.134.168.213/24 *;
file /var/conf/file1.acl;
deny 0.0.0.0/0 *
The above access control list grants the IP address 194.134.168.213
access to all functions. Then in the second rule it denies
access to all IP addresses in the range 194.134.168.0 to 194.134.168.255 to
all functions that start with an underscore ('_' ). Then it
allows access for those IP addresses to all other functions, then it
applies the rules in the /var/conf/file1.acl file and finally
all other IP addresses are denied access to any of the functions.
version: $Revision: 1.51 $ $Date: 2007/09/11 13:24:21 $ author: Ernst de Haan since: XINS 1.0.0 |
Method Summary | |
public void | dispose() Disposes this access rule. | public int | getRuleCount() Counts the number of rules in this list. | public Boolean | isAllowed(String ip, String functionName, String conventionName) Determines if the specified IP address is allowed to access the
specified function, returning a Boolean object or
null .
This method finds the first matching rule and then returns the
allow property of that rule (see
AccessRule.isAllowRule ). | final public static AccessRuleList | parseAccessRuleList(String descriptor, int interval) Parses the specified character string to construct a new
AccessRuleList object, with the specified watch interval
for referenced files. | public String | toString() Returns a character string representation of this object. |
dispose | public void dispose()(Code) | | Disposes this access rule. All claimed resources are freed as much as
possible.
Once disposed, the
AccessRuleList.isAllowed method should no longer be
called.
|
getRuleCount | public int getRuleCount()(Code) | | Counts the number of rules in this list.
the number of rules, always >= 0. |
isAllowed | public Boolean isAllowed(String ip, String functionName, String conventionName) throws IllegalStateException, IllegalArgumentException, ParseException(Code) | | Determines if the specified IP address is allowed to access the
specified function, returning a Boolean object or
null .
This method finds the first matching rule and then returns the
allow property of that rule (see
AccessRule.isAllowRule ). If there is no matching rule, then
null is returned.
Parameters: ip - the IP address, cannot be null . Parameters: functionName - the name of the function, cannot be null . Parameters: conventionName - the name of the calling convention to match, can be null .Boolean.TRUE if the specified IP address is allowed to accessthe specified function, Boolean.FALSE if it is disallowedaccess or null if no match is found. throws: IllegalStateException - if this object is disposed (since XINS 1.3.0). throws: IllegalArgumentException - if ip == null || functionName == null . throws: ParseException - if the specified IP address is malformed. since: XINS 2.1. |
parseAccessRuleList | final public static AccessRuleList parseAccessRuleList(String descriptor, int interval) throws IllegalArgumentException, ParseException(Code) | | Parses the specified character string to construct a new
AccessRuleList object, with the specified watch interval
for referenced files.
If the specified interval is 0 , then no watching will be
performed.
Parameters: descriptor - the access rule list descriptor, the character string to parse,cannot be null . Parameters: interval - the interval used to check the ACL files for modification, inseconds, must be >= 0.an AccessRuleList instance, never null . throws: IllegalArgumentException - if descriptor == null || interval < 0 . throws: ParseException - if there was a parsing error. since: XINS 1.1.0 |
toString | public String toString()(Code) | | Returns a character string representation of this object. The returned
string is in the form:
type a.b.c.d/m pattern;type a.b.c.d/m pattern
where type is either "allow" or
"deny" , a.b.c.d is the base IP address, m
is the mask, and pattern is the function name simple pattern.
a character string representation of this access rule, nevernull . |
|
|