AccessRuleList (XINS 1.5.2)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.xins.server
Class AccessRuleList

java.lang.Object
  org.xins.server.AccessRuleList

All Implemented Interfaces:: AccessRuleContainer

public final class AccessRuleList
extends Object
implements AccessRuleContainer

Access rule list.

Descriptor format

An access rule list descriptor, a character string, can be converted to produce an AccessRuleList object. A valid descriptor consists of a list of access rule descriptors (see class AccessRule) and/or access rule file descriptors (see class AccessRuleFile), separated by semi-colon characters (';'). Optionally, the rules can have any amount of whitespace (space-, tab-, newline- and carriage return-characters), before and after them. The last descriptor cannot end with a semi-colon.

Descriptor examples

An example of an access rule list descriptor is:

allow 194.134.168.213/32 *; deny 194.134.168.213/24 _*; allow 194.134.168.213/24 *; file /var/conf/file1.acl; deny 0.0.0.0/0 *

The above access control list grants the IP address 194.134.168.213 access to all functions. Then in the second rule it denies access to all IP addresses in the range 194.134.168.0 to 194.134.168.255 to all functions that start with an underscore ('_'). Then it allows access for those IP addresses to all other functions, then it applies the rules in the /var/conf/file1.acl file and finally all other IP addresses are denied access to any of the functions.

Since:: XINS 1.0.0
Version:: $Revision: 1.36 $ $Date: 2006/08/28 09:12:32 $
Author:: Ernst de Haan

Method Summary
`boolean`	`allow(String ip, String functionName)` Deprecated. Deprecated since XINS 1.3.0. Use `isAllowed(String,String)` instead.
`void`	`dispose()` Disposes this access rule.
`int`	`getRuleCount()` Counts the number of rules in this list.
`Boolean`	`isAllowed(String ip, String functionName)` Determines if the specified IP address is allowed to access the specified function, returning a `Boolean` object or `null`.
`static AccessRuleList`	`parseAccessRuleList(String descriptor)` Deprecated. Deprecated since XINS 1.3.0. Use `parseAccessRuleList(String,int)` instead.
`static AccessRuleList`	`parseAccessRuleList(String descriptor, int interval)` Parses the specified character string to construct a new `AccessRuleList` object, with the specified watch interval for referenced files.
`String`	`toString()` Returns a character string representation of this object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Detail

parseAccessRuleList

public static final AccessRuleList parseAccessRuleList(String descriptor)
                                                throws IllegalArgumentException,
                                                       ParseException

Deprecated. Deprecated since XINS 1.3.0. Use parseAccessRuleList(String,int) instead.

Parses the specified character string to construct a new AccessRuleList object, using the default watch interval for referenced files.

Parameters:: descriptor - the access rule list descriptor, the character string to parse, cannot be null.
Returns:: an AccessRuleList instance, never null.
Throws:: IllegalArgumentException - if descriptor == null.; ParseException - if there was a parsing error.

parseAccessRuleList

public static final AccessRuleList parseAccessRuleList(String descriptor,
                                                       int interval)
                                                throws IllegalArgumentException,
                                                       ParseException

Parses the specified character string to construct a new AccessRuleList object, with the specified watch interval for referenced files.

If the specified interval is 0, then no watching will be performed.

Parameters:: descriptor - the access rule list descriptor, the character string to parse, cannot be null.; interval - the interval used to check the ACL files for modification, in seconds, must be >= 0.
Returns:: an AccessRuleList instance, never null.
Throws:: IllegalArgumentException - if descriptor == null || interval < 0.; ParseException - if there was a parsing error.
Since:: XINS 1.1.0

getRuleCount

public int getRuleCount()

Counts the number of rules in this list.

Returns:: the number of rules, always >= 0.

allow

public boolean allow(String ip,
                     String functionName)
              throws IllegalArgumentException,
                     ParseException

Deprecated. Deprecated since XINS 1.3.0. Use isAllowed(String,String) instead.

Determines if the specified IP address is allowed to access the specified function, returning a boolean value.

This method finds the first matching rule and then returns the allow property of that rule (see AccessRule.isAllowRule()). If there is no matching rule, then false is returned.

Parameters:: ip - the IP address, cannot be null.; functionName - the name of the function, cannot be null.
Returns:: true if the request is allowed, false if the request is denied.
Throws:: IllegalArgumentException - if ip == null || functionName == null.; ParseException - if the specified IP address is malformed.

isAllowed

public Boolean isAllowed(String ip,
                         String functionName)
                  throws IllegalArgumentException,
                         ParseException

Determines if the specified IP address is allowed to access the specified function, returning a Boolean object or null.

This method finds the first matching rule and then returns the allow property of that rule (see AccessRule.isAllowRule()). If there is no matching rule, then null is returned.

Specified by:: isAllowed in interface AccessRuleContainer

Parameters:: ip - the IP address, cannot be null.; functionName - the name of the function, cannot be null.
Returns:: Boolean.TRUE if the specified IP address is allowed to access the specified function, Boolean.FALSE if it is disallowed access or null if no match is found.
Throws:: IllegalStateException - if this object is disposed (since XINS 1.3.0).; IllegalArgumentException - if ip == null || functionName == null.; ParseException - if the specified IP address is malformed.

dispose

public void dispose()

Disposes this access rule. All claimed resources are freed as much as possible.

Once disposed, the isAllowed(java.lang.String, java.lang.String) method should no longer be called.

Specified by:: dispose in interface AccessRuleContainer

toString

public String toString()

Returns a character string representation of this object. The returned string is in the form:

type a.b.c.d/m pattern;type a.b.c.d/m pattern

where type is either "allow" or "deny", a.b.c.d is the base IP address, m is the mask, and pattern is the function name simple pattern.

Returns:: a character string representation of this access rule, never null.

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

See http://www.xins.org/.

org.xins.server Class AccessRuleList

Descriptor format

Descriptor examples

parseAccessRuleList

parseAccessRuleList

getRuleCount

allow

isAllowed

dispose

toString

org.xins.server
Class AccessRuleList