org.xins.server

Class AccessRule

java.lang.Object

org.xins.server.AccessRule

All Implemented Interfaces:

AccessRuleContainer

public final class AccessRule
extends Object
implements AccessRuleContainer

Access rule. This class can take a character string to produce an AccessRule object from it.

Descriptor format

A descriptor must comply to the following format:

• start with either "allow" or "deny";
• followed by any number of white space characters;
• followed by a valid IP address;
• followed by a slash character ('/');
• followed by a mask between 0 and 32 in decimal format, without leading zeroes;
• followed by any number of white space characters;
• followed by a simple pattern, see class SimplePatternParser.

Descriptor examples

Example of access rule descriptors:

"allow 194.134.168.213/32 *"

Allows 194.134.168.213 to access any function.

"deny 194.134.168.213/24 _*"

Denies all 194.134.168.x IP addresses to access any function starting with an underscore ('_').

Since:

XINS 1.0.0

Version:

$Revision: 1.52 $ $Date: 2012/02/28 18:10:54 $

Author:

Ernst de Haan, Chris Gilbride, Anthony Goubard

Method Summary

Methods

Modifier and Type	Method and Description
void	dispose() Disposes this access rule.
IPFilter	getIPFilter() Returns the IP filter.
Boolean	isAllowed(String ip, String functionName, String conventionName) Determines if the specified IP address is allowed to access the specified function, returning a Boolean object or null.
boolean	isAllowRule() Returns if this rule is an allow or a deny rule.
boolean	match(String ip, String functionName, String conventionName) Determines if the specified IP address and function match this rule.
static AccessRule	parseAccessRule(String descriptor) Parses the specified character string to construct a new AccessRule object.
String	toString() Returns a character string representation of this object.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Detail

parseAccessRule

public static AccessRule parseAccessRule(String descriptor)
                                  throws IllegalArgumentException,
                                         ParseException

Parses the specified character string to construct a new AccessRule object.

Parameters:

descriptor - the access rule descriptor, the character string to parse, cannot be null.

Returns:

an AccessRule instance, never null.

Throws:

IllegalArgumentException - if descriptor == null.

ParseException - If there was a parsing error.

isAllowRule

public boolean isAllowRule()

Returns if this rule is an allow or a deny rule.

Returns:

true if this is an allow rule, or false if this is a deny rule.

getIPFilter

public IPFilter getIPFilter()

Returns the IP filter.

Returns:

the IPFilter associated with this access rule, never null.

match

public boolean match(String ip,
            String functionName,
            String conventionName)
              throws IllegalStateException,
                     IllegalArgumentException,
                     ParseException

Determines if the specified IP address and function match this rule.

Calling this function is equivalent to calling:

isAllowed(ip, functionName) != null

Parameters:

ip - the IP address to match, cannot be null.

functionName - the name of the function to match, cannot be null.

conventionName - the name of the calling convention to match, can be null.

Returns:

true if this rule matches, false otherwise.

Throws:

IllegalStateException - if this access rule is disposed (since XINS 1.3.0).

IllegalArgumentException - if ip == null || functionName == null.

ParseException - if the specified IP address cannot be parsed.

Since:

XINS 2.1.

isAllowed

public Boolean isAllowed(String ip,
                String functionName,
                String conventionName)
                  throws IllegalStateException,
                         IllegalArgumentException,
                         ParseException

Determines if the specified IP address is allowed to access the specified function, returning a Boolean object or null.

This method finds the first matching rule and then returns the allow property of that rule (see isAllowRule()). If there is no matching rule, then null is returned.

Specified by:

isAllowed in interface AccessRuleContainer

Parameters:

ip - the IP address, cannot be null.

functionName - the name of the function, cannot be null.

conventionName - the name of the calling convention, can be null.

Returns:

Boolean.TRUE if the specified IP address is allowed to access the specified function, Boolean.FALSE if it is disallowed access or null if there is no match.

Throws:

IllegalStateException - if this object is disposed (since XINS 1.3.0).

IllegalArgumentException - if ip == null || functionName == null.

ParseException - if the specified IP address is malformed.

Since:

XINS 2.1.

dispose

public void dispose()

Disposes this access rule. All claimed resources are freed as much as possible.

Once disposed, neither match(java.lang.String, java.lang.String, java.lang.String) nor isAllowed(java.lang.String, java.lang.String, java.lang.String) should be called.

Specified by:

dispose in interface AccessRuleContainer

Throws:

IllegalStateException - if this access rule is already disposed (since XINS 1.3.0).

toString

public String toString()

Returns a character string representation of this object. The returned string is in the form:

type a.b.c.d/m pattern

where type is either "allow" or "deny", a.b.c.d is the base IP address, m is the mask, and pattern is the function name simple pattern.

Overrides:

toString in class Object

Returns:

a character string representation of this access rule, never null.