ajanta.security.netacl
Class NetAcl

java.lang.Object
  |
  +--ajanta.security.netacl.NetAcl

public class NetAcl
extends java.lang.Object

This class provides the Access Control List for determining whether user has permission to connect to a particular IP address. The permission policy is as follows: 1. Check if the particular IP address has an entry in the NetAcl hashtable 2. If there is no entry, allow connect permission. 3. If there is an entry, check if it has permissions for the given user and return these permissions 4. If the IP address entry had no entry for the given user, disallow connect permission. The .netacl file has the following structure: userURN permission hostname port1 port2

See Also:
ajanta.security.acl

Field Summary
protected  java.security.acl.Permission accept
           
protected  java.security.acl.Permission connect
           
protected  java.security.acl.Permission listen
           
protected  java.util.Vector NegativePerms
           
protected  java.util.Hashtable netAclTable
          HashTable to maintain ACL entries
protected  java.security.Principal owner
          Owner of the acl entries
protected  ajanta.naming.URN ownerURN
          Owner URN of the acl entries
protected  java.util.Vector PositivePerms
           
protected  java.lang.String rootPath
          path to the root directory where .acl file can be obtained
 
Constructor Summary
NetAcl(java.lang.String root)
           
 
Method Summary
 void addPermission(ajanta.naming.URN userURN, java.lang.String fileName, java.lang.String perm)
           
 boolean checkAcceptPermission(java.lang.String user, java.lang.String remoteHost, int port)
           
 boolean checkConnectPermission(java.lang.String user, java.lang.String remoteHost, int port)
           
 boolean checkListenPermission(java.lang.String user, int port)
           
protected  void createAclEntry(java.lang.String line)
           
 void deletePermission(ajanta.naming.URN userURN, java.lang.String fileName, java.lang.String perm)
           
protected  void initAclTable()
          It reads .netacl file under the server directory and initializes the NetAcltable An entry in the .netacl file can be
-- urn:ans:plato.cs.umn.edu/pathak connect plato.cs.umn.edu 7000 -- i.e.: user1-URN permission hostname port1 port2
static void main(java.lang.String[] argv)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ownerURN

protected ajanta.naming.URN ownerURN
Owner URN of the acl entries


rootPath

protected java.lang.String rootPath
path to the root directory where .acl file can be obtained


owner

protected java.security.Principal owner
Owner of the acl entries


connect

protected java.security.acl.Permission connect

listen

protected java.security.acl.Permission listen

accept

protected java.security.acl.Permission accept

netAclTable

protected java.util.Hashtable netAclTable
HashTable to maintain ACL entries


PositivePerms

protected java.util.Vector PositivePerms

NegativePerms

protected java.util.Vector NegativePerms
Constructor Detail

NetAcl

public NetAcl(java.lang.String root)
Parameters:
root - path to the root directory where .acl file can be obtained
Method Detail

initAclTable

protected void initAclTable()
It reads .netacl file under the server directory and initializes the NetAcltable An entry in the .netacl file can be
-- urn:ans:plato.cs.umn.edu/pathak connect plato.cs.umn.edu 7000 -- i.e.: user1-URN permission hostname port1 port2


createAclEntry

protected void createAclEntry(java.lang.String line)

checkConnectPermission

public boolean checkConnectPermission(java.lang.String user,
                                      java.lang.String remoteHost,
                                      int port)

checkListenPermission

public boolean checkListenPermission(java.lang.String user,
                                     int port)

checkAcceptPermission

public boolean checkAcceptPermission(java.lang.String user,
                                     java.lang.String remoteHost,
                                     int port)

deletePermission

public void deletePermission(ajanta.naming.URN userURN,
                             java.lang.String fileName,
                             java.lang.String perm)

addPermission

public void addPermission(ajanta.naming.URN userURN,
                          java.lang.String fileName,
                          java.lang.String perm)

main

public static void main(java.lang.String[] argv)