IPAddressGatekeeper

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

edu.ucsb.adl.middleware
Class IPAddressGatekeeper

java.lang.Object
  |
  +--edu.ucsb.adl.middleware.IPAddressGatekeeper

All Implemented Interfaces:: CancelServiceGatekeeper, CollectionDriverGatekeeper, CollectionServiceGatekeeper, ConfigurationServiceGatekeeper, GenericGatekeeper, IdentifiersDriverGatekeeper, IdentifiersServiceGatekeeper, MetadataDriverGatekeeper, MetadataServiceGatekeeper, QueryDriverGatekeeper, QueryServiceGatekeeper, ReferenceServiceGatekeeper, ResultsServiceGatekeeper, StatusServiceGatekeeper, UnloadServiceGatekeeper, UnreferenceServiceGatekeeper

public final class IPAddressGatekeeper
extends java.lang.Object
implements MetadataServiceGatekeeper, MetadataDriverGatekeeper, QueryServiceGatekeeper, QueryDriverGatekeeper, ResultsServiceGatekeeper, StatusServiceGatekeeper, CancelServiceGatekeeper, ConfigurationServiceGatekeeper, CollectionServiceGatekeeper, CollectionDriverGatekeeper, GenericGatekeeper, UnloadServiceGatekeeper, ReferenceServiceGatekeeper, UnreferenceServiceGatekeeper, IdentifiersServiceGatekeeper, IdentifiersDriverGatekeeper

A simple gatekeeper that implements all gatekeeper interfaces and bases authorization on the client's IP address (only).

A request is authorized if the client's IP address matches one of a set of CIDR-like address patterns. For example, the pattern 128.111.96.0/24 matches all IP addresses whose 24 most significant bits equal the 24 most significant bits in 128.111.96.0.

Address patterns are loaded from a database at gatekeeper startup, and then reloaded whenever it is noticed that the database file has been modified. The database is a text file containing one pattern in the above notation per line. Any additional text following a pattern is ignored.

Version:

$Header: /export/home/gjanee/middleware/edu/ucsb/adl/middleware/RCS/IPAddressGatekeeper.java,v 1.10 2006/06/22 18:49:45 gjanee Exp $

$Log: IPAddressGatekeeper.java,v $ Revision 1.10 2006/06/22 18:49:45 gjanee
Added support for the identifiers service.

Revision 1.9 2004/09/21 22:37:14 gjanee
Rewrite to use class ExtendedProperties.

Revision 1.8 2003/05/09 22:32:59 gjanee
Added support for arbitrary, per-collection and per-holding metadata views. Specifically, changed the view argument data type from an enumeration to a string. Added methods viewsServiceAllowed and viewsDriverAllowed.

Revision 1.7 2002/09/28 20:33:09 gjanee
Configuration file renames. Renamed the main middleware configuration file to middleware.conf.

Revision 1.6 2001/10/06 14:51:02 gjanee
Added support for relative filenames using the middleware_configuration_file property.

Revision 1.5 2001/09/05 04:00:23 gjanee
Changed the type of the baseUrl argument of method referenceServiceAllowed from URL to String to support the rmi pseudo-protocol.

Revision 1.4 2001/09/04 18:25:31 gjanee
Added support for UnloadServiceGatekeeper, ReferenceServiceGatekeeper, and UnreferenceServiceGatekeeper.

Revision 1.3 2000/05/19 20:51:54 gjanee
Added support for GenericGatekeeper.

Revision 1.2 2000/05/02 13:08:43 gjanee
Minor bug fix. We attempt to reload the database file if its modification time cannot be retrieved.

Revision 1.1 2000/04/04 18:01:48 gjanee
Initial revision

Author:

Greg Janée
Alexandria Digital Library

Method Summary

boolean cancelServiceAllowed(javax.servlet.ServletRequest request, edu.ucsb.adl.middleware.ResultAccumulator accumulator)
          Returns true if the request is authorized.

boolean collectionDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection)
          Returns true if the request is authorized.

boolean collectionServiceAllowed(javax.servlet.ServletRequest request)
          Returns true if the request is authorized.

boolean configurationServiceAllowed(javax.servlet.ServletRequest request)
          Returns true if the request is authorized.

static edu.ucsb.adl.middleware.IPAddressGatekeeper createGatekeeper(edu.ucsb.adl.middleware.ExtendedProperties propertyList, java.lang.String filename)
          Creates an IPAddressGatekeeper.

void destroy()
          Decrements the reference count.

boolean genericAccessAllowed(javax.servlet.ServletRequest request)
          Returns true if access is allowed.

boolean identifiersDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection)
          Returns true if the request is authorized.

boolean identifiersServiceAllowed(javax.servlet.ServletRequest request)
          Returns true if the request is authorized.

static void main(java.lang.String[] args)
          Test driver.

boolean metadataDriverAllowed(javax.servlet.ServletRequest request, java.lang.String view, java.lang.String collection, java.lang.String holding)
          Returns true if the request is authorized.

boolean metadataServiceAllowed(javax.servlet.ServletRequest request, java.lang.String view)
          Returns true if the request is authorized.

boolean queryDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection, edu.ucsb.adl.middleware.Query query)
          Returns true if the request is authorized.

boolean queryServiceAllowed(javax.servlet.ServletRequest request, edu.ucsb.adl.middleware.Query query)
          Returns true if the request is authorized.

boolean referenceServiceAllowed(javax.servlet.ServletRequest request, java.lang.String baseUrl, java.lang.String collection)
          Returns true if access is allowed.

boolean resultsServiceAllowed(javax.servlet.ServletRequest request, edu.ucsb.adl.middleware.ResultSet set)
          Returns true if the request is authorized.

boolean statusServiceAllowed(javax.servlet.ServletRequest request)
          Returns true if the request is authorized.

boolean unloadServiceAllowed(javax.servlet.ServletRequest request, java.lang.String collection)
          Returns true if access is allowed.

boolean unreferenceServiceAllowed(javax.servlet.ServletRequest request, java.lang.String collection)
          Returns true if access is allowed.

boolean viewsDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection, java.lang.String holding)
          Returns true if the request is authorized.

boolean viewsServiceAllowed(javax.servlet.ServletRequest request)
          Returns true if the request is authorized.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

createGatekeeper

public static edu.ucsb.adl.middleware.IPAddressGatekeeper createGatekeeper(edu.ucsb.adl.middleware.ExtendedProperties propertyList,
                                                                           java.lang.String filename)
                                                                    throws InternalErrorException

Creates an IPAddressGatekeeper. If a gatekeeper already exists for the database, the extant gatekeeper's reference count is incremented and it is returned instead.

Parameters:: propertyList - A property list.; filename - The database filename. If the filename is not absolute, it is interpreted relative to the directory containing the main middleware configuration file.
Returns:: An IPAddressGatekeeper.
Throws:: InternalErrorException - If any error is encountered.

metadataServiceAllowed

public boolean metadataServiceAllowed(javax.servlet.ServletRequest request,
                                      java.lang.String view)
                               throws MiddlewareException

Returns true if the request is authorized.

Specified by:: metadataServiceAllowed in interface MetadataServiceGatekeeper

Parameters:: request - The full request.; view - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: MetadataService

viewsServiceAllowed

public boolean viewsServiceAllowed(javax.servlet.ServletRequest request)
                            throws MiddlewareException

Returns true if the request is authorized.

Specified by:: viewsServiceAllowed in interface MetadataServiceGatekeeper

Parameters:: request - The full request.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: MetadataService

metadataDriverAllowed

public boolean metadataDriverAllowed(javax.servlet.ServletRequest request,
                                     java.lang.String view,
                                     java.lang.String collection,
                                     java.lang.String holding)
                              throws MiddlewareException

Returns true if the request is authorized.

Specified by:: metadataDriverAllowed in interface MetadataDriverGatekeeper

Parameters:: request - The full request.; view - Unused.; collection - Unused.; holding - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: MetadataService

viewsDriverAllowed

public boolean viewsDriverAllowed(javax.servlet.ServletRequest request,
                                  java.lang.String collection,
                                  java.lang.String holding)
                           throws MiddlewareException

Returns true if the request is authorized.

Specified by:: viewsDriverAllowed in interface MetadataDriverGatekeeper

Parameters:: request - The full request.; collection - Unused.; holding - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: MetadataService

queryServiceAllowed

public boolean queryServiceAllowed(javax.servlet.ServletRequest request,
                                   edu.ucsb.adl.middleware.Query query)
                            throws MiddlewareException

Returns true if the request is authorized.

Specified by:: queryServiceAllowed in interface QueryServiceGatekeeper

Parameters:: request - The full request.; query - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: QueryService

queryDriverAllowed

public boolean queryDriverAllowed(javax.servlet.ServletRequest request,
                                  java.lang.String collection,
                                  edu.ucsb.adl.middleware.Query query)
                           throws MiddlewareException

Returns true if the request is authorized.

Specified by:: queryDriverAllowed in interface QueryDriverGatekeeper

Parameters:: request - The full request.; collection - Unused.; query - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: QueryService

resultsServiceAllowed

public boolean resultsServiceAllowed(javax.servlet.ServletRequest request,
                                     edu.ucsb.adl.middleware.ResultSet set)
                              throws MiddlewareException

Returns true if the request is authorized.

Specified by:: resultsServiceAllowed in interface ResultsServiceGatekeeper

Parameters:: request - The full request.; set - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: ResultsService

statusServiceAllowed

public boolean statusServiceAllowed(javax.servlet.ServletRequest request)
                             throws MiddlewareException

Returns true if the request is authorized.

Specified by:: statusServiceAllowed in interface StatusServiceGatekeeper

Parameters:: request - The full request.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: StatusService

cancelServiceAllowed

public boolean cancelServiceAllowed(javax.servlet.ServletRequest request,
                                    edu.ucsb.adl.middleware.ResultAccumulator accumulator)
                             throws MiddlewareException

Returns true if the request is authorized.

Specified by:: cancelServiceAllowed in interface CancelServiceGatekeeper

Parameters:: request - The full request.; accumulator - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: CancelService

configurationServiceAllowed

public boolean configurationServiceAllowed(javax.servlet.ServletRequest request)
                                    throws MiddlewareException

Returns true if the request is authorized.

Specified by:: configurationServiceAllowed in interface ConfigurationServiceGatekeeper

Parameters:: request - The full request.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: ConfigurationService

collectionServiceAllowed

public boolean collectionServiceAllowed(javax.servlet.ServletRequest request)
                                 throws MiddlewareException

Returns true if the request is authorized.

Specified by:: collectionServiceAllowed in interface CollectionServiceGatekeeper

Parameters:: request - The full request.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: CollectionService

collectionDriverAllowed

public boolean collectionDriverAllowed(javax.servlet.ServletRequest request,
                                       java.lang.String collection)
                                throws MiddlewareException

Returns true if the request is authorized.

Specified by:: collectionDriverAllowed in interface CollectionDriverGatekeeper

Parameters:: request - The full request.; collection - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: CollectionService

genericAccessAllowed

public boolean genericAccessAllowed(javax.servlet.ServletRequest request)
                             throws MiddlewareException

Returns true if access is allowed.

Specified by:: genericAccessAllowed in interface GenericGatekeeper

Parameters:: request - The full request.
Returns:: true if access is allowed.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException

unloadServiceAllowed

public boolean unloadServiceAllowed(javax.servlet.ServletRequest request,
                                    java.lang.String collection)
                             throws MiddlewareException

Returns true if access is allowed.

Specified by:: unloadServiceAllowed in interface UnloadServiceGatekeeper

Parameters:: request - The full request.; collection - Unused.
Returns:: true if access is allowed.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: UnloadService

referenceServiceAllowed

public boolean referenceServiceAllowed(javax.servlet.ServletRequest request,
                                       java.lang.String baseUrl,
                                       java.lang.String collection)
                                throws MiddlewareException

Returns true if access is allowed.

Specified by:: referenceServiceAllowed in interface ReferenceServiceGatekeeper

Parameters:: request - The full request.; baseUrl - Unused.; collection - Unused.
Returns:: true if access is allowed.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: ReferenceService

unreferenceServiceAllowed

public boolean unreferenceServiceAllowed(javax.servlet.ServletRequest request,
                                         java.lang.String collection)
                                  throws MiddlewareException

Returns true if access is allowed.

Specified by:: unreferenceServiceAllowed in interface UnreferenceServiceGatekeeper

Parameters:: request - The full request.; collection - Unused.
Returns:: true if access is allowed.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: UnreferenceService

identifiersServiceAllowed

public boolean identifiersServiceAllowed(javax.servlet.ServletRequest request)
                                  throws MiddlewareException

Returns true if the request is authorized.

Specified by:: identifiersServiceAllowed in interface IdentifiersServiceGatekeeper

Parameters:: request - The full request.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: IdentifiersService

identifiersDriverAllowed

public boolean identifiersDriverAllowed(javax.servlet.ServletRequest request,
                                        java.lang.String collection)
                                 throws MiddlewareException

Returns true if the request is authorized.

Specified by:: identifiersDriverAllowed in interface IdentifiersDriverGatekeeper

Parameters:: request - The full request.; collection - Unused.
Returns:: true if the request is authorized.
Throws:: BadRequestException - If the client IP address is invalid.; InternalErrorException - If the authorization cannot otherwise be determined.; MiddlewareException
See Also:: IdentifiersService

destroy

public void destroy()

Decrements the reference count. When the reference count drops to zero, all resources held by the gatekeeper are freed.

Specified by:: destroy in interface MetadataServiceGatekeeper

main

public static void main(java.lang.String[] args)
                 throws MiddlewareException

Test driver.

MiddlewareException

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Method Summary
`boolean`	`cancelServiceAllowed(javax.servlet.ServletRequest request, edu.ucsb.adl.middleware.ResultAccumulator accumulator)` Returns `true` if the request is authorized.
`boolean`	`collectionDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection)` Returns `true` if the request is authorized.
`boolean`	`collectionServiceAllowed(javax.servlet.ServletRequest request)` Returns `true` if the request is authorized.
`boolean`	`configurationServiceAllowed(javax.servlet.ServletRequest request)` Returns `true` if the request is authorized.
`static edu.ucsb.adl.middleware.IPAddressGatekeeper`	`createGatekeeper(edu.ucsb.adl.middleware.ExtendedProperties propertyList, java.lang.String filename)` Creates an `IPAddressGatekeeper`.
`void`	`destroy()` Decrements the reference count.
`boolean`	`genericAccessAllowed(javax.servlet.ServletRequest request)` Returns `true` if access is allowed.
`boolean`	`identifiersDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection)` Returns `true` if the request is authorized.
`boolean`	`identifiersServiceAllowed(javax.servlet.ServletRequest request)` Returns `true` if the request is authorized.
`static void`	`main(java.lang.String[] args)` Test driver.
`boolean`	`metadataDriverAllowed(javax.servlet.ServletRequest request, java.lang.String view, java.lang.String collection, java.lang.String holding)` Returns `true` if the request is authorized.
`boolean`	`metadataServiceAllowed(javax.servlet.ServletRequest request, java.lang.String view)` Returns `true` if the request is authorized.
`boolean`	`queryDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection, edu.ucsb.adl.middleware.Query query)` Returns `true` if the request is authorized.
`boolean`	`queryServiceAllowed(javax.servlet.ServletRequest request, edu.ucsb.adl.middleware.Query query)` Returns `true` if the request is authorized.
`boolean`	`referenceServiceAllowed(javax.servlet.ServletRequest request, java.lang.String baseUrl, java.lang.String collection)` Returns `true` if access is allowed.
`boolean`	`resultsServiceAllowed(javax.servlet.ServletRequest request, edu.ucsb.adl.middleware.ResultSet set)` Returns `true` if the request is authorized.
`boolean`	`statusServiceAllowed(javax.servlet.ServletRequest request)` Returns `true` if the request is authorized.
`boolean`	`unloadServiceAllowed(javax.servlet.ServletRequest request, java.lang.String collection)` Returns `true` if access is allowed.
`boolean`	`unreferenceServiceAllowed(javax.servlet.ServletRequest request, java.lang.String collection)` Returns `true` if access is allowed.
`boolean`	`viewsDriverAllowed(javax.servlet.ServletRequest request, java.lang.String collection, java.lang.String holding)` Returns `true` if the request is authorized.
`boolean`	`viewsServiceAllowed(javax.servlet.ServletRequest request)` Returns `true` if the request is authorized.

edu.ucsb.adl.middleware Class IPAddressGatekeeper

createGatekeeper

metadataServiceAllowed

viewsServiceAllowed

metadataDriverAllowed

viewsDriverAllowed

queryServiceAllowed

queryDriverAllowed

resultsServiceAllowed

statusServiceAllowed

cancelServiceAllowed

configurationServiceAllowed

collectionServiceAllowed

collectionDriverAllowed

genericAccessAllowed

unloadServiceAllowed

referenceServiceAllowed

unreferenceServiceAllowed

identifiersServiceAllowed

identifiersDriverAllowed

destroy

main

edu.ucsb.adl.middleware
Class IPAddressGatekeeper