- java.lang.Object
-
- org.hsqldb.server.ServerAcl
-
public final class ServerAcl extends java.lang.ObjectA list of ACL permit and deny entries with a permitAccess method which tells whether candidate addresses are permitted or denied by this ACL list.The ACL file is reloaded whenever a modification to it is detected. If you copy in a file with an older file date, you will need to touch it.
The public runtime method is permitAccess(). The public setup method is the constructor.
Each non-comment line in the ACL file must be a rule of the format:
For example{allow|deny} <ip_address>[/significant-bits]allow ahostname deny ahost.domain.com allow 127.0.0.1 allow 2001:db8::/32In order to detect bit specification mistakes, we require that non-significant bits be zero in the values. An undesirable consequence of this is, you can't use a specification like the following to mean "all of the hosts on the same network as x.admc.com":
allow x.admc.com/24- Since:
- 2.0.0
- Author:
- Blaine Simpson (blaine dot simpson at admc dot com)
- See Also:
ServerAcl(File),permitAccess(java.lang.String)
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classServerAcl.AclFormatException
-
Constructor Summary
Constructors Constructor Description ServerAcl(java.io.File aclFile)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static java.lang.StringcolonNotation(byte[] uba)static java.lang.StringdottedNotation(byte[] uba)static voidmain(java.lang.String[] sa)Utility method that allows interactive testing of individual ACL records, as well as the net effect of the ACL record list.booleanpermitAccess(byte[] addr)booleanpermitAccess(java.lang.String s)Uses system network libraries to resolve the given String to an IP addr, then determine whether this address is permitted or denied.voidsetPrintWriter(java.io.PrintWriter pw)java.lang.StringtoString()
-
-
-
Constructor Detail
-
ServerAcl
public ServerAcl(java.io.File aclFile) throws java.io.IOException, ServerAcl.AclFormatException- Throws:
java.io.IOExceptionServerAcl.AclFormatException
-
-
Method Detail
-
dottedNotation
public static java.lang.String dottedNotation(byte[] uba)
- Parameters:
uba- Unsigned byte array- Returns:
- String
-
colonNotation
public static java.lang.String colonNotation(byte[] uba)
- Parameters:
uba- Unsigned byte array- Returns:
- String
-
setPrintWriter
public void setPrintWriter(java.io.PrintWriter pw)
-
toString
public java.lang.String toString()
- Overrides:
toStringin classjava.lang.Object
-
permitAccess
public boolean permitAccess(java.lang.String s)
Uses system network libraries to resolve the given String to an IP addr, then determine whether this address is permitted or denied. Specified name may be a numerical-based String like "1.2.3.4", a constant known to the networking libraries, or a host name to be resolved by the systems name resolution system. If the given String can't be resolved to an IP addr, false is returned.- Parameters:
s- String- Returns:
- boolean
- See Also:
permitAccess(byte[])
-
permitAccess
public boolean permitAccess(byte[] addr)
- Parameters:
addr- byte[]- Returns:
- true if access for the candidate address should be permitted, false if access should be denied.
-
main
public static void main(java.lang.String[] sa) throws ServerAcl.AclFormatException, java.io.IOExceptionUtility method that allows interactive testing of individual ACL records, as well as the net effect of the ACL record list. Run "java -cp path/to/hsqldb.jar org.hsqldb.server.ServerAcl --help" for Syntax help.- Parameters:
sa- String[]- Throws:
ServerAcl.AclFormatException- when badly formattedjava.io.IOException- when io error
-
-