| 
 | ||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.hsqldb.server.ServerAcl
public final class ServerAcl
A list of ACL permit and deny entries with a permitAccess method which tells whether candidate addresses are permitted or denied by this ACL list.
The ACL file is reloaded whenever a modification to it is detected. If you copy in a file with an older file date, you will need to touch it.
The public runtime method is permitAccess(). The public setup method is the constructor.
Each non-comment line in the ACL file must be a rule of the format:
     {allow|deny} [/significant-bits]
  
     allow ahostname
     deny ahost.domain.com
     allow 127.0.0.1
     allow 2001:db8::/32
 In order to detect bit specification mistakes, we require that non-significant bits be zero in the values. An undesirable consequence of this is, you can't use a specification like the following to mean "all of the hosts on the same network as x.admc.com":
     allow x.admc.com/24
 
ServerAcl(File), 
permitAccess(java.lang.String)| Nested Class Summary | |
|---|---|
| static class | ServerAcl.AclFormatException | 
| Constructor Summary | |
|---|---|
| ServerAcl(File aclFile) | |
| Method Summary | |
|---|---|
| static String | colonNotation(byte[] uba) | 
| static String | dottedNotation(byte[] uba) | 
| static void | main(String[] sa)Utility method that allows interactive testing of individal ACL records, as well as the net effect of the ACL record list. | 
|  boolean | permitAccess(byte[] addr) | 
|  boolean | permitAccess(String s)Uses system network libraries to resolve the given String to an IP addr, then determine whether this address is permitted or denied. | 
|  void | setPrintWriter(PrintWriter pw) | 
|  String | toString() | 
| Methods inherited from class java.lang.Object | 
|---|
| equals, getClass, hashCode, notify, notifyAll, wait, wait, wait | 
| Constructor Detail | 
|---|
public ServerAcl(File aclFile)
          throws IOException,
                 ServerAcl.AclFormatException
IOException
ServerAcl.AclFormatException| Method Detail | 
|---|
public static String dottedNotation(byte[] uba)
uba - Unsigned byte arraypublic static String colonNotation(byte[] uba)
uba - Unsigned byte arraypublic void setPrintWriter(PrintWriter pw)
public String toString()
toString in class Objectpublic boolean permitAccess(String s)
permitAccess(byte[])public boolean permitAccess(byte[] addr)
RuntimeException - if no rule covers the candidate address.
          This would be the case if this class is applied to some
          network protocol other than ipv4 or ipv6, without adding a
          default rule for it.
public static void main(String[] sa)
                 throws ServerAcl.AclFormatException,
                        IOException
ServerAcl.AclFormatException
IOException| 
 | ||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||