Home » openejb-3.1.2-src » org.apache » openejb » server » auth » [javadoc | source]

    1   /**
    2    *
    3    * Licensed to the Apache Software Foundation (ASF) under one or more
    4    * contributor license agreements.  See the NOTICE file distributed with
    5    * this work for additional information regarding copyright ownership.
    6    * The ASF licenses this file to You under the Apache License, Version 2.0
    7    * (the "License"); you may not use this file except in compliance with
    8    * the License.  You may obtain a copy of the License at
    9    *
   10    * http://www.apache.org/licenses/LICENSE-2.0
   11    *
   12    * Unless required by applicable law or agreed to in writing, software
   13    * distributed under the License is distributed on an "AS IS" BASIS,
   14    * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   15    * See the License for the specific language governing permissions and
   16    * limitations under the License.
   17    */
   18   package org.apache.openejb.server.auth;
   19   
   20   import java.util.regex.Pattern;
   21   import java.util.regex.Matcher;
   22   import java.util.StringTokenizer;
   23   import java.net.InetAddress;
   24   import java.net.Inet4Address;
   25   
   26   /**
   27    * @version $Revision$ $Date$
   28    */
   29   public class FactorizedIPAddressPermission implements IPAddressPermission {
   30       private static final Pattern MASK_VALIDATOR = Pattern.compile("^((\\d{1,3}){1}(\\.\\d{1,3}){0,2}\\.)?\\{(\\d{1,3}){1}((,\\d{1,3})*)\\}$");
   31   
   32       public static boolean canSupport(String mask) {
   33           Matcher matcher = MASK_VALIDATOR.matcher(mask);
   34           return matcher.matches();
   35       }
   36   
   37       private final byte[] prefixBytes;
   38       private final byte[] suffixBytes;
   39   
   40       public FactorizedIPAddressPermission(String mask) {
   41           Matcher matcher = MASK_VALIDATOR.matcher(mask);
   42           if (false == matcher.matches()) {
   43               throw new IllegalArgumentException("Mask " + mask + " does not match pattern " + MASK_VALIDATOR.pattern());
   44           }
   45   
   46           // group 1 is the factorized IP part.
   47           // e.g. group 1 in "1.2.3.{4,5,6}" is "1.2.3."
   48           String prefix = matcher.group(1);
   49           StringTokenizer tokenizer = new StringTokenizer(prefix, ".");
   50           prefixBytes = new byte[tokenizer.countTokens()];
   51           for (int i = 0; i < prefixBytes.length; i++) {
   52               String token = tokenizer.nextToken();
   53               int value = Integer.parseInt(token);
   54               if (value < 0 || 255 < value) {
   55                   throw new IllegalArgumentException("byte #" + i + " is not valid.");
   56               }
   57               prefixBytes[i] = (byte) value;
   58           }
   59   
   60           // group 5 is a comma separated list of optional suffixes.
   61           // e.g. group 5 in "1.2.3.{4,5,6}" is ",5,6"
   62           String suffix = matcher.group(5);
   63           tokenizer = new StringTokenizer(suffix, ",");
   64           suffixBytes = new byte[1 + tokenizer.countTokens()];
   65   
   66           // group 4 is the compulsory and first suffix.
   67           // e.g. group 4 in "1.2.3.{4,5,6}" is "4"
   68           int value = Integer.parseInt(matcher.group(4));
   69           int i = 0;
   70           if (value < 0 || 255 < value) {
   71               throw new IllegalArgumentException("suffix " + i + " is not valid.");
   72           }
   73           suffixBytes[i++] = (byte) value;
   74   
   75           for (; i < suffixBytes.length; i++) {
   76               String token = tokenizer.nextToken();
   77               value = Integer.parseInt(token);
   78               if (value < 0 || 255 < value) {
   79                   throw new IllegalArgumentException("byte #" + i + " is not valid.");
   80               }
   81               suffixBytes[i] = (byte) value;
   82           }
   83       }
   84   
   85       public boolean implies(InetAddress address) {
   86           if (false == address instanceof Inet4Address) {
   87               return false;
   88           }
   89   
   90           byte[] byteAddress = address.getAddress();
   91           for (int i = 0; i < prefixBytes.length; i++) {
   92               if (byteAddress[i] != prefixBytes[i]) {
   93                   return false;
   94               }
   95           }
   96           byte lastByte = byteAddress[prefixBytes.length];
   97           for (int i = 0; i < suffixBytes.length; i++) {
   98               if (lastByte == suffixBytes[i]) {
   99                   return true;
  100               }
  101           }
  102           return false;
  103       }
  104   }

Home » openejb-3.1.2-src » org.apache » openejb » server » auth » [javadoc | source]