Servertec   Realm
Content
Introduction
Release Notes
Features
FAQs
Requirements
Installation
Add-ons
How To
Change Log
Future Plans
Knowledge Base
Documentation
Conventions
Users
Reference
iServer API
AccessLogEntry
Codecs
Connection
ConnectionPool...
DString
ErrorLogEntry
EventLogEntry
FileCache
FileUpload
IOHandler
IOManager
iws
Logger
MultiPartForm
QuickSort
QuickSortString...
Realm
RealmAdmin...
RealmManager
ServletContextImpl
ServletContext...
ServletImpl
ServletManager
Utils

Servlet API
CGI
SSI
Servlets
Config Files
Log Files
Classes
Directory Tree

Samples
Sales
Legal
Feedback

 

java.lang.Object
 |
 +--stec.iws.Realm

public abstract class Realm extends Object

Defines methods used by security realms.

Methods

Method Description
authenticateComputer Called by iServer for each client request to check computer security privileges.
authenticateUser Called by iServer for each client request to check user security privileges.
checkGroup Returns whether the given user is part of the specified group.
checkRange Returns whether the given IP address range matches the specified IP address.
destroy Called by iServer when unloading the security realm.
getPrincipal Returns the Principal for the specified user.
init Called by iServer when loading the security realm.

authenticateComputer

Called by iServer for each client request to check computer security privileges.

Syntax

public abstract int authenticateComputer(String acls,
                                         String hostname,
                                         String address,
                                         String method)
                                         throws Exception

Parameters

acls comma delimited list of Access Control Lists.
hostname the name of the computer making the request.
address the IP address of the computer making the request.
method the request method.

Returns

int whether or not the specified computer can access the requested resource using the specified method.

-1 - not found
0 - false
1 - true

Throws

Exception any exception thrown.

Example

public int authenticateComputer(String acls,
                                   String hostname,
                                   String address,
                                   String method)
                                   throws Exception
{
  if(method.equals("get") || method.equals("post"))
  {
    String acl;

    int offset;
    String type;
    String taddress;
    
    int count = DString.dcount(acls, ",");
    for(int i = 0; i < count; i++)
    {
      acl = DString.trim(DString.extract(acls, ",", i));
  
      offset = acl.indexOf('.');
      type = acl.substring(0, offset);
      taddress = acl.substring(offset + 1);

      if(type.equals("hostname"))
      {
        if(hostname.equals(taddress))
        {
          return 1;
        }
        else
        {
          return 0;
        }
      }
      else if(type.equals("ip_address"))
      {
        if(address.equals(taddress))
        {
          return 1;
        }
        else
        {
          return 0;
        }
      }
      else if(type.equals("ip_range"))
      {
        if(Realm.checkRange(taddress, address)
        {
          return 1;
        }
        else
        {
          return 0;
        }
      }
    }
  }

  return -1;
}


authenticateUser

Called by iServer for each client request to check user security privileges.

Syntax

public abstract boolean authenticateUser(String acls,
                                         String username,
                                         String password,
                                         String method)
                                         throws Exception

Parameters

acls comma delimited list of Access Control Lists.
username the name of the user to authenticate.
password the user's password.
method the request method.

Returns

boolean whether or not the specified user can access the requested resource using the specified method.

Throws

Exception any exception thrown.

Example

public boolean authenticateUser(String acls,
                                   String username,
                                   String password,
                                   String method)
                                   throws Exception
{
  if(username.equals("admin") &&
     password.equals("admin") &&
     (method.equals("get") ||
     method.equals("post")))
  {
                                  
    String acl;

    int offset;
    String type;
    String name;
    
    int count = DString.dcount(acls, ",");
    for(int i = 0; i < count; i++)
    {
      acl = DString.trim(DString.extract(acls, ",", i));
  
      offset = acl.indexOf('.');
      type = acl.substring(0, offset);
      name = acl.substring(offset + 1);

      if(type.equals("users"))
      {
        if(username.equals(name))
        {
          return true;
        }
      }
      else if(type.equals("group") && name.equals("admin"))
      {
        return true;
      }

    }
  }

  return false;
}


checkGroup

Returns whether the given user is part of the specified group.

Syntax

public static boolean checkGroup(String groupname,
                                 String username)
                                 throws Exception

Parameters

groupname the name of the group to check.
username the user to test.

Returns

boolean whether or not the given user was part of the specified group.

Throws

Exception any exception thrown.

Example

public boolean checkGroup(String groupname, String username)
{
  String[] users = getUsers(groupname);
  if(users == null)
  {
    return false;
  }

  for(int i = 0; i < users.length; i++)
  {
    if(username.equals(users[i]))
    {
      return true;
    }
  }

  return false;
}

checkRange

Returns whether the given IP address range matches the specified IP address.

Syntax

public static boolean checkRange(String range,
                                 String address)
                                 throws Exception

Parameters

range the IP range to check against.

IP ranges use the form #.#.#.#-#.#.#.# or [#|*].[#|*].[#|*].[#|*].

# is a number from 0 to 255.

address the IP address of the computer to check.

IP addresses use the form #.#.#.#.

# is a number from 0 to 255.

Returns

boolean whether or not the given IP address was within the specified IP address range.

Throws

Exception any exception thrown.

Example

boolean inrange = Realm.checkRange(range, address)

destroy

Called by iServer when unloading the security realm.

Syntax

public void destroy()

Parameters

None

Returns

Nothing

Throws

Nothing

Example

public destroy()
{
  super.destroy();
  close_files();
}


getPrincipal

Returns the Principal for the specified user.

Syntax

public abstract Principal getPrincipal(String username)
                                       throws Exception

Parameters

username the user to create a Principal for.

Returns

java.security.Principal the Principal of the specified user.

Throws

Exception any exception thrown.

Example

import java.security.Principal;

public Principal getPrincipal(String username) throws Exception
{
  return new PrincipalImpl(username);
}

class PrincipalImpl implements Principal
{
  String name;

  public PrincipalImpl(String _name)
  {
    name = _name;
  }

  public String getName()
  {
    return name;
  }

  public boolean equals(Object obj)
  {
    if(obj instanceof Principal)
    {
      return name.equals(((PrincipalImpl)obj).name);
    }
    else
    {
      return false;
    }
  }

  public String toString()
  {
    return name;
  }
}


init

Called by iServer when loading the security realm.

Syntax

public void init(Hashtable parameters) throws Exception

Parameters

parameters a hashtable containing initialization parameters.

Returns

Nothing

Throws

Exception any exception thrown.

Example

public void init(Hashtable parameters) throws Exception
{
  super.init(parameters);

  Object filename = parameters.get(file_name);
  if(filename == null)
  {
    filename = "realm.dat";
  }

  open_files((String)file_name);
}

 top of page
 Built with iScript Copyright © 1997-2000 Servertec. All rights reserved.
Last Modified: Thu Aug 10 13:06:59 EDT 2000