diff options
Diffstat (limited to 'java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java')
-rw-r--r-- | java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java | 137 |
1 files changed, 0 insertions, 137 deletions
diff --git a/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java b/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java deleted file mode 100644 index 40a65fddba..0000000000 --- a/java/broker-plugins/firewall/src/main/java/org/apache/qpid/server/security/access/plugins/Firewall.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */ -package org.apache.qpid.server.security.access.plugins; - -import org.apache.commons.configuration.Configuration; -import org.apache.commons.configuration.ConfigurationException; - -import org.apache.qpid.server.configuration.plugins.ConfigurationPlugin; -import org.apache.qpid.server.security.AbstractPlugin; -import org.apache.qpid.server.security.Result; -import org.apache.qpid.server.security.SecurityPluginFactory; -import org.apache.qpid.server.security.access.ObjectProperties; -import org.apache.qpid.server.security.access.ObjectType; -import org.apache.qpid.server.security.access.Operation; -import org.apache.qpid.server.security.access.config.FirewallException; -import org.apache.qpid.server.security.access.config.FirewallRule; - -import java.net.InetAddress; -import java.net.InetSocketAddress; - -public class Firewall extends AbstractPlugin -{ - public static final SecurityPluginFactory<Firewall> FACTORY = new SecurityPluginFactory<Firewall>() - { - public Firewall newInstance(ConfigurationPlugin config) throws ConfigurationException - { - FirewallConfiguration configuration = config.getConfiguration(FirewallConfiguration.class.getName()); - - // If there is no configuration for this plugin then don't load it. - if (configuration == null) - { - return null; - } - - Firewall plugin = new Firewall(); - plugin.configure(configuration); - return plugin; - } - - public Class<Firewall> getPluginClass() - { - return Firewall.class; - } - - public String getPluginName() - { - return Firewall.class.getName(); - } - }; - - private Result _default = Result.ABSTAIN; - private FirewallRule[] _rules; - - public Result getDefault() - { - return _default; - } - - public Result authorise(Operation operation, ObjectType objectType, ObjectProperties properties) - { - return Result.ABSTAIN; // We only deal with access requests - } - - public Result access(ObjectType objectType, Object instance) - { - if (objectType != ObjectType.VIRTUALHOST) - { - return Result.ABSTAIN; // We are only interested in access to virtualhosts - } - - if (!(instance instanceof InetSocketAddress)) - { - return Result.ABSTAIN; // We need an internet address - } - - InetAddress address = ((InetSocketAddress) instance).getAddress(); - - try - { - for (FirewallRule rule : _rules) - { - boolean match = rule.match(address); - if (match) - { - return rule.getAccess(); - } - } - return getDefault(); - } - catch (FirewallException fe) - { - return Result.DENIED; - } - } - - - public void configure(ConfigurationPlugin config) - { - super.configure(config); - FirewallConfiguration firewallConfiguration = (FirewallConfiguration) getConfig(); - - // Get default action - _default = firewallConfiguration.getDefaultAction(); - - Configuration finalConfig = firewallConfiguration.getConfiguration(); - - // all rules must have an access attribute - int numRules = finalConfig.getList("rule[@access]").size(); - _rules = new FirewallRule[numRules]; - for (int i = 0; i < numRules; i++) - { - FirewallRule rule = new FirewallRule(finalConfig.getString("rule(" + i + ")[@access]"), - finalConfig.getList("rule(" + i + ")[@network]"), - finalConfig.getList("rule(" + i + ")[@hostname]")); - _rules[i] = rule; - } - - } -} |