Servertec   Realm
Content
Introduction
Release Notes
Features
FAQs
Requirements
Installation
Add-ons
How To
Change Log
Future Plans
Knowledge Base
Documentation
Conventions
Users
Reference
iServer API
AccessLogEntry
Codecs
Connection
ConnectionPool...
DString
ErrorLogEntry
EventLogEntry
FileCache
FileUpload
IOHandler
IOManager
iws
Logger
MultiPartForm
QuickSort
Realm
RealmAdmin...
ServletManager
Utils

Servlet API
CGI
SSI
Servlets
Config Files
Log Files
Classes
Directory Tree

Samples
Sales
Legal
Feedback

 

java.lang.Object
 |
 +--javax.servlet.http.HttpServlet
     |
     +--stec.iws.Realm

public abstract class Realm extends HttpServlet

Defines methods used by security realms.

Methods

Method Description
authenicateComputer Called by iServer for each client request to check computer security privileges.
authenicateUser Called by iServer for each client request to check user security privileges.
checkRange Returns whether the given IP address range matches the specified IP address.

authenicateComputer

Called by iServer for each client request to check computer security privileges.

Syntax

public abstract boolean authenticateComputer(String acls,
                                         String hostname,
                                         String address,
                                         String method)
                                         throws Exception

Parameters

acls comma delimited list of Access Control Lists.
hostname the name of the computer making the request.
address the IP address of the computer making the request.
method the request method.

Returns

boolean whether or not the specified computer can access the requested resource using the specified method.

Throws

Exception any exception thrown.

Example

public boolean authenticateComputer(String acls,
                                       String hostname,
                                       String address,
                                       String method)
                                       throws Exception
{
  if(method.equals("get") || method.equals("post"))
  {
    String acl;

    int offset;
    String type;
    String taddress;
    
    int count = DString.dcount(acls, ",");
    for(int i = 0; i < count; i++)
    {
      acl = DString.trim(DString.extract(acls, ",", i));
  
      offset = acl.indexOf('.');
      type = acl.substring(0, offset);
      taddress = acl.substring(offset + 1);

      if(type.equals("hostname"))
      {
        if(hostname.equals(taddress))
        {
          return true;
        }
      }
      else if(type.equals("ip_address"))
      {
        if(address.equals(taddress))
        {
          return true;
        }
      }
      else if(type.equals("ip_range"))
      {
        if(Realm.checkRange(taddress, address)
        {
          return true;
        }
      }
    }
  }

  return false;
}


authenicateUser

Called by iServer for each client request to check user security privileges.

Syntax

public abstract boolean authenticateUser(String acls,
                                         String username,
                                         String password,
                                         String method)
                                         throws Exception

Parameters

acls comma delimited list of Access Control Lists.
username the name of the user to authenticate.
password the user's password.
method the request method.

Returns

boolean whether or not the specified user can access the requested resource using the specified method.

Throws

Exception any exception thrown.

Example

public boolean authenticateUser(String acls,
                                   String username,
                                   String password,
                                   String method)
                                   throws Exception
{
  if(username.equals("admin") &&
     password.equals("admin") &&
     (method.equals("get") ||
     method.equals("post")))
  {
                                  
    String acl;

    int offset;
    String type;
    String name;
    
    int count = DString.dcount(acls, ",");
    for(int i = 0; i < count; i++)
    {
      acl = DString.trim(DString.extract(acls, ",", i));
  
      offset = acl.indexOf('.');
      type = acl.substring(0, offset);
      name = acl.substring(offset + 1);

      if(type.equals("users"))
      {
        if(username.equals(name))
        {
          return true;
        }
      }
      else if(type.equals("group") && name.equals("admin"))
      {
        return true;
      }

    }
  }

  return false;
}


checkRange

Returns whether the given IP address range matches the specified IP address.

Syntax

public static boolean checkRange(String range,
                                 String address)
                                 throws Exception

Parameters

range the IP range to check against.

IP ranges use the form #.#.#.#-#.#.#.# or [#|*].[#|*].[#|*].[#|*].

# is a number from 0 to 255.

address the IP address of the computer to check.

IP addresses use the form #.#.#.#.

# is a number from 0 to 255.

Returns

boolean whether or not the given IP address was within the specified IP address range.

Throws

Exception any exception thrown.

Example

boolean inrange = Realm.checkRange(range, address)
 top of page
 Built with iScript Copyright © 1997-2000 Servertec. All rights reserved.
Last Modified: Sun Jan 09 19:34:12 EST 2000