com.adventnet.agent.tl1.security
Class SecurityView

java.lang.Object
  |
  +--com.adventnet.agent.tl1.security.SecurityView

public class SecurityView

extends java.lang.Object

implements SecurityVariables

This class is used to contain the over all security informations. For every security view a seperate Hashtable is used. Whenever a request comes it is just passed here to examine whether the user send this request has permission or the commands access level etc.

Inner Class Summary

(package private) class	SecurityView.ChannelInspectingThread This thread view the timeOut table for every one second.
(package private) class	SecurityView.UoutExpiryCheckThread This internal thread is used for checking the Uout and Pass word expiry of every entry in the table for once in every hour.

Field Summary

(package private) boolean	adminFlag
(package private) TL1Agent	agent
(package private) boolean	channelFlag
(package private) boolean	commandFlag
(package private) java.util.Hashtable	duralTable
(package private) SecurityLogHandler	logHandler
(package private) boolean	operationFlag
(package private) boolean	resourceFlag
(package private) java.util.Hashtable	sessionTable
(package private) java.util.Hashtable	timeOutTable
(package private) boolean	userFlag

Fields inherited from interface com.adventnet.agent.tl1.security.SecurityVariables

aid, ALW_LOG_SECU, cap, chap, DLT_CID_SECU, DLT_CMD_SECU, DLT_RSC_SECU, DLT_SECU, DLT_USER_SECU, DURAL, ECMR, ECSP, ED_CID_SECU, ED_CMD_SECU, ED_RSC_SECU, ED_SECU, ED_USER_SECU, EIUA, ENT_CID_SECU, ENT_CMD_SECU, ENT_RSC_SECU, ENT_SECU, ENT_USER_SECU, ERSP, ESCC, EURA, EUSP, INH_LOG_SECU, IS, LSTOI, MXINV, OOS, PAGE, PCND, PCNN, POINT, rap, root, RTRV_ATTR_SECULOG, RTRV_AUDIT_SECULOG, SET_ATTR_SECULOG, TMOUT, UOUT

Constructor Summary

SecurityView()

SecurityView(TL1Agent agent)
Constructor for SecurityView

Method Summary

(package private) void	addIntoChannelFile() Writes all entries in the channel table into txt file (for persistence support).
void	addIntoChannelTable(TL1ChannelSecurity sec) Adds the new channel entry in the channel table.
(package private) void	addIntoCommandFile() This method writes all the entries in the command table into text file(for persistence)
void	addIntoCommandTable(TL1CommandSecurity sec) This method is used to add the new user entry in the command table.
(package private) void	addIntoDuralTable(TL1ChannelSecurity sec, TL1Session sess) This method is called whenver intrusion attempt is crossed the limit MXINV.
(package private) void	addIntoOperationFile() This method writes all the entries in the operationTable into text file.
void	addIntoOperationTable(java.lang.String view, TL1OperationSecurity security) This method adds the new operation entry im the operation table.
(package private) void	addIntoResourceFile() This method writes all the entries in the resourceTable into text file.
void	addIntoResourceTable(TL1ResourceSecurity sec) This method adds the new user entry in the operation table.
(package private) void	addIntoTimeOutTable(TL1ChannelSecurity chSec, TL1Session sess) Adding into the time out table.
(package private) void	addIntoUserFile() This method writes all the entries in the table into text file.
void	addIntoUserTable(TL1UserSecurity sec) This method is used to add the new user entry in the user table.(called whenever ENT-USER-SECU command is executed with valid entries).
java.util.ArrayList	getAdminSessions() This method returns the admin(root) session if it is enabled else returns null.
java.util.TreeSet	getChannelIndexTable() This will return the Channel index table.
java.util.Hashtable	getChannelTable() This will return the Channel table.
java.util.TreeSet	getCommandIndexTable() This will return the Command index table.
java.util.Hashtable	getCommandTable() This will return the Command table.
(package private) java.util.ArrayList	getCommonPrivilege(TL1UserSecurity userSec, TL1CommandSecurity commandSec) This method receives the user security and command Security objects and checks if any of it's privileges matches.
(package private) java.lang.String	getLastLoginTime() This method returns the last login time for a particular User id in a user security details.
java.util.TreeSet	getOperationIndexTable() This will return the Operation index table.
java.util.Hashtable	getOperationTable() This will return the Operation table.
java.util.TreeSet	getResourceIndexTable() This will return the Resource index table.
java.util.Hashtable	getResourceTable() This will return the Resource table.
java.util.Hashtable	getSessionTable() Returns the session table.
java.util.TreeSet	getUserIndexTable() This will return the User index table.
java.lang.String	getUserLogged(TL1Session sess) This method returns the name of the user logged in for the particular session.
java.util.Hashtable	getUserTable() This will return the User table.
(package private) boolean	isAdminCommand(java.lang.String command) Checks whether the command is Admin command or not.
(package private) boolean	isAlreadyLogged(TL1Session session) This method is used to check whether the Session is already logged in or not.
boolean	isAuthenticatedSession(TL1Session session) Returns true if the specified session is an authenticated one.
(package private) boolean	isPasswordExpired(TL1UserSecurity security) This method verifies whether the password is with in pcnd or pcnn period.Returns true in case of success.
boolean	isPasswordValid(TL1UserSecurity security, java.lang.String password) Checks whether the passWord is valid.
boolean	isSecured(TL1Session sess, TL1InputMessage message) This method is called from TL1Agent whenever it receives an input message on security mode.
(package private) boolean	isUnderDuralPeriod(TL1Session sess) This gets the session and verifies whether the session is in it's dural period.
(package private) boolean	isUoutExpired(TL1UserSecurity security) This method is used to verify whether the given user id or pass word is existing or not.
(package private) boolean	isValidChannel(TL1ChannelSecurity chSec, TL1UserSecurity userSec, java.util.ArrayList privList) This method verifies whether the user is permitted to use the session.
static java.lang.String	makeString(java.util.Vector vec) This method is used to spilt the vector elements and return as string of the format vec[0]&vec[1]&vec[2]
static java.util.Vector	makeVector(java.lang.String channel) This method is used to spilt informations in the form a&b&c and create Vector.
void	removeFromChannelTable(java.lang.String channel) Removes the Channel security of the specified key from the channel table.
void	removeFromCommandTable(java.lang.String command) This method is used to remove the command entry of the specified key from the commandTable.
void	removeFromResourceTable(java.lang.String resource) Removes the Resource security entry of the specified key from the resource table.
void	removeFromUserTable(java.lang.String userName) This method is used to remove the user entry of the specified key from the userTable.
(package private) TL1ChannelSecurity	selectChannelSecurity(java.lang.String channel) This method returns the corresponding TL1ChannelSecurity from the channelTable for the key given(channelId) .
TL1CommandSecurity	selectCommandSecurity(java.lang.String command) This method returns the corresponding TL1CommandSecurity from the command table for the key given (command name).
java.util.Hashtable	selectOperSecurityTable(java.lang.String view) This method returns the corresponding Hashtable ,comprising TL1OperationSecurity objects as values.
TL1ResourceSecurity	selectResourceSecurity(java.lang.String resource) Returns the corresponding TL1ResourceSecurity from the command table for the key given (resource).
TL1UserSecurity	selectUserSecurity(java.lang.String name) This method returns the corresponding TL1UserSecurity from the user table for the key given(User name)
void	setChannelIndexTable(java.util.TreeSet table) Set the channel index table.This method will be called from TL1Agent.
void	setChannelTable(java.util.Hashtable table) Set the channel table.This method will be called from TL1Agent.
void	setCommandIndexTable(java.util.TreeSet table) Set the Command index table.This method will be called from TL1Agent.
void	setCommandTable(java.util.Hashtable table) Set the Command table.This method will be called from TL1Agent.
void	setOperationHandlerFileName(java.lang.String opHandler) Sets the OperationHandler file name with package.
void	setOperationIndexTable(java.util.TreeSet table) Set the operation index table.This method will be called from TL1Agent.
void	setOperationTable(java.util.Hashtable table) Set the operation table.This method will be called from TL1Agent.
void	setResourceHandlerFileName(java.lang.String resHandler) Sets the ResourceHandler file name with package.
void	setResourceIndexTable(java.util.TreeSet table) Set the Resource index table.This method will be called from TL1Agent.
void	setResourceTable(java.util.Hashtable table) Set the Resource table.This method will be called from TL1Agent.
void	setSecurityFlags(boolean user, boolean chann, boolean command, boolean oper, boolean resource) This method receives the status of diffirent security.Then instantiates the TL1SecurityCommandsRegister and registers the corresponding security related commands with the command registry.
void	setSecurityLogReference(SecurityLogHandler handler) This method receives the reference of the SecurityLogHandler.
void	setSessionTable(java.lang.String userName, TL1Session sess) This method receives the session and the user logged in that.
(package private) void	setTimeInUserDetails(java.lang.String time) This method sets the last login time for a paritucular User id in a user secutity details.
void	setUserIndexTable(java.util.TreeSet table) Set the User index table.This method will be called from TL1Agent.
void	setUserTable(java.util.Hashtable table) Set the User table.This method will be called from TL1Agent.
void	startUoutExpiryCheckThread() This method starts the thread ExpiryCheck.
void	stopUoutExpiryCheckThread() This stops thread ExpiryCheck.

Methods inherited from class java.lang.Object

, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

sessionTable

java.util.Hashtable sessionTable

duralTable

java.util.Hashtable duralTable

timeOutTable

java.util.Hashtable timeOutTable

agent

TL1Agent agent

logHandler

SecurityLogHandler logHandler

userFlag

boolean userFlag

channelFlag

boolean channelFlag

operationFlag

boolean operationFlag

commandFlag

boolean commandFlag

resourceFlag

boolean resourceFlag

adminFlag

boolean adminFlag

Constructor Detail

SecurityView

public SecurityView()

SecurityView

public SecurityView(TL1Agent agent)

Constructor for SecurityView

Method Detail

setSecurityFlags

public void setSecurityFlags(boolean user,
                             boolean chann,
                             boolean command,
                             boolean oper,
                             boolean resource)

This method receives the status of diffirent security.Then instantiates the TL1SecurityCommandsRegister and registers the corresponding security related commands with the command registry.

Parameters:

user - -- If true, then User Security view is enabled

chann - -- If true, then Channel Security View is enabled

command - -- If true, then Command Security View is enabled

oper - -- If true, then Operation Security View is enabled

resource - -- If true, then Resource Security View is enabled

setUserTable

public void setUserTable(java.util.Hashtable table)

Set the User table.This method will be called from TL1Agent.

Parameters:

table- - this table contains TL1UserSecurity Objects as values and user names as keys.

getUserTable

public java.util.Hashtable getUserTable()

This will return the User table.

setUserIndexTable

public void setUserIndexTable(java.util.TreeSet table)

Set the User index table.This method will be called from TL1Agent.

Parameters:

table- - this table contains Index Objects as values.

getUserIndexTable

public java.util.TreeSet getUserIndexTable()

This will return the User index table.

getChannelTable

public java.util.Hashtable getChannelTable()

This will return the Channel table.

setChannelTable

public void setChannelTable(java.util.Hashtable table)

Set the channel table.This method will be called from TL1Agent.

Parameters:

table - - this table contains TL1ChannelSecurity objects as values and channelId as keys.

getChannelIndexTable

public java.util.TreeSet getChannelIndexTable()

This will return the Channel index table.

setChannelIndexTable

public void setChannelIndexTable(java.util.TreeSet table)

Set the channel index table.This method will be called from TL1Agent.

Parameters:

table - - this table contains index objects as values.

getCommandTable

public java.util.Hashtable getCommandTable()

This will return the Command table.

setCommandTable

public void setCommandTable(java.util.Hashtable table)

Set the Command table.This method will be called from TL1Agent.

Parameters:

table- - this table contains TL1CommandSecurity Objects as values and user names as keys.

getCommandIndexTable

public java.util.TreeSet getCommandIndexTable()

This will return the Command index table.

setCommandIndexTable

public void setCommandIndexTable(java.util.TreeSet table)

Set the Command index table.This method will be called from TL1Agent.

Parameters:

table- - this table contains Command index Objects as values.

getOperationTable

public java.util.Hashtable getOperationTable()

This will return the Operation table.

setOperationTable

public void setOperationTable(java.util.Hashtable table)

Set the operation table.This method will be called from TL1Agent.

Parameters:

table - - this table contains View as keys and Hashtable (having recordId as key and TL1OperationSecurity objects as values) as values.

getOperationIndexTable

public java.util.TreeSet getOperationIndexTable()

This will return the Operation index table.

setOperationIndexTable

public void setOperationIndexTable(java.util.TreeSet table)

Set the operation index table.This method will be called from TL1Agent.

Parameters:

table - - this table contains View index as values.

getResourceTable

public java.util.Hashtable getResourceTable()

This will return the Resource table.

setResourceTable

public void setResourceTable(java.util.Hashtable table)

Set the Resource table.This method will be called from TL1Agent.

Parameters:

table - - this table contains TL1ResourceSecur

getResourceIndexTable

public java.util.TreeSet getResourceIndexTable()

This will return the Resource index table.

setResourceIndexTable

public void setResourceIndexTable(java.util.TreeSet table)

Set the Resource index table.This method will be called from TL1Agent.

Parameters:

table - - this table contains resource index object as value.

addIntoUserTable

public void addIntoUserTable(TL1UserSecurity sec)

This method is used to add the new user entry in the user table.(called whenever ENT-USER-SECU command is executed with valid entries).

Parameters:

sec - -- Reference of the TL1UserSecurity

addIntoUserFile

void addIntoUserFile()

This method writes all the entries in the table into text file.

addIntoChannelTable

public void addIntoChannelTable(TL1ChannelSecurity sec)

Adds the new channel entry in the channel table. (called whenever ENT-CID-SECU command is executed with valid entries).

Parameters:

sec - -- TL1ChannelSecurity Reference

addIntoChannelFile

void addIntoChannelFile()

Writes all entries in the channel table into txt file (for persistence support).

addIntoCommandTable

public void addIntoCommandTable(TL1CommandSecurity sec)

This method is used to add the new user entry in the command table. (called whenever ENT-CMD-SECU method is executed withvalid entries).

Parameters:

sec - -- TL1CommandSecurity Reference

addIntoCommandFile

void addIntoCommandFile()

This method writes all the entries in the command table into text file(for persistence)

addIntoResourceTable

public void addIntoResourceTable(TL1ResourceSecurity sec)

This method adds the new user entry in the operation table. (called whenever ENT-RSC-SECU command is executed with invalid entries).

Parameters:

sec - -- TL1ResourceSecurity Reference

addIntoResourceFile

void addIntoResourceFile()

This method writes all the entries in the resourceTable into text file.

addIntoOperationTable

public void addIntoOperationTable(java.lang.String view,
                                  TL1OperationSecurity security)

This method adds the new operation entry im the operation table. The key is view and the values are again Hashtable that has operationId (Record identidiers) as keys and TL1OperationSecurity as values.

Parameters:

view - -- Name of the Table(view)

security - -- TL1OperationSecurity Reference

addIntoOperationFile

void addIntoOperationFile()

This method writes all the entries in the operationTable into text file.

addIntoDuralTable

void addIntoDuralTable(TL1ChannelSecurity sec,
                       TL1Session sess)

This method is called whenver intrusion attempt is crossed the limit MXINV. The dural table keeps the session as key and the dural seconds (as Long object) as value.

removeFromUserTable

public void removeFromUserTable(java.lang.String userName)

This method is used to remove the user entry of the specified key from the userTable.

Parameters:

userName - -- userName(UID) whose corresponding user entry in the usersecurity text file to be removed

removeFromChannelTable

public void removeFromChannelTable(java.lang.String channel)

Removes the Channel security of the specified key from the channel table.

removeFromCommandTable

public void removeFromCommandTable(java.lang.String command)

This method is used to remove the command entry of the specified key from the commandTable.

Parameters:

command - -- command name whose corresponding Command entry in the commandsecurity text file to be removed

removeFromResourceTable

public void removeFromResourceTable(java.lang.String resource)

Removes the Resource security entry of the specified key from the resource table.

Parameters:

resource - -- resource name whose corresponding resource entry in the resourcesecurity text file to be removed

setSecurityLogReference

public void setSecurityLogReference(SecurityLogHandler handler)

This method receives the reference of the SecurityLogHandler.

Parameters:

handler - -- Reference of the SecurityLogHandler

setOperationHandlerFileName

public void setOperationHandlerFileName(java.lang.String opHandler)

Sets the OperationHandler file name with package.

Parameters:

opHandler - -- Operation Handler File name

setResourceHandlerFileName

public void setResourceHandlerFileName(java.lang.String resHandler)

Sets the ResourceHandler file name with package.

Parameters:

resHandler - -- Resource Handler File name

isUoutExpired

boolean isUoutExpired(TL1UserSecurity security)

This method is used to verify whether the given user id or pass word is existing or not.

Returns:

true - if exists ;false otherwise

selectUserSecurity

public TL1UserSecurity selectUserSecurity(java.lang.String name)

This method returns the corresponding TL1UserSecurity from the user table for the key given(User name)

Parameters:

name - -- user name(UID)

Returns:

Returns the corresponding TL1UserSecurity object if found, null otherwise.

selectChannelSecurity

TL1ChannelSecurity selectChannelSecurity(java.lang.String channel)

This method returns the corresponding TL1ChannelSecurity from the channelTable for the key given(channelId) .

Parameters:

channel - -- channel name(CID) to be selected

Returns:

Returns the corresponding TL1ChannelSecurity object if found, null otherwise

selectCommandSecurity

public TL1CommandSecurity selectCommandSecurity(java.lang.String command)

This method returns the corresponding TL1CommandSecurity from the command table for the key given (command name). The command should be case insensitive.

Parameters:

command - -- command name to be selected

Returns:

Returns the corresponding TL1CommandSecurity object if found, null otherwise

selectOperSecurityTable

public java.util.Hashtable selectOperSecurityTable(java.lang.String view)

This method returns the corresponding Hashtable ,comprising TL1OperationSecurity objects as values.

Parameters:

view - -- View name to be obtained

selectResourceSecurity

public TL1ResourceSecurity selectResourceSecurity(java.lang.String resource)

Returns the corresponding TL1ResourceSecurity from the command table for the key given (resource).

Parameters:

resource - -- Resource name to be obtained

Returns:

Returns the corresponding TL1ResourceSecurity object if found, null otherwise

isPasswordValid

public boolean isPasswordValid(TL1UserSecurity security,
                               java.lang.String password)

Checks whether the passWord is valid.

Parameters:

password - -- password to be checked

security - -- Reference of the TL1UserSecurity

Returns:

true if valid ; false otherwise.

isPasswordExpired

boolean isPasswordExpired(TL1UserSecurity security)

This method verifies whether the password is with in pcnd or pcnn period.Returns true in case of success.

startUoutExpiryCheckThread

public void startUoutExpiryCheckThread()

This method starts the thread ExpiryCheck. This thread Used to cheeck The User entries once in every 24 hours in order to verify if any user entry values uout. If expired it sends autonomous message to the admin.

stopUoutExpiryCheckThread

public void stopUoutExpiryCheckThread()

This stops thread ExpiryCheck.

setSessionTable

public void setSessionTable(java.lang.String userName,
                            TL1Session sess)

This method receives the session and the user logged in that.

Parameters:

userName - -- username (UID) who has logged into the session

sess - -- Reference of the TL1Sesssion, Session where the user has loggedin

getSessionTable

public java.util.Hashtable getSessionTable()

Returns the session table.

getUserLogged

public java.lang.String getUserLogged(TL1Session sess)

This method returns the name of the user logged in for the particular session.

Parameters:

sess - -- Reference of the TL1Sesssion, Session where the user has loggedin

setTimeInUserDetails

void setTimeInUserDetails(java.lang.String time)

This method sets the last login time for a paritucular User id in a user secutity details.

getLastLoginTime

java.lang.String getLastLoginTime()

This method returns the last login time for a particular User id in a user security details.

isAuthenticatedSession

public boolean isAuthenticatedSession(TL1Session session)

Returns true if the specified session is an authenticated one.

Parameters:

session - - TL1Session to be checked for authentication status.

isSecured

public boolean isSecured(TL1Session sess,
                         TL1InputMessage message)
                  throws TL1AgentException,
                         java.lang.Exception

This method is called from TL1Agent whenever it receives an input message on security mode. This method verifies all security views set by the user and returns true only if all the stages are successfull.Otherwise returns false. Here at the beggining, the command code is tested whether it is Act-user because if it is not tested ,when the user trying to login it will say Authentication failed as the session is absent in the session table.

Parameters:

sess - - TL1Session

message - - TL1InputMessage

Throws:

TL1AgentException - and Exception.

isUnderDuralPeriod

boolean isUnderDuralPeriod(TL1Session sess)

This gets the session and verifies whether the session is in it's dural period. Dural period is the period after the particular session has undergone intrusion attempt.

addIntoTimeOutTable

void addIntoTimeOutTable(TL1ChannelSecurity chSec,
                         TL1Session sess)

Adding into the time out table. Time out table is a Hashtable used to maintain the session with the timeout seconds. The Channel inspecting thread will view this table and if it finds any session's gets expired then it locks it.

getCommonPrivilege

java.util.ArrayList getCommonPrivilege(TL1UserSecurity userSec,
                                       TL1CommandSecurity commandSec)

This method receives the user security and command Security objects and checks if any of it's privileges matches. If matches returns the privilege otherwise returns null.

isValidChannel

boolean isValidChannel(TL1ChannelSecurity chSec,
                       TL1UserSecurity userSec,
                       java.util.ArrayList privList)

This method verifies whether the user is permitted to use the session. If command view is selected then the privilege received in this command is checked with the channel security info's privilege. Returns true if succeeded. If command view is not selected the channel through with the user tries to login is verified with the user object's cid list. If it is available it returns true otherwise false.

isAlreadyLogged

boolean isAlreadyLogged(TL1Session session)

This method is used to check whether the Session is already logged in or not.

isAdminCommand

boolean isAdminCommand(java.lang.String command)

Checks whether the command is Admin command or not. If Command Security is not enabled the admin related commands can be executed only by the admin.(i.e)root.Some RTRV command is applicable to any user as he has the permission to retieve his own informations at the same time multiple retrievel can be done only by the admin. So RTRV command is handled where it's implemented.

makeVector

public static java.util.Vector makeVector(java.lang.String channel)

This method is used to spilt informations in the form a&b&c and create Vector.

Parameters:

channel - -- channel name(s) separated by &

makeString

public static java.lang.String makeString(java.util.Vector vec)

This method is used to spilt the vector elements and return as string of the format vec[0]&vec[1]&vec[2]

Parameters:

vec - - Refernce of the Vector

getAdminSessions

public java.util.ArrayList getAdminSessions()

This method returns the admin(root) session if it is enabled else returns null. using this session an autonomous to the admin will be sent to inform him about the intrusion attempt.It is assumed that admin can have only entry multiple login of admin is not possible hence only session will be returned.

Returns:

Returns the session(s) where the admin(root) has loggedin if logged in, else null