AbstractInetAddressAuthorizerCompiler xref

View Javadoc

1   /*
2    * SymmetricDS is an open source database synchronization solution.
3    *   
4    * Copyright (C) Dave Michels <dmichels2@users.sourceforge.net>,
5    *
6    * This library is free software; you can redistribute it and/or
7    * modify it under the terms of the GNU Lesser General Public
8    * License as published by the Free Software Foundation; either
9    * version 3 of the License, or (at your option) any later version.
10   *
11   * This library is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14   * Lesser General Public License for more details.
15   *
16   * You should have received a copy of the GNU Lesser General Public
17   * License along with this library; if not, see
18   * <http://www.gnu.org/licenses/>.
19   */
20  
21  package org.jumpmind.symmetric.security.inet;
22  
23  import java.net.UnknownHostException;
24  import java.util.ArrayList;
25  import java.util.List;
26  
27  import org.apache.commons.logging.Log;
28  import org.apache.commons.logging.LogFactory;
29  
30  /***
31   * Base class that all {@link IInetAddressAuthorizerCompiler} implementations should extend.
32   * 
33   * @author dmichels2
34   */
35  public abstract class AbstractInetAddressAuthorizerCompiler implements IInetAddressAuthorizerCompiler
36  {
37      /***
38       * Marker token to denote an all inclusive, or wildcarded, IP address piece. This token specifies that all address
39       * are valid for this piece of an IP address. Value: {@value}
40       */
41      public static final String ANY_TOKEN = "*";
42  
43      /***
44       * Marker token to denote an inclusive range of values in an IP address piece. This token specifies that all address
45       * that fall within the range are valid for this piece of an IP address. Value: {@value}
46       */
47      public static final String RANGE_TOKEN = "-";
48  
49      /***
50       * CIDR Marker token which separates an address and the number of significant bits used to evaluate authorization.
51       * Value: {@value}
52       */
53      public static final String CIDR_TOKEN = "/";
54  
55      private static final Log logger = LogFactory.getLog(AbstractInetAddressAuthorizerCompiler.class);
56  
57      /***
58       * Filter string primary compilation entry point.
59       * 
60       * @param filterStrings
61       * @return
62       * @throws UnknownHostException
63       */
64      public List<IRawInetAddressAuthorizer> compile(final String[] filterStrings) throws UnknownHostException
65      {
66          final List<IRawInetAddressAuthorizer> rawFilters = new ArrayList<IRawInetAddressAuthorizer>();
67          for (final String filter : filterStrings)
68          {
69              logger.debug("Compiling filter string: " + filter);
70              rawFilters.add(compileForIpVersion(filter));
71          }
72  
73          return rawFilters;
74      }
75  
76      /***
77       * @param filter
78       * @return
79       */
80      protected String replaceSymbols(String filter)
81      {
82          if (filter.contains(ANY_TOKEN))
83          {
84              final String[] octets = filter.split(getAddressSeparator());
85              for (final String octet : octets)
86              {
87                  // verify no whitespace
88                  if (octet.contains(ANY_TOKEN))
89                  {
90                      if (octet.length() > 1)
91                      {
92                          throw new IllegalArgumentException(String.format(
93                              "Illegal wild card. '%s' can be the the only char in the address piece. Provided: '%s'",
94                              ANY_TOKEN, octet));
95                      }
96                  }
97              }
98              filter = filter.replaceAll('//' + ANY_TOKEN, getBroadcastString());
99              logger.debug("Replaced wildcard filter to: " + filter);
100         }
101         return filter;
102     }
103 
104     /***
105      * Method to implement all of the IP version specific filter compilation logic.
106      * 
107      * @param filter IP filter definition
108      * @return
109      */
110     protected abstract IRawInetAddressAuthorizer compileForIpVersion(String filter) throws UnknownHostException;
111 
112     /***
113      * @return
114      */
115     protected abstract String getBroadcastString();
116 
117     /***
118      * @return
119      */
120     protected abstract String getAddressSeparator();
121 
122 }