View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership. The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License. You may obtain a copy of the License at
9    * 
10   *      http://www.apache.org/licenses/LICENSE-2.0
11   * 
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  package org.apache.river.phoenix.common;
20  
21  import java.io.IOException;
22  import java.net.InetAddress;
23  import java.net.NetworkInterface;
24  import java.rmi.server.ServerNotActiveException;
25  import java.security.AccessControlException;
26  import java.util.HashMap;
27  import java.util.Map;
28  import net.jini.export.ServerContext;
29  import net.jini.io.context.ClientHost;
30  
31  /**
32   * Definition of an access control only allowing calls from the local host.
33   *
34   * @author Sun Microsystems, Inc.
35   * 
36   * @since 2.0
37   */
38  public class LocalAccess {
39      private static Map cache = new HashMap(3);
40  
41      private LocalAccess() {
42      }
43  
44      /**
45       * Checks whether a call was made by a local host.
46       * Specifically, this means that if, in the dispatched call,
47       * there is a ServerContext and it contains an element
48       * that is an instance of ClientHost, then if the InetAddress
49       * returned by ClientHost.getClientHost is not a local
50       * network interface (according to NetworkInterface.getByInetAddress)
51       * or not a loopback address
52       * (according to NetworkInterface.isLoopBackAddress),
53       * the call will be rejected; in all other cases,
54       * the call will be accepted.
55       * 
56       * @throws AccessControlException when the origin is not a local host
57       */
58      public static synchronized void check() {
59  	ClientHost host = null;
60  	try {
61  	    host = (ClientHost)
62  		ServerContext.getServerContextElement(ClientHost.class);
63  	} catch (ServerNotActiveException e) {
64  	    return;
65  	}
66  	if (host == null) return;
67  	InetAddress addr = host.getClientHost();
68  	Boolean ok = (Boolean) cache.get(addr);
69  	if (ok == null) {
70  	    try {
71  		ok = Boolean.valueOf(addr != null && (NetworkInterface.getByInetAddress(
72  					addr) != null || addr.isLoopbackAddress()));
73  	    } catch (IOException e) {
74  		ok = Boolean.FALSE;
75  	    }
76  	    cache.put(addr, ok);
77  	}
78  	if (!ok.booleanValue()) {
79  	    throw new AccessControlException("origin is non-local host");
80  	}
81      }
82  }