Package org.snmp4j.agent.mo.snmp
Class VacmMIB
java.lang.Object
org.snmp4j.agent.mo.snmp.VacmMIB
- All Implemented Interfaces:
MOGroup
,MutableVACM
,VACM
This concrete implementation of the SNMP-VIEW-BASED-ACM-MIB (RFC 3415).
The configuration of the view access model can be changed programatically
(see
MutableVACM
) or via SNMP but an initial configuration must be
created programatically in order to allow any access to the agent via SNMP.- Version:
- 1.0
- Author:
- Frank Fock
-
Nested Class Summary
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final int
static final org.snmp4j.smi.OID
static final org.snmp4j.smi.OID
static final int
static final int
static final org.snmp4j.smi.OID
static final int
static final int
static final org.snmp4j.smi.OID
static final org.snmp4j.smi.OID
Fields inherited from interface org.snmp4j.agent.security.MutableVACM
VACM_MATCH_EXACT, VACM_MATCH_PREFIX, VACM_VIEW_EXCLUDED, VACM_VIEW_INCLUDED
Fields inherited from interface org.snmp4j.agent.security.VACM
VACM_NO_ACCESS_ENTRY, VACM_NO_GROUP_NAME, VACM_NO_SUCH_CONTEXT, VACM_NO_SUCH_VIEW, VACM_NOT_IN_VIEW, VACM_OK, VACM_OTHER_ERROR, VIEW_NOTIFY, VIEW_READ, VIEW_WRITE
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
addAccess
(org.snmp4j.smi.OctetString groupName, org.snmp4j.smi.OctetString contextPrefix, int securityModel, int securityLevel, int match, org.snmp4j.smi.OctetString readView, org.snmp4j.smi.OctetString writeView, org.snmp4j.smi.OctetString notifyView, int storageType) Adds an access entry to this VACM and thus adds access rights for a group.void
addGroup
(int securityModel, org.snmp4j.smi.OctetString securityName, org.snmp4j.smi.OctetString groupName, int storageType) Adds a security model and name to group name mapping to this VACM.void
addViewTreeFamily
(org.snmp4j.smi.OctetString viewName, org.snmp4j.smi.OID subtree, org.snmp4j.smi.OctetString mask, int type, int storageType) Adds a new view to this VACM.org.snmp4j.smi.OctetString
getViewName
(org.snmp4j.smi.OctetString context, org.snmp4j.smi.OctetString securityName, int securityModel, int securityLevel, int viewType) Gets the view name of the view defined by the supplied credentials.int
isAccessAllowed
(org.snmp4j.smi.OctetString context, org.snmp4j.smi.OctetString securityName, int securityModel, int securityLevel, int viewType, org.snmp4j.smi.OID oid) Checks whether access is allowed in the specified context for the security name, model, level, and view type for the supplied OID.int
isAccessAllowed
(org.snmp4j.smi.OctetString viewName, org.snmp4j.smi.OID oid) Checks if access is allowed for the given OID within the specified view.void
registerMOs
(MOServer server, org.snmp4j.smi.OctetString context) Registers the managed objects of this group with the server for the supplied context.boolean
removeAccess
(org.snmp4j.smi.OctetString groupName, org.snmp4j.smi.OctetString contextPrefix, int securityModel, int securityLevel) Removes an access entry from this VACM.boolean
removeGroup
(int securityModel, org.snmp4j.smi.OctetString securityName) Removes a security model and name to group name mapping from this VACM.boolean
removeViewTreeFamily
(org.snmp4j.smi.OctetString viewName, org.snmp4j.smi.OID subtree) Removes a view tree family from this VACM.void
unregisterMOs
(MOServer server, org.snmp4j.smi.OctetString context) Unregisters the managed objects of this group from the supplied server and from the supplied context.
-
Field Details
-
vacmContextEntryOID
public static final org.snmp4j.smi.OID vacmContextEntryOID -
colVacmGroupName
public static final int colVacmGroupName- See Also:
-
colVacmSecurityToGroupStorageType
public static final int colVacmSecurityToGroupStorageType- See Also:
-
colVacmSecurityToGroupRowStatus
public static final int colVacmSecurityToGroupRowStatus- See Also:
-
idxVacmGroupName
public static final int idxVacmGroupName- See Also:
-
idxVacmSecurityToGroupStorageType
public static final int idxVacmSecurityToGroupStorageType- See Also:
-
idxVacmSecurityToGroupRowStatus
public static final int idxVacmSecurityToGroupRowStatus- See Also:
-
vacmSecurityToGroupEntryOID
public static final org.snmp4j.smi.OID vacmSecurityToGroupEntryOID -
colVacmAccessContextMatch
public static final int colVacmAccessContextMatch- See Also:
-
colVacmAccessReadViewName
public static final int colVacmAccessReadViewName- See Also:
-
colVacmAccessWriteViewName
public static final int colVacmAccessWriteViewName- See Also:
-
colVacmAccessNotifyViewName
public static final int colVacmAccessNotifyViewName- See Also:
-
colVacmAccessStorageType
public static final int colVacmAccessStorageType- See Also:
-
colVacmAccessRowStatus
public static final int colVacmAccessRowStatus- See Also:
-
idxVacmAccessContextPrefix
public static final int idxVacmAccessContextPrefix- See Also:
-
idxVacmAccessSecurityModel
public static final int idxVacmAccessSecurityModel- See Also:
-
idxVacmAccessSecurityLevel
public static final int idxVacmAccessSecurityLevel- See Also:
-
idxVacmAccessContextMatch
public static final int idxVacmAccessContextMatch- See Also:
-
idxVacmAccessReadViewName
public static final int idxVacmAccessReadViewName- See Also:
-
idxVacmAccessWriteViewName
public static final int idxVacmAccessWriteViewName- See Also:
-
idxVacmAccessNotifyViewName
public static final int idxVacmAccessNotifyViewName- See Also:
-
idxVacmAccessStorageType
public static final int idxVacmAccessStorageType- See Also:
-
idxVacmAccessRowStatus
public static final int idxVacmAccessRowStatus- See Also:
-
vacmAccessEntryOID
public static final org.snmp4j.smi.OID vacmAccessEntryOID -
vacmExactMatch
public static final int vacmExactMatch- See Also:
-
vacmPrefixMatch
public static final int vacmPrefixMatch- See Also:
-
vacmViewSpinLockOID
public static final org.snmp4j.smi.OID vacmViewSpinLockOID -
colVacmViewTreeFamilyMask
public static final int colVacmViewTreeFamilyMask- See Also:
-
colVacmViewTreeFamilyType
public static final int colVacmViewTreeFamilyType- See Also:
-
colVacmViewTreeFamilyStorageType
public static final int colVacmViewTreeFamilyStorageType- See Also:
-
colVacmViewTreeFamilyRowStatus
public static final int colVacmViewTreeFamilyRowStatus- See Also:
-
idxVacmViewTreeSubtree
public static final int idxVacmViewTreeSubtree- See Also:
-
idxVacmViewTreeFamilyMask
public static final int idxVacmViewTreeFamilyMask- See Also:
-
idxVacmViewTreeFamilyType
public static final int idxVacmViewTreeFamilyType- See Also:
-
idxVacmViewTreeFamilyStorageType
public static final int idxVacmViewTreeFamilyStorageType- See Also:
-
idxVacmViewTreeFamilyRowStatus
public static final int idxVacmViewTreeFamilyRowStatus- See Also:
-
vacmViewTreeFamilyEntryOID
public static final org.snmp4j.smi.OID vacmViewTreeFamilyEntryOID -
vacmViewIncluded
public static final int vacmViewIncluded- See Also:
-
vacmViewExcluded
public static final int vacmViewExcluded- See Also:
-
-
Constructor Details
-
VacmMIB
-
-
Method Details
-
registerMOs
public void registerMOs(MOServer server, org.snmp4j.smi.OctetString context) throws DuplicateRegistrationException Description copied from interface:MOGroup
Registers the managed objects of this group with the server for the supplied context.- Specified by:
registerMOs
in interfaceMOGroup
- Parameters:
server
- theMOServer
where to register the managed objects.context
- the context to use (may benull
if no specific context is selected).- Throws:
DuplicateRegistrationException
- if a managed object's scope (i.e. lower bound) is already registered at the server.
-
unregisterMOs
Description copied from interface:MOGroup
Unregisters the managed objects of this group from the supplied server and from the supplied context.- Specified by:
unregisterMOs
in interfaceMOGroup
- Parameters:
server
- theMOServer
where to unregister the managed objects.context
- the context to use (may benull
if no specific context is selected).
-
isAccessAllowed
public int isAccessAllowed(org.snmp4j.smi.OctetString context, org.snmp4j.smi.OctetString securityName, int securityModel, int securityLevel, int viewType, org.snmp4j.smi.OID oid) Description copied from interface:VACM
Checks whether access is allowed in the specified context for the security name, model, level, and view type for the supplied OID.- Specified by:
isAccessAllowed
in interfaceVACM
- Parameters:
context
- the context for which access is requested.securityName
- the security name.securityModel
- the security model, seeSecurityModel
for possible values.securityLevel
- the security level, seeSecurityLevel
for possible values.viewType
- the requested view type, possible values areVACM.VIEW_NOTIFY
,VACM.VIEW_READ
, andVACM.VIEW_WRITE
.oid
- the OID of the object instance for which access is requested.- Returns:
VACM.VACM_OK
if access is granted or one of the VACM errors defined by this interface if access is rejected.
-
getViewName
public org.snmp4j.smi.OctetString getViewName(org.snmp4j.smi.OctetString context, org.snmp4j.smi.OctetString securityName, int securityModel, int securityLevel, int viewType) Description copied from interface:VACM
Gets the view name of the view defined by the supplied credentials.- Specified by:
getViewName
in interfaceVACM
- Parameters:
context
- the context for which access is requested.securityName
- the security name.securityModel
- the security model, seeSecurityModel
for possible values.securityLevel
- the security level, seeSecurityLevel
for possible values.viewType
- the requested view type, possible values areVACM.VIEW_NOTIFY
,VACM.VIEW_READ
, andVACM.VIEW_WRITE
.- Returns:
- the view name if the credentials can be mapped to an existing view.
Otherwise, if no such view exists then
null
is returned.
-
isAccessAllowed
public int isAccessAllowed(org.snmp4j.smi.OctetString viewName, org.snmp4j.smi.OID oid) Description copied from interface:VACM
Checks if access is allowed for the given OID within the specified view.- Specified by:
isAccessAllowed
in interfaceVACM
- Parameters:
viewName
- the name of an existing view, i.e. that has bee retrieved byVACM.getViewName(org.snmp4j.smi.OctetString, org.snmp4j.smi.OctetString, int, int, int)
before.oid
- the OID of the object instance for which access is requested.- Returns:
VACM.VACM_OK
if access is granted or one of the VACM errors defined by this interface if access is rejected.
-
addGroup
public void addGroup(int securityModel, org.snmp4j.smi.OctetString securityName, org.snmp4j.smi.OctetString groupName, int storageType) Adds a security model and name to group name mapping to this VACM. Any already existing mapping for the security name and model will be silently replaced.- Specified by:
addGroup
in interfaceMutableVACM
- Parameters:
securityModel
- the security model.securityName
- the security name.groupName
- the group name.storageType
- the storage type for the new entry.
-
removeGroup
public boolean removeGroup(int securityModel, org.snmp4j.smi.OctetString securityName) Removes a security model and name to group name mapping from this VACM.- Specified by:
removeGroup
in interfaceMutableVACM
- Parameters:
securityModel
- the security model.securityName
- the security name.- Returns:
true
when the entry has been removed orfalse
if such a mapping could not be found.
-
addAccess
public void addAccess(org.snmp4j.smi.OctetString groupName, org.snmp4j.smi.OctetString contextPrefix, int securityModel, int securityLevel, int match, org.snmp4j.smi.OctetString readView, org.snmp4j.smi.OctetString writeView, org.snmp4j.smi.OctetString notifyView, int storageType) Adds an access entry to this VACM and thus adds access rights for a group.- Specified by:
addAccess
in interfaceMutableVACM
- Parameters:
groupName
- the group for which access rights are to be added.contextPrefix
- the context or context prefix.securityModel
- the security modelsecurityLevel
- the security levelmatch
- indicates whether exact context match (vacmExactMatch
) or prefix context match (vacmPrefixMatch
) should be used by the new entry.readView
- the view name for read access (use a zero length OctetString to disable access).writeView
- the view name for write access (use a zero length OctetString to disable access).notifyView
- the view name for notify access (use a zero length OctetString to disable access).storageType
- theStorageType
for this access entry.
-
removeAccess
public boolean removeAccess(org.snmp4j.smi.OctetString groupName, org.snmp4j.smi.OctetString contextPrefix, int securityModel, int securityLevel) Removes an access entry from this VACM.- Specified by:
removeAccess
in interfaceMutableVACM
- Parameters:
groupName
- the group for which access rights are to be added.contextPrefix
- the context or context prefix.securityModel
- the security modelsecurityLevel
- the security level- Returns:
true
when the entry has been removed orfalse
if no such entry could be found.
-
addViewTreeFamily
public void addViewTreeFamily(org.snmp4j.smi.OctetString viewName, org.snmp4j.smi.OID subtree, org.snmp4j.smi.OctetString mask, int type, int storageType) Adds a new view to this VACM. An already existing entry with the same view name and subtree OID will be replaced silently.- Specified by:
addViewTreeFamily
in interfaceMutableVACM
- Parameters:
viewName
- the view name.subtree
- the subtree OID.mask
- the bit mask which, in combination withsubtree
, defines a family of view subtrees.type
- indicates whether the view defined bysubtree
andmask
is included (vacmViewIncluded
) or excluded (@link #vacmViewExcluded}) from the MIB view.storageType
- theStorageType
for this access entry.
-
removeViewTreeFamily
public boolean removeViewTreeFamily(org.snmp4j.smi.OctetString viewName, org.snmp4j.smi.OID subtree) Removes a view tree family from this VACM.- Specified by:
removeViewTreeFamily
in interfaceMutableVACM
- Parameters:
viewName
- the view name.subtree
- the subtree OID.- Returns:
true
when the entry has been removed orfalse
if no such entry could be found.
-
getVacmSecurityToGroupTable
-