2 * Copyright (c) 2002-2004 Sun Microsystems, Inc. All rights reserved.
4 * The Sun Project JXTA(TM) Software License
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
9 * 1. Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright notice,
13 * this list of conditions and the following disclaimer in the documentation
14 * and/or other materials provided with the distribution.
16 * 3. The end-user documentation included with the redistribution, if any, must
17 * include the following acknowledgment: "This product includes software
18 * developed by Sun Microsystems, Inc. for JXTA(TM) technology."
19 * Alternately, this acknowledgment may appear in the software itself, if
20 * and wherever such third-party acknowledgments normally appear.
22 * 4. The names "Sun", "Sun Microsystems, Inc.", "JXTA" and "Project JXTA" must
23 * not be used to endorse or promote products derived from this software
24 * without prior written permission. For written permission, please contact
25 * Project JXTA at http://www.jxta.org.
27 * 5. Products derived from this software may not be called "JXTA", nor may
28 * "JXTA" appear in their name, without prior written permission of Sun.
30 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
31 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
32 * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SUN
33 * MICROSYSTEMS OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
34 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
35 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
36 * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
37 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
38 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
39 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41 * JXTA is a registered trademark of Sun Microsystems, Inc. in the United
42 * States and other countries.
44 * Please see the license information page at :
45 * <http://www.jxta.org/project/www/license.html> for instructions on use of
46 * the license in source files.
48 * ====================================================================
50 * This software consists of voluntary contributions made by many individuals
51 * on behalf of Project JXTA. For more information on Project JXTA, please see
52 * http://www.jxta.org.
54 * This license is based on the BSD license adopted by the Apache Foundation.
57 package net.jxta.impl.util;
60 import java.io.InputStream;
63 import java.net.URLConnection;
65 import java.io.IOException;
67 import java.util.logging.Level;
68 import net.jxta.logging.Logging;
69 import java.util.logging.Logger;
70 import net.jxta.protocol.PeerAdvertisement;
71 import net.jxta.protocol.RouteAdvertisement;
73 import net.jxta.impl.access.AccessList;
74 import net.jxta.impl.endpoint.EndpointUtils;
78 * Provides support for the optional access control list which determines which
81 public abstract class ACLSeedingManager implements SeedingManager {
86 private static final transient Logger LOG = Logger.getLogger(ACLSeedingManager.class.getName());
89 * The interval in milliseconds at which the ACL be refreshed from the
92 private static final long ACL_REFRESH_INTERVAL = 30 * TimeUtils.AMINUTE;
95 * The access control list which controls which hosts are allowed.
97 private final URI aclLocation;
100 * The last known modification time of the ACL.
102 private long aclLastModified = 0;
105 * Manages access to the seeds.
107 protected final AccessList acl = new AccessList();
110 * The absolute time in milliseconds after which we will attempt to refresh
111 * the access control list from the acl URI.
113 private long nextACLrefreshTime = 0;
116 * Constructs a new ACL seeding manager.
118 * @param aclLocation The location of the ACL file or {@code null} if no
119 * ACL file should be used.
121 public ACLSeedingManager(URI aclLocation) {
122 this.aclLocation = aclLocation;
124 // Default to allowing all peers.
125 acl.setGrantAll(true);
126 if (null == aclLocation) {
128 nextACLrefreshTime = Long.MAX_VALUE;
135 * <p/>Performs it's determination based solely on the list of peers in
138 public boolean isAcceptablePeer(PeerAdvertisement peeradv) {
139 RouteAdvertisement route = EndpointUtils.extractRouteAdv(peeradv);
142 return isAcceptablePeer(route);
144 // No route? It's only OK if we are approving everyone.
145 return acl.getGrantAll();
152 * <p/>Performs it's determination based solely on the list of peers in
155 public synchronized boolean isAcceptablePeer(RouteAdvertisement radv) {
159 if (TimeUtils.timeNow() > nextACLrefreshTime) {
160 if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
161 LOG.fine("Updating ACL");
165 URL asURL = aclLocation.toURL();
166 URLConnection connection = asURL.openConnection();
168 connection.setDoInput(true);
169 InputStream is = connection.getInputStream();
171 long last_mod = connection.getLastModified();
173 if ((last_mod == 0) || (last_mod > aclLastModified)) {
174 acl.setGrantAll(false);
178 nextACLrefreshTime = TimeUtils.toAbsoluteTimeMillis(ACL_REFRESH_INTERVAL);
179 } catch (IOException failed) {
180 // be lenient in response to failures.
181 if (Logging.SHOW_WARNING && LOG.isLoggable(Level.WARNING)) {
182 LOG.log(Level.WARNING, "ACL update failed. GRANTING ALL PERMISSIONS.", failed);
185 acl.setGrantAll(true);
187 nextACLrefreshTime = TimeUtils.toAbsoluteTimeMillis(ACL_REFRESH_INTERVAL / 2);
191 return acl.isAllowed(radv.getDestPeerID());