[SNMP4J] SNMPv3 Configuration
Jim Doble
jim.doble at tavve.com
Fri Jul 1 23:13:41 CEST 2005
I am developing an application that for purposes of discussion can be
thought of as a management application, and am trying to figure out if it
possible for SNMP4J to handle the case where I might have different
passwords for the same securityName on different managed devices, but I do
not know the engineIDs for these devices in advance. That is, I would like
to have a configuration table that maps device address (host name or IP
address) and security name pairs to the security algorithms and passwords to
be used for that security name on that device.
The USM class has two addUser methods: a two-parameter version that takes a
securityName and a UsmUser instance, and a three-parameter version that
takes a securityName, endingID, and UsmUser instance. The problem I am
having is that it doesn't make sense for me to use the two-parameter version
if I need different passwords for the same securityName on different
devices, because there is no way for me to register more than one entry
against a given security name. The problem I have with the three-parameter
version is that I don't know the engineID for each device in advance.
Is there a way for me, using SNMP4J, at the point where I first need to
query an SNMP device, to trigger the engineID discovery for that device,
then once the engineID has been obtained, register the UsmUser against the
securityName and the engineID, then perform my real query? When I run the
example code in Snmp.java, the engineID lookup is done automatically, so I
don't have an opportunity to register an engineID-specific UsmUser in
between the engineID lookup and my query.
My second question has to do with receiving traps. If I haven't discovered
the engingID for a device, so I haven't registered an engineID-specific
UsmUser entry with the USM yet, but receive a trap from that device, is
there any way for me to handle the trap? Theoretically, when the trap comes
in, I could take the address from which the trap was received and the
securityName, lookup the security passwords in my table, then take the
engineID from the trap and register an engineID-specific UsmUser entry with
the USM, then let the USM process the trap, provided that there are hooks in
SNMP4J that would allow me to do this. Is this possible?
So am I barking up the wrong tree trying to avoid having to know engineIDs
in advance? They seem like they would be rather painful to configure, and I
don't like requiring users to configure something that can be discovered.
Regards,
Jim Doble
Tavve Software Company
More information about the SNMP4J
mailing list