[SNMP4J] Agent VACM question

Jothi P Neelamegam jothi at VerariSoft.Com
Mon Dec 11 06:06:13 CET 2006 

I think I have not made myself clear :)

What I am saying is that we hit (and this is the correct behaviour)
if (viewName == null)
{
         //This is reached
          setAuthorizationError(req, VACM.VACM_NO_SUCH_VIEW);
  }

and then go on to FinalizeRequest.

In FinalizeRequest, we send reponse only when a request is complete.
If we get this authorization error, the request is not complete and 
FinalizeRequest does not send the response. So, we time out.

Instead, to send responses when there is this authorization error, we have 
to either
1. send the response inside the (viewName == null) block or
2. we need to artifically set the request to complete and make the finalize 
request send it.

I hope it is clear.

I am using agent snmp4j-agent-1.0.1a.
And yes, I have set up te COMMUNITY-MIB.

Jothi

  On Sat, 9 Dec 2006, Frank Fock wrote:

> Hi Jothi,
>
> Setting the error status on a request completes it
> as a side effect. So I do not understand why
> completing it explicitly should change anything.
> Have you tried it? What version of SNMP4J-Agent
> are you using?
>
> Have you set up the SNMP-COMMUNITY-MIB?
>
> Best regards,
> Frank
>
> Jothi P Neelamegam wrote:
>> Hi,
>> 
>> If I create a group with null writeview (I do not want members of this 
>> group to have any write access at all ) and then try to do a set operation 
>> with a member of this group, I get a time out instead of an "Access 
>> denied" error.
>> 
>> Here is a sample code snippet:
>> 
>> In test agent,
>> vacm.addGroup (v2c,"myuser", "mygroup", ...);
>> vacm.addAccess(new OctetString("mygroup"),..,..,..,
>>     new OctetString("fullReadView"),
>>     null,  // null write view
>>     ...)
>> 
>> Now, when I do
>> snmpset -c myuser parameters
>> 
>> I get a timeout.
>> 
>> On exploring, a simple modification to CommandProcessor.java can fix this:
>> 
>> Currently, in processReqeuest
>> 
>> processRequest {
>>     if (viewName == null)
>>     {
>>         //This is reached
>>         setAuthorizationError(req, VACM.VACM_NO_SUCH_VIEW);
>>     }
>>     else
>>     {
>>         // Do processing
>>     }
>>     finalizeRequest()
>> }
>> 
>> And
>> finalizeRequest
>> {
>>     if (req.isComplete()) {    // Request is not complete as we have
>>                                       auth error, so no response is sent.
>>         //send response
>>     }
>> }
>> 
>> If the code is modified either (in processRequest, after 
>> setAuthorizationError)
>> 1. to mark the request as complete  or
>> 2. sendResponse and return
>> 
>> we can handle this problem.
>> 
>> Thanks
>> Jothi
>> 
>> 
>> 
>> Jothi P Neelamegam
>> Verari Systems Pvt. Ltd. Bangalore, India
>> Work: +91 (80) 26346485, 26557998
>> http://verarisoft.com http://verari.com
>> --------------------------------------------------------------------------
>> The information contained in this communication may be confidential and is
>> intended only for the use of the recipient(s) named above.  If the reader
>> of this communication is not the intended recipient(s), you are hereby
>> notified that any dissemination, distribution, or copying of this
>> communication, or any of its contents, is strictly prohibited.  If you are
>> not a named recipient or received this communication by mistake, please
>> notify the sender and delete the communication and all copies of it.
>> 
>> _______________________________________________
>> SNMP4J mailing list
>> SNMP4J at agentpp.org
>> http://lists.agentpp.org/mailman/listinfo/snmp4j
>
> -- 
> AGENT++
> http://www.agentpp.com
> http://www.mibexplorer.com
> http://www.mibdesigner.com
>
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/snmp4j
>

Jothi P Neelamegam
Verari Systems Pvt. Ltd. 
Bangalore, India
Work: +91 (80) 26346485, 26557998
http://verarisoft.com http://verari.com
--------------------------------------------------------------------------
The information contained in this communication may be confidential and is
intended only for the use of the recipient(s) named above.  If the reader
of this communication is not the intended recipient(s), you are hereby
notified that any dissemination, distribution, or copying of this
communication, or any of its contents, is strictly prohibited.  If you are
not a named recipient or received this communication by mistake, please
notify the sender and delete the communication and all copies of it.

More information about the SNMP4J mailing list