[SNMP4J] securityName argument of SnmpTargetMIB.addTargetParams()
Kanda Norimichi
nkanda at fsi.co.jp
Mon Apr 16 11:37:16 CEST 2007
Dear Mr. Fock:
Thank you for your reply.
I reviewed procedures based on your advice.
[In case of Community-base]
Tracking procedures, in
SnmpTargetMIB.SnmpTargetAddrEntryRow.getTarget(contextEngineID,contextName),
securityName was set forward message as-is because
SnmpTargetMIB.coexistenceProvider was null.
In TestProxy (extend BaseAgent), overriding init() method and calling below,
I could resolve that on the surface.
----
snmpTargetMIB.setCoexistenceProvider(snmpCommunityMIB);
----
Is the way of dealing no preblem?
(I'm worried about timing of calling previous procedure and callable condition.)
[In case of USM-base]
I recognize there is restriction in SNMP4J that in parameter registered on
USM, it must be securityName==userName.
Is it OK?
Sincerely.
Norimichi Kanda
> -----Original Message-----
> From: Frank Fock [mailto:fock at agentpp.com]
> Sent: Tuesday, April 10, 2007 4:15 PM
> To: Kanda Norimichi
> Subject: Re: [SNMP4J] securityName argument of
> SnmpTargetMIB.addTargetParams()
>
>
> Hi,
>
> Kanda Norimichi wrote:
> >
> > Near 355th line in TestProxy shown in E-mail of March 20: "How to use ProxyForwarder",
> > securityName argument was set communityName
> > at SnmpTargetMIB.addTargetParams() was called.
> > ----
> > getSnmpTargetMIB().addTargetParams(
> > snmpTargetParamsName,
> > MessageProcessingModel.MPv1,
> > SecurityModel.SECURITY_MODEL_SNMPv1,
> >>> communityName,
> > SecurityLevel.NOAUTH_NOPRIV,
> > StorageType.volatile_);
> > ----
> > I changed securityName argument to securityName and tried,
> > then securityName was set community-name field of forwarded message(GetNext)
> > directly.
> >
> > Similarly, I created TestProxy for SNMPv3 Agent and tried,
> > then securityName was set msgUserName field directly.
> >
> > What should I set securityName argument of SnmpTargetMIB.addTargetParams()?
> >
>
> As the name "securityName" suggest this should be
> the security name to be used for the target.
> If the message sent to the target is a SNMPv3
> message, then the set security name is used directly.
> If the version is v1 or v2c, then the SNMP-COMMUNITY-MIB
> is used to map the securityName to a community. If the
> above MIB module does not exists in an agent, then
> the securityName is used as community (to simplify some
> setups).
>
> > For your information, I found the following at 377th line in USM.java,
> > is it no problem?
> > ----
> > usmSecurityParams.setAuthenticationKey(user.getAuthenticationKey());
> > usmSecurityParams.setPrivacyKey(user.getPrivacyKey());
> >>> usmSecurityParams.setUserName(user.getUsmUser().getSecurityName());
> > usmSecurityParams.setAuthoritativeEngineID(secEngineID.getValue());
> > }
> > ----
> >
> Security name equals user name for the user bases security model
> (USM), so this is OK.
>
> Best regards,
> Frank Fock
>
> > Sincerely.
> >
> > Norimichi Kanda
> >
> > _______________________________________________
> > SNMP4J mailing list
> > SNMP4J at agentpp.org
> > http://lists.agentpp.org/mailman/listinfo/snmp4j
>
> --
> AGENT++
> http://www.agentpp.com
> http://www.mibexplorer.com
> http://www.mibdesigner.com
>
More information about the SNMP4J
mailing list