[SNMP4J] Amending users

Young, Alistair alistair.young at logica.com
Tue Mar 24 12:16:03 CET 2009 

Hi Frank.

In case you're interested, the NullPointerException occurs at line 538 of UsmMIB.java:

537: for (int p=0; p<2; p++) {
538:    oldKeys[p] = new OctetString(getKey(oldUserEntry, p));

On the second time around the loop, getKey returns null (because my user has no privacy password set) and so the OctetString constructor throws the NPE. 

To trigger my serialisation, I've ended up adding a UsmUserListener:

public class Agent extends BaseAgent implements UsmUserListener {

   // ...

   public void init() {
      super.init();
      // ...
      this.getUsm().addUsmUserListener(this);
      this.finishInit();
   }

   public void usmUserChange(UsmUserEvent event) {
      this.saveConfig();
   }

}

Anyway, thanks for the tips - and for all your work on the SNMP4J library!

Cheers,


Alistair.

-----Original Message-----
From: Frank Fock [mailto:fock at agentpp.com] 
Sent: 23 March 2009 22:54
To: Young, Alistair
Cc: snmp4j at agentpp.org
Subject: Re: [SNMP4J] Amending users

When you get a NullPointerException then something else seems to be misconfigured.

Yes, you can add a listener and save the config while the agent is running. I would use a MOServerLookupListener at the MOServer.

Frank


Young, Alistair wrote:
> Thanks, Frank.
> 
> I tried removing the -xDES switch, but it still failed.  However, I noticed the agent throwing a NullPointerException and found that I could resolve this by ensuring that my user was given a privacy password even if it wasn't going to be used.
> 
> So everything now seems happy while the agent is running, and I can use snmpusm to change the user's password(s).
> 
> My next question is about serialising the change in password.  It appears that the user data gets written to the standard config file (agent.saveConfig()).  Is it possible to force this serialisation to occur each time a password changes?  Perhaps I can add a listener to a particular MIB entry and trigger it that way?
> 
> Cheers,
> 
> 
> Alistair.
> 
> -----Original Message-----
> From: Frank Fock [mailto:fock at agentpp.com]
> Sent: 23 March 2009 17:44
> To: Young, Alistair
> Cc: snmp4j at agentpp.org
> Subject: Re: [SNMP4J] Amending users
> 
> Hi Alistair,
> 
> Yes, you can add, remove, and change users through SNMP. However, you need an user with the same security level (i.e. authPriv) to do that. Since your user is only an authnoPriv user, you can only change the authentication password, but you did specify also -xDES which might have caused a problem.
> 
> Best regards,
> Frank
> 
> Young, Alistair wrote:
>> Hello all,
>>  
>> Is it possible to dynamically amend user details in an SNMP4J agent?
>>  
>> I have an Agent, overriding BaseAgent, which currently defines a 
>> single SNMP user:
>>  
>> protected void addUsmUser(USM usm) {
>>    UsmUser user = new UsmUser
>>       new OctetString(username),
>>       AuthMD5.ID,
>>       new OctetString(password),
>>       null,
>>       null);
>>    usm.addUser(user.getSecurityName(), user); }
>>  
>> I can use this user quite happily to get/set values in my MIB tree.
>>  
>> But, it is possible to dynamically change the user's password?  I've 
>> tried using the snmpusm command line tool (from the net-snmp library) 
>> as
>> follows:
>>  
>> snmpusm -v3 -lauthNoPriv -xDES -aMD5 -A<password> -u<username>
>> 192.168.10.10:16001 -Ca passwd <password> <newpassword> <username>
>>  
>> But this fails with:
>> Error in packet.
>> Reason: commitFailed
>> Failed object:
>> SNMP-USER-BASED-SM-MIB::usmUserAuthKeyChange."...p....*"."<username>"
>>  
>> Could I reasonably have expected this to work?
>>  
>> Assuming that I can get this to work - does SNMP4J provide any direct 
>> support for obtaining the user details from a file?  (So that I can 
>> remove the code which creates the user each time the agent starts).
>>  
>> Thanks in advance for any help!
>>  
>>  
>> Alistair.
>>
>>
>> Please help Logica to respect the environment by not printing this email  /  Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail /  Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen  /  Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico.
>>
>>
>>
>> This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
>>
>> _______________________________________________
>> SNMP4J mailing list
>> SNMP4J at agentpp.org
>> http://lists.agentpp.org/mailman/listinfo/snmp4j
> 

-- 
AGENT++
http://www.agentpp.com
http://www.mibexplorer.com
http://www.mibdesigner.com



Please help Logica to respect the environment by not printing this email  /  Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail /  Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen  /  Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico.



This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

More information about the SNMP4J mailing list