[SNMP4J] VACM access denied
jlazar
jol at netavis.hu
Thu Sep 26 13:29:59 CEST 2013
Hi,
I'm using the following code to setup and then send notifications both
to a defined V1 and V3 target. It seems that the V1 notification goes
out but for V3 it fails with VACM access denied. Please help me, I'm
hopeless.
protected void addNotificationTargets(SnmpTargetMIB targetMIB,
SnmpNotificationMIB notificationMIB) {
log("Adding notification targets");
targetMIB.addDefaultTDomains();
targetMIB.addTargetAddress(new OctetString("notificationV2c"),
TransportDomains.transportDomainUdpIpv4,
new OctetString(
new UdpAddress("127.0.0.1/162").getValue()),
200, 1,
new OctetString("notify"),
new OctetString("v2c"),
StorageType.permanent);
targetMIB.addTargetAddress(new OctetString("notificationV3"),
TransportDomains.transportDomainUdpIpv4,
new OctetString(
new UdpAddress("127.0.0.1/1162").getValue()),
200, 1,
new OctetString("notify"),
new OctetString("v3notify"),
StorageType.permanent);
targetMIB.addTargetParams(new OctetString("v2c"),
MessageProcessingModel.MPv2c,
SecurityModel.SECURITY_MODEL_SNMPv2c,
new OctetString("cpublic"),
SecurityLevel.AUTH_PRIV,
StorageType.permanent);
targetMIB.addTargetParams(new OctetString("v3notify"),
MessageProcessingModel.MPv3,
SecurityModel.SECURITY_MODEL_USM,
new OctetString("v3notify"),
SecurityLevel.NOAUTH_NOPRIV,
StorageType.permanent);
notificationMIB.addNotifyEntry(new OctetString("default"),
new OctetString("notify"),
SnmpNotificationMIB.SnmpNotifyTypeEnum.inform,
StorageType.permanent);
}
protected void addViews(VacmMIB vacm) {
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv1,
new OctetString("cpublic"),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_SNMPv2c,
new OctetString("cpublic"),
new OctetString("v1v2group"),
StorageType.nonVolatile);
vacm.addGroup(SecurityModel.SECURITY_MODEL_USM,
new
OctetString(fSNMPMappings.getUSMUser().getSecutiryName()),
new OctetString("v3group"),
StorageType.nonVolatile);
vacm.addAccess(new OctetString("v1v2group"),
new OctetString("public"),
SecurityModel.SECURITY_MODEL_ANY,
SecurityLevel.NOAUTH_NOPRIV,
MutableVACM.VACM_MATCH_EXACT,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
int level = SecurityLevel.AUTH_NOPRIV;
vacm.addAccess(new OctetString("v3group"),
new OctetString("public"),
SecurityModel.SECURITY_MODEL_USM,
level,
MutableVACM.VACM_MATCH_EXACT,
new OctetString("fullReadView"),
new OctetString("fullWriteView"),
new OctetString("fullNotifyView"),
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullReadView"), new
OID("1.3"),
new OctetString(), MutableVACM.VACM_VIEW_INCLUDED,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullWriteView"), new
OID("1.3"),
new OctetString(), MutableVACM.VACM_VIEW_INCLUDED,
StorageType.nonVolatile);
vacm.addViewTreeFamily(new OctetString("fullNotifyView"), new
OID("1.3"),
new OctetString(), MutableVACM.VACM_VIEW_INCLUDED,
StorageType.nonVolatile);
}
public void sendNotify(SNMPNotification notify) {
Event e = notify.getSourceEvent();
String text = notify.getEventBarText();
VariableBinding[] payload = new VariableBinding[8];
MOScalar oid = fNetavisMib.getO2EventName();
oid.setValue(new OctetString(e.getName()));
payload[0] = new VariableBinding(oid.getID(), oid.getValue());
oid = fNetavisMib.getO2EventNumber();
oid.setValue(new Integer32(e.getOwnID()));
payload[1] = new VariableBinding(oid.getID(), oid.getValue());
oid = fNetavisMib.getO2EventStamp();
oid.setValue(new Integer32((int)(e.getEventStamp() / 1000L)));
payload[2] = new VariableBinding(oid.getID(), oid.getValue());
int id = 0;
String name = "";
if (e.isCameraSpecific()) {
id = e.getCameraID();
name = e.getCameraName();
}
oid = fNetavisMib.getO2EventCameraID();
oid.setValue(new Integer32(id));
payload[3] = new VariableBinding(oid.getID(), oid.getValue());
oid = fNetavisMib.getO2EventCameraName();
oid.setValue(new OctetString(name));
payload[4] = new VariableBinding(oid.getID(), oid.getValue());
id = 0;
name = "";
if (e.isUserSpecific()) {
id = e.getUserID();
name = e.gimmeUserName();
}
oid = fNetavisMib.getO2EventUserID();
oid.setValue(new Integer32(id));
payload[5] = new VariableBinding(oid.getID(), oid.getValue());
oid = fNetavisMib.getO2EventUserName();
oid.setValue(new OctetString(name));
payload[6] = new VariableBinding(oid.getID(), oid.getValue());
oid = fNetavisMib.getO2EventDescription();
oid.setValue(new OctetString(text));
payload[7] = new VariableBinding(oid.getID(), oid.getValue());
fNetavisMib.o2Event(agent.getNotificationOriginator(),
new OctetString("public"), payload);
log("TRAP has been sent for event: '" + text + "'");
}
// Notifications
public void o2Event(NotificationOriginator notificationOriginator,
OctetString context, VariableBinding[] vbs) {
if (vbs.length < 8) {
throw new IllegalArgumentException("Too few notification objects: "+
vbs.length+"<8");
}
if (!(vbs[0].getOid().startsWith(oidTrapVarO2EventName))) {
throw new IllegalArgumentException("Variable 0 has wrong OID:
"+vbs[0].getOid()+
" does not start with
"+oidTrapVarO2EventName);
}
if (!(vbs[1].getOid().startsWith(oidTrapVarO2EventNumber))) {
throw new IllegalArgumentException("Variable 1 has wrong OID:
"+vbs[1].getOid()+
" does not start with
"+oidTrapVarO2EventNumber);
}
if (!(vbs[2].getOid().startsWith(oidTrapVarO2EventStamp))) {
throw new IllegalArgumentException("Variable 2 has wrong OID:
"+vbs[2].getOid()+
" does not start with
"+oidTrapVarO2EventStamp);
}
if (!(vbs[3].getOid().startsWith(oidTrapVarO2EventCameraID))) {
throw new IllegalArgumentException("Variable 3 has wrong OID:
"+vbs[3].getOid()+
" does not start with
"+oidTrapVarO2EventCameraID);
}
if (!(vbs[4].getOid().startsWith(oidTrapVarO2EventCameraName))) {
throw new IllegalArgumentException("Variable 4 has wrong OID:
"+vbs[4].getOid()+
" does not start with
"+oidTrapVarO2EventCameraName);
}
if (!(vbs[5].getOid().startsWith(oidTrapVarO2EventUserID))) {
throw new IllegalArgumentException("Variable 5 has wrong OID:
"+vbs[5].getOid()+
" does not start with
"+oidTrapVarO2EventUserID);
}
if (!(vbs[6].getOid().startsWith(oidTrapVarO2EventUserName))) {
throw new IllegalArgumentException("Variable 6 has wrong OID:
"+vbs[6].getOid()+
" does not start with
"+oidTrapVarO2EventUserName);
}
if (!(vbs[7].getOid().startsWith(oidTrapVarO2EventDescription))) {
throw new IllegalArgumentException("Variable 7 has wrong OID:
"+vbs[7].getOid()+
" does not start with
"+oidTrapVarO2EventDescription);
}
notificationOriginator.notify(context, oidO2Event, vbs);
}
Output after an event:
INFO: Sent notification INFORM[requestID=995562723,
errorStatus=Success(0), errorIndex=0, VBS[1.3.6.1.2.1.1.3.0 =
0:02:08.39; 1.3.6.1.6.3.1.1.4.1.0 = 1.3.6.1.4.1.33687.1.2.0.1;
1.3.6.1.4.1.33687.1.1.3.1.0 = UserLoggedIn; 1.3.6.1.4.1.33687.1.1.3.2.0
= 28175745; 1.3.6.1.4.1.33687.1.1.3.3.0 = 1379312532;
1.3.6.1.4.1.33687.1.1.3.4.0 = 0; 1.3.6.1.4.1.33687.1.1.3.5.0 = ;
1.3.6.1.4.1.33687.1.1.3.6.0 = 1; 1.3.6.1.4.1.33687.1.1.3.7.0 = ;
1.3.6.1.4.1.33687.1.1.3.9.0 = User admin at 192.168.7.161 logged in]] to
CommunityTarget[address=127.0.0.1/162, version=1, timeout=2000,
retries=1, community=cpublic]
Sep 16, 2013 8:22:17 AM org.snmp4j.log.JavaLogAdapter log
WARNING: Access denied by VACM for 1.3.6.1.4.1.33687.1.2.0.1
Thanks for any help.
Joseph
More information about the SNMP4J
mailing list