PathCheck() Example

The example in this section demonstrates how to implement a custom SAF for performing path checks. This example simply checks whether the requesting host is on a list of allowed hosts.

The Init function acf-init loads a file containing a list of allowable IP addresses with one IP address per line. The PathCheck function restrict_by_acf gets the IP address of the host that is making the request and checks whether it is on the list. If the host is on the list, it is allowed access. Otherwise, access is denied.

For simplicity, the stdio library is used to scan the IP addresses from the file.

Installing the PathCheck() Example

To load the shared object containing your functions, add the following directive in the Init section of the magnus.conf file:

Init fn=load-modules 
     shlib="path"
     funcs=acf-init, restrict-by-acf

To call acf-init to read the list of allowable hosts, add the following line to the Init section in magnus.conf. This line must come after the one that loads the library containing acf-init.

Init fn=acf-init 
     file=fileContainingHostsList

To execute your custom SAF during the request-response process for some object, add the following line to that object in the obj.conf file:

PathCheck fn=restrict-by-acf

The source code for this example is in pcheck.c in the install-dir/samples/nsapi/directory.