In this SNMP manager application, we demonstrate how to implement and
enable a trap listener for the traps sent by the agent. First we need to instantiate
an SnmpEventReportDispatcher object. Then we add our
listener implementation through its addTrapListener
method, and finally we start its thread. Trap listeners can be implemented
in any manager using the SNMP manager API, not only synchronous managers.
17.1.2 Configuring SNMPv3 Security for Managers
Before you run the SNMPv3
manager examples, you require some information about how SNMPv3 user-based
model (USM) security is configured. Below is a brief description of the SNMPv3
security mechanism that provides you with the information you need to run
the SNMPv3 examples in this chapter. Full descriptions of the SNMPv3 security
mechanisms are given in 19.3 SNMPv3 User-Based Security Model.
An SNMPv3 manager requires a security file, in the same way as an SNMPv3
agent does. The jdmk.security file for an SNMPv3 manager
differs slightly from that of an SNMPv3 agent, as shown in the following example.
Example 17-2 A jdmk.security File for an SNMPv3 Manager
# User and security configuration
userEntry=0x8000002a05819dcb6e00001f95,defaultUser,,
usmHMACMD5AuthProtocol,mypasswd
userEntry=0x8000002a05819dcb6e00001f96,defaultUser,,
usmHMACMD5AuthProtocol,mypasswd
# Number of boots
localEngineBoots=5
# Local engine ID
localEngineID=0x8000002a05000000ec4c49ded9
|
In a manager's security file, there is more emphasis on the engine ID
than in an agent's security file. The userEntry provides
all the security information the manager needs to communicate with a particular
authoritative agent, as follows:
0x8000002a05819dcb6e00001f95 | This is the engine ID of the agent with which the manager
will communicate
| defaultUser | The authorized user for that agent
| usmHMACMD5AuthProtocol | The authentication algorithm; in this case, HMAC MD5
| mypasswd | The
privacy password
|
In this example, the information in the userEntry corresponds to the security information provided in the AgentV3 example's jdmk.security file, in Example 16-3. Therefore, this manager can communicate with
that agent.
The remaining information pertains to the manager itself:
localEngineBoots | Sets how many times the local engine will boot
| localEngineID | Represents the ID of the engine associated to the SNMP session in which the
manager is running
|
17.1.3 Synchronous SNMPv3 Managers
The example synchronous manager application created for
SNMPv3 is similar to the SNMPv1/v2 manager, except that it implements SNMPv3
user-based USM mechanisms before making requests.
Example 17-3 SNMPv3 SyncManagerV3 Example
The SyncManagerV3 example is in the examplesDir/current/Snmp/Manager directory.
//Read the command line parameters
final String host = argv[0];
final String port = argv[1];
try {
// Initialize the SNMP Manager API.
final SnmpOidTableSupport oidTable = new RFC1213_MIBOidTable();
SnmpOid.setSnmpOidTable(oidTable);
// Build the session.
//
try {
session= new SnmpSession("SyncManagerV3 session");
}catch(SnmpStatusException e) {
println(e.getMessage());
java.lang.System.exit(0);
}
catch(IllegalArgumentException e) {
// If the engine configuration is faulty
println(e.getMessage());
java.lang.System.exit(0);
}
// Access the SNMPv3 engine using getEngine
//
final SnmpEngine engine = session.getEngine();
// Create an SnmpUsmPeer object
//
final SnmpUsmPeer agent =
new SnmpUsmPeer(engine, host, Integer.parseInt(port));
// Create USM parameters
//
final SnmpUsmParameters p =
new SnmpUsmParameters(engine, "defaultUser");
// Set the security level
//
p.setSecurityLevel(SnmpDefinitions.authNoPriv);
// Contextualize the send request
//
p.setContextName("TEST-CONTEXT".getBytes());
// Set the contextEngineId discovered by the peer upon
// creation
p.setContextEngineId(agent.getEngineId().getBytes());
// Associate the parameter with the agent.
//
agent.setParams(p);
// Discover time of creation and boot
//
agent.processUsmTimelinessDiscovery();
// Associate a default peer (agent) to an SnmpSession.
//
session.setDefaultPeer(agent);
// Create a taskServer for processing traps (optional)
final DaemonTaskServer taskServer = new DaemonTaskServer();
taskServer.start(Thread.NORM_PRIORITY);
// Create a listener and dispatcher for SNMP traps
//
final SnmpEventReportDispatcher trapAgent =
new SnmpEventReportDispatcher(engine,
Integer.parseInt(port) + 1,
taskServer, null);
trapAgent.addTrapListener(new TrapListenerImpl());
final Thread trapThread = new Thread(trapAgent);
trapThread.setPriority(Thread.MAX_PRIORITY);
trapThread.start();
// Build the list of variables you want to query
//
final SnmpVarBindList list =
new SnmpVarBindList("SyncManagerV3 varbind list");
// Read the "sysDescr" variable
//
list.addVarBind("sysDescr.0");
// Make the SNMP get request and wait for the result
//
final SnmpRequest request =
session.snmpGetRequest(null, list);
println("SyncManagerV3::main:" +
"Send get request to SNMP agent on " + host +
" at port " + port);
final boolean completed = request.waitForCompletion(10000);
// Check for a timeout
//
if (completed == false) {
println("SyncManagerV3::main:" +
" Request timed out. Check if agent
can be reached");
// Print request.
//
println("Request: " + request.toString());
java.lang.System.exit(0);
}
// Check the response for errors
//
final int errorStatus = request.getErrorStatus();
if (errorStatus != SnmpDefinitions.snmpRspNoError) {
println("Error status = " +
SnmpRequest.snmpErrorToString(errorStatus));
println("Error index = " +
request.getErrorIndex());
java.lang.System.exit(0);
}
// Display the result.
//
final SnmpVarBindList result = request.getResponseVarBindList();
println("Result: \n" + result);
[...]
// End the session
//
session.destroySession();
trapAgent.close();
taskServer.terminate();
java.lang.System.exit(0);
[...]
}
|
|