Antivirus extensibility

A sponsor might use any Antivirus Server other than ClamAV. In such situations, the sponsor must write an implementation code for the respective Antivirus Server, and call the implementation code in the Agent code for integrating with IBM PEM. This topic explains how to set up the Agent container to call the implementation code.

  • Set up an Agent container that is running the scanAgent.
  • Create the implementation code.
  1. Create a java project in any IDE.
  2. Download the agent.zip file that contains all the required classes.
  3. Extract and add all the classes to the java project.
  4. Create a main class. For example, TestAVScanner.java.
    The sample code snippet of TestAVScanner.java main class is as follows:
    package com.ibm.vch.antivirus.scan.framework;
import java.io.IOException;
import java.io.InputStream;
import com.ibm.vch.identity.antivirus.framework.AntiVirusException;
import com.ibm.vch.identity.antivirus.framework.ScanResult;
public class TestAVScanner implements AntivirusScanHandler {
	@Override
	public ScanResult antivirusScanTask(InputStream data) throws AntiVirusException, IOException {
		return TestScanner.scanFile(data);
	}
}
    Here,
    • InputStream is where the data is sent to scan for viruses.
    • TestScanner.scanFile is the function that has the business logic to scan the file and display the results.
    The sample code snippet for TestScanner.java is as follows:
    package com.ibm.vch.antivirus.scan.framework;

import java.io.IOException;
import java.io.InputStream;

import com.ibm.vch.identity.antivirus.framework.AntiVirusException;
import com.ibm.vch.identity.antivirus.framework.ScanResult;

public class TestScanner {
	public static ScanResult scanFile(InputStream is) throws AntiVirusException, IOException {
		return new TestAVProvider().scan(is);
	}
}
  5. Validate whether your implementation code is compatible with the IBM PEM Agent code. To validate, ensure that the TestAVProvider.java class returns the following values:
    • CLEAN - The file that is scanned does not contain any virus.
    • INFECTED - The file that is scanned contains viruses.
    • ERROR - The file initiated for virus scan failed.

    The TestScanner.scanFile(InputStream) method is provided for reference in the TESTScanner.java class that calls TestAVProvider.java.

    The sample code snippet of TestAVProvider.java class is as follows:
    package com.ibm.vch.antivirus.scan.framework;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;

import com.ibm.vch.identity.antivirus.framework.ScanResult;
import com.ibm.vch.identity.antivirus.framework.ScanResult.ScanResultStatus;

public class TestAVProvider {

	private ScanResult sc;

	public  ScanResult scan(InputStream is) throws IOException {

        BufferedReader reader = new BufferedReader(new InputStreamReader(is));
        StringBuilder out = new StringBuilder();
        String line;
        while ((line = reader.readLine()) != null) {
            out.append(line);
        }
        String str = out.toString();
		System.out.println(str);  
		if (<The file initiated for virus scan failed>) {
			sc = new ScanResult(ScanResultStatus.ERROR);
		} else if (<The file that is scanned does not contain any virus>) {
			sc = new ScanResult(ScanResultStatus.CLEAN);
		} else if (<The file that is scanned contains viruses>) {
			sc = new ScanResult(ScanResultStatus.INFECTED);
		}
		return sc;
	}

}
  6. In the Setup.cfg file, configure the following property:
    agent.scan_extensibility_class and set the value to "com.ibm.vch.antivirus.scan.framework.TestAVScanner"
  7. Extract the jar file from the IDE project, for example, agent_plugin.jar.
  8. Verify that you have extracted the files of MountFiles.zip.
  9. Copy the agent_plugin.jar file to the lib folder.