View Javadoc
1 /* 2 * Copyright (C) The Spice Group. All rights reserved. 3 * 4 * This software is published under the terms of the Spice 5 * Software License version 1.1, a copy of which has been included 6 * with this distribution in the LICENSE.txt file. 7 */ 8 package org.codehaus.spice.xmlpolicy.runtime; 9 10 import java.io.File; 11 import java.net.MalformedURLException; 12 import java.net.URL; 13 import java.security.CodeSource; 14 import java.security.Permission; 15 import java.security.PermissionCollection; 16 import java.security.Permissions; 17 import java.security.Policy; 18 import java.security.cert.Certificate; 19 import java.util.ArrayList; 20 import java.util.Enumeration; 21 import org.codehaus.spice.salt.io.FileUtil; 22 23 /*** 24 * Abstract Policy class that makes it easy to add permission 25 * sets to policy. 26 * 27 * @author Peter Donald 28 */ 29 public abstract class AbstractPolicy 30 extends Policy 31 { 32 /*** 33 * List of PolicyEntry objects described by AbstractPolicy. 34 */ 35 private final ArrayList m_entries = new ArrayList(); 36 37 /*** 38 * Overide so we can have a per-application security policy with 39 * no side-effects to other applications. 40 * 41 * @param codeSource the CodeSource to get permissions for 42 * @return the PermissionCollection 43 */ 44 public PermissionCollection getPermissions( final CodeSource codeSource ) 45 { 46 final CodeSource target = normalize( codeSource ); 47 48 final Permissions permissions = new Permissions(); 49 final int size = m_entries.size(); 50 51 for( int i = 0; i < size; i++ ) 52 { 53 final PolicyEntry entry = (PolicyEntry)m_entries.get( i ); 54 if( entry.getCodeSource().implies( target ) ) 55 { 56 copyPermissions( permissions, entry.getPermissions() ); 57 } 58 } 59 60 return permissions; 61 } 62 63 /*** 64 * Refresh policy. Ignored in this implementation. 65 */ 66 public void refresh() 67 { 68 } 69 70 /*** 71 * Create a set of permissions for a particular codesource. 72 * These are read-write permissions and can be written till until the 73 * time in which they are applied to code. 74 * 75 * @param codeSource the code source 76 * @return the permission set 77 */ 78 protected Permissions createPermissionSetFor( final CodeSource codeSource ) 79 { 80 final CodeSource target = normalize( codeSource ); 81 final PolicyEntry entry = 82 new PolicyEntry( target, new Permissions() ); 83 m_entries.add( entry ); 84 return entry.getPermissions(); 85 } 86 87 /*** 88 * Normalizing CodeSource involves removing relative addressing 89 * (like .. and .) for file urls. 90 * 91 * @param codeSource the codeSource to be normalized 92 * @return the normalized codeSource 93 */ 94 private CodeSource normalize( final CodeSource codeSource ) 95 { 96 final URL initialLocation = codeSource.getLocation(); 97 98 // This is a bit of a h ack. I don't know why CodeSource should behave like this 99 // Fear not, this only seems to be a problem for home grown classloaders. 100 // - Paul Hammant, Nov 2000 101 if( null == initialLocation ) 102 { 103 return codeSource; 104 } 105 106 String location = null; 107 108 if( !initialLocation.getProtocol().equalsIgnoreCase( "file" ) ) 109 { 110 location = initialLocation.getFile(); 111 location = FileUtil.normalize( location ); 112 } 113 else 114 { 115 final File file = new File( initialLocation.getFile() ); 116 location = file.getAbsoluteFile().toString().replace( File.separatorChar, '/' ); 117 location = FileUtil.normalize( location ); 118 } 119 120 URL finalLocation = null; 121 try 122 { 123 finalLocation = new URL( initialLocation.getProtocol(), 124 initialLocation.getHost(), 125 initialLocation.getPort(), 126 location ); 127 } 128 catch( final MalformedURLException mue ) 129 { 130 error( "Error building codeBase", mue ); 131 } 132 133 final Certificate[] certificates = codeSource.getCertificates(); 134 return new CodeSource( finalLocation, certificates ); 135 } 136 137 /*** 138 * Utility method to cpoy permissions from specified source to specified destination. 139 * 140 * @param destination the destination of permissions 141 * @param source the source of permissions 142 */ 143 private void copyPermissions( final Permissions destination, 144 final Permissions source ) 145 { 146 final Enumeration enum = source.elements(); 147 while( enum.hasMoreElements() ) 148 { 149 destination.add( (Permission)enum.nextElement() ); 150 } 151 } 152 153 /*** 154 * Error occured in policy. Subclasses should overide. 155 */ 156 protected void error( final String message, 157 final Throwable throwable ) 158 { 159 System.err.println( message ); 160 } 161 }

This page was automatically generated by Maven