1 /*
2 * Copyright (C) The Spice Group. All rights reserved.
3 *
4 * This software is published under the terms of the Spice
5 * Software License version 1.1, a copy of which has been included
6 * with this distribution in the LICENSE.txt file.
7 */
8 package org.codehaus.spice.xmlpolicy.runtime;
9
10 import java.io.File;
11 import java.net.MalformedURLException;
12 import java.net.URL;
13 import java.security.CodeSource;
14 import java.security.Permission;
15 import java.security.PermissionCollection;
16 import java.security.Permissions;
17 import java.security.Policy;
18 import java.security.cert.Certificate;
19 import java.util.ArrayList;
20 import java.util.Enumeration;
21 import org.codehaus.spice.salt.io.FileUtil;
22
23 /***
24 * Abstract Policy class that makes it easy to add permission
25 * sets to policy.
26 *
27 * @author Peter Donald
28 */
29 public abstract class AbstractPolicy
30 extends Policy
31 {
32 /***
33 * List of PolicyEntry objects described by AbstractPolicy.
34 */
35 private final ArrayList m_entries = new ArrayList();
36
37 /***
38 * Overide so we can have a per-application security policy with
39 * no side-effects to other applications.
40 *
41 * @param codeSource the CodeSource to get permissions for
42 * @return the PermissionCollection
43 */
44 public PermissionCollection getPermissions( final CodeSource codeSource )
45 {
46 final CodeSource target = normalize( codeSource );
47
48 final Permissions permissions = new Permissions();
49 final int size = m_entries.size();
50
51 for( int i = 0; i < size; i++ )
52 {
53 final PolicyEntry entry = (PolicyEntry)m_entries.get( i );
54 if( entry.getCodeSource().implies( target ) )
55 {
56 copyPermissions( permissions, entry.getPermissions() );
57 }
58 }
59
60 return permissions;
61 }
62
63 /***
64 * Refresh policy. Ignored in this implementation.
65 */
66 public void refresh()
67 {
68 }
69
70 /***
71 * Create a set of permissions for a particular codesource.
72 * These are read-write permissions and can be written till until the
73 * time in which they are applied to code.
74 *
75 * @param codeSource the code source
76 * @return the permission set
77 */
78 protected Permissions createPermissionSetFor( final CodeSource codeSource )
79 {
80 final CodeSource target = normalize( codeSource );
81 final PolicyEntry entry =
82 new PolicyEntry( target, new Permissions() );
83 m_entries.add( entry );
84 return entry.getPermissions();
85 }
86
87 /***
88 * Normalizing CodeSource involves removing relative addressing
89 * (like .. and .) for file urls.
90 *
91 * @param codeSource the codeSource to be normalized
92 * @return the normalized codeSource
93 */
94 private CodeSource normalize( final CodeSource codeSource )
95 {
96 final URL initialLocation = codeSource.getLocation();
97
98 // This is a bit of a h ack. I don't know why CodeSource should behave like this
99 // Fear not, this only seems to be a problem for home grown classloaders.
100 // - Paul Hammant, Nov 2000
101 if( null == initialLocation )
102 {
103 return codeSource;
104 }
105
106 String location = null;
107
108 if( !initialLocation.getProtocol().equalsIgnoreCase( "file" ) )
109 {
110 location = initialLocation.getFile();
111 location = FileUtil.normalize( location );
112 }
113 else
114 {
115 final File file = new File( initialLocation.getFile() );
116 location = file.getAbsoluteFile().toString().replace( File.separatorChar, '/' );
117 location = FileUtil.normalize( location );
118 }
119
120 URL finalLocation = null;
121 try
122 {
123 finalLocation = new URL( initialLocation.getProtocol(),
124 initialLocation.getHost(),
125 initialLocation.getPort(),
126 location );
127 }
128 catch( final MalformedURLException mue )
129 {
130 error( "Error building codeBase", mue );
131 }
132
133 final Certificate[] certificates = codeSource.getCertificates();
134 return new CodeSource( finalLocation, certificates );
135 }
136
137 /***
138 * Utility method to cpoy permissions from specified source to specified destination.
139 *
140 * @param destination the destination of permissions
141 * @param source the source of permissions
142 */
143 private void copyPermissions( final Permissions destination,
144 final Permissions source )
145 {
146 final Enumeration enum = source.elements();
147 while( enum.hasMoreElements() )
148 {
149 destination.add( (Permission)enum.nextElement() );
150 }
151 }
152
153 /***
154 * Error occured in policy. Subclasses should overide.
155 */
156 protected void error( final String message,
157 final Throwable throwable )
158 {
159 System.err.println( message );
160 }
161 }
This page was automatically generated by Maven