diff options
Diffstat (limited to 'libjava/java/security/Policy.java')
| -rw-r--r-- | libjava/java/security/Policy.java | 310 |
1 files changed, 0 insertions, 310 deletions
diff --git a/libjava/java/security/Policy.java b/libjava/java/security/Policy.java deleted file mode 100644 index 03d9bbb4ed6..00000000000 --- a/libjava/java/security/Policy.java +++ /dev/null @@ -1,310 +0,0 @@ -/* Policy.java --- Policy Manager Class - Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package java.security; - -import java.util.Collections; -import java.util.Enumeration; -import java.util.LinkedHashMap; -import java.util.Map; - -/** - * <p>This is an abstract class for representing the system security policy for - * a Java application environment (specifying which permissions are available - * for code from various sources). That is, the security policy is represented - * by a <code>Policy</code> subclass providing an implementation of the abstract - * methods in this <code>Policy</code> class.</p> - * - * <p>There is only one <code>Policy</code> object in effect at any given time. - * </p> - * - * <p>The source location for the policy information utilized by the - * <code>Policy</code> object is up to the <code>Policy</code> implementation. - * The policy configuration may be stored, for example, as a flat ASCII file, as - * a serialized binary file of the <code>Policy</code> class, or as a database. - * </p> - * - * <p>The currently-installed <code>Policy</code> object can be obtained by - * calling the <code>getPolicy()</code> method, and it can be changed by a call - * to the <code>setPolicy()</code> method (by code with permission to reset the - * <code>Policy</code>).</p> - * - * <p>The <code>refresh()</code> method causes the policy object to refresh / - * reload its current configuration.</p> - * - * <p>This is implementation-dependent. For example, if the policy object stores - * its policy in configuration files, calling <code>refresh()</code> will cause - * it to re-read the configuration policy files. The refreshed policy may not - * have an effect on classes in a particular {@link ProtectionDomain}. This is - * dependent on the <code>Policy</code> provider's implementation of the - * <code>implies()</code> method and the {@link PermissionCollection} caching - * strategy.</p> - * - * <p>The default <code>Policy</code> implementation can be changed by setting - * the value of the <code>"policy.provider"</code> security property (in the - * Java security properties file) to the fully qualified name of the desired - * <code>Policy</code> implementation class. The Java security properties file - * is located in the file named <code><JAVA_HOME>/lib/security/java.security - * </code>, where <code><JAVA_HOME></code> refers to the directory where the - * SDK was installed.</p> - * - * <p><b>IMPLEMENTATION NOTE:</b> This implementation attempts to read the - * System property named <code>policy.provider</code> to find the concrete - * implementation of the <code>Policy</code>. If/when this fails, it falls back - * to a default implementation, which <b>allows everything</b>. - * - * @author Mark Benvenuto - * @see CodeSource - * @see PermissionCollection - * @see SecureClassLoader - * @since 1.2 - */ -public abstract class Policy -{ - private static Policy currentPolicy; - - /** Map of ProtectionDomains to PermissionCollections for this instance. */ - private Map pd2pc = null; - - /** Constructs a new <code>Policy</code> object. */ - public Policy() - { - } - - /** - * Returns the installed <code>Policy</code> object. This value should not be - * cached, as it may be changed by a call to <code>setPolicy()</code>. This - * method first calls {@link SecurityManager#checkPermission(Permission)} with - * a <code>SecurityPermission("getPolicy")</code> permission to ensure it's ok - * to get the <code>Policy</code> object. - * - * @return the installed <code>Policy</code>. - * @throws SecurityException if a security manager exists and its - * <code>checkPermission()</code> method doesn't allow getting the - * <code>Policy</code> object. - * @see SecurityManager#checkPermission(Permission) - * @see #setPolicy(Policy) - */ - public static Policy getPolicy() - { - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkPermission(new SecurityPermission("getPolicy")); - - return getCurrentPolicy(); - } - - /** - * Sets the system-wide <code>Policy</code> object. This method first calls - * {@link SecurityManager#checkPermission(Permission)} with a - * <code>SecurityPermission("setPolicy")</code> permission to ensure it's ok - * to set the <code>Policy</code>. - * - * @param policy the new system <code>Policy</code> object. - * @throws SecurityException if a security manager exists and its - * <code>checkPermission()</code> method doesn't allow setting the - * <code>Policy</code>. - * @see SecurityManager#checkPermission(Permission) - * @see #getPolicy() - */ - public static void setPolicy(Policy policy) - { - SecurityManager sm = System.getSecurityManager(); - if (sm != null) - sm.checkPermission(new SecurityPermission("setPolicy")); - - setup(policy); - currentPolicy = policy; - } - - private static void setup(final Policy policy) - { - if (policy.pd2pc == null) - policy.pd2pc = Collections.synchronizedMap(new LinkedHashMap()); - - ProtectionDomain pd = policy.getClass().getProtectionDomain(); - if (pd.getCodeSource() != null) - { - PermissionCollection pc = null; - if (currentPolicy != null) - pc = currentPolicy.getPermissions(pd); - - if (pc == null) // assume it has all - { - pc = new Permissions(); - pc.add(new AllPermission()); - } - - policy.pd2pc.put(pd, pc); // add the mapping pd -> pc - } - } - - /** - * Ensures/forces loading of the configured policy provider, while bypassing - * the {@link SecurityManager} checks for <code>"getPolicy"</code> security - * permission. Needed by {@link ProtectionDomain}. - */ - static Policy getCurrentPolicy() - { - // FIXME: The class name of the Policy provider should really be sourced - // from the "java.security" configuration file. For now, just hard-code - // a stub implementation. - if (currentPolicy == null) - { - String pp = System.getProperty ("policy.provider"); - if (pp != null) - try - { - currentPolicy = (Policy) Class.forName(pp).newInstance(); - } - catch (Exception e) - { - // Ignored. - } - - if (currentPolicy == null) - currentPolicy = new gnu.java.security.provider.DefaultPolicy(); - } - return currentPolicy; - } - - /** - * Tests if <code>currentPolicy</code> is not <code>null</code>, - * thus allowing clients to not force loading of any policy - * provider; needed by {@link ProtectionDomain}. - */ - static boolean isLoaded() - { - return currentPolicy != null; - } - - /** - * Evaluates the global policy and returns a {@link PermissionCollection} - * object specifying the set of permissions allowed for code from the - * specified code source. - * - * @param codesource the {@link CodeSource} associated with the caller. This - * encapsulates the original location of the code (where the code came from) - * and the public key(s) of its signer. - * @return the set of permissions allowed for code from codesource according - * to the policy. The returned set of permissions must be a new mutable - * instance and it must support heterogeneous {@link Permission} types. - */ - public abstract PermissionCollection getPermissions(CodeSource codesource); - - /** - * Evaluates the global policy and returns a {@link PermissionCollection} - * object specifying the set of permissions allowed given the characteristics - * of the protection domain. - * - * @param domain the {@link ProtectionDomain} associated with the caller. - * @return the set of permissions allowed for the domain according to the - * policy. The returned set of permissions must be a new mutable instance and - * it must support heterogeneous {@link Permission} types. - * @since 1.4 - * @see ProtectionDomain - * @see SecureClassLoader - */ - public PermissionCollection getPermissions(ProtectionDomain domain) - { - if (domain == null) - return new Permissions(); - - if (pd2pc == null) - setup(this); - - PermissionCollection result = (PermissionCollection) pd2pc.get(domain); - if (result != null) - { - Permissions realResult = new Permissions(); - for (Enumeration e = result.elements(); e.hasMoreElements(); ) - realResult.add((Permission) e.nextElement()); - - return realResult; - } - - result = getPermissions(domain.getCodeSource()); - if (result == null) - result = new Permissions(); - - PermissionCollection pc = domain.getPermissions(); - if (pc != null) - for (Enumeration e = pc.elements(); e.hasMoreElements(); ) - result.add((Permission) e.nextElement()); - - return result; - } - - /** - * Evaluates the global policy for the permissions granted to the {@link - * ProtectionDomain} and tests whether the <code>permission</code> is granted. - * - * @param domain the {@link ProtectionDomain} to test. - * @param permission the {@link Permission} object to be tested for - * implication. - * @return <code>true</code> if <code>permission</code> is a proper subset of - * a permission granted to this {@link ProtectionDomain}. - * @since 1.4 - * @see ProtectionDomain - */ - public boolean implies(ProtectionDomain domain, Permission permission) - { - if (pd2pc == null) - setup(this); - - PermissionCollection pc = (PermissionCollection) pd2pc.get(domain); - if (pc != null) - return pc.implies(permission); - - boolean result = false; - pc = getPermissions(domain); - if (pc != null) - { - result = pc.implies(permission); - pd2pc.put(domain, pc); - } - - return result; - } - - /** - * Refreshes/reloads the policy configuration. The behavior of this method - * depends on the implementation. For example, calling refresh on a file-based - * policy will cause the file to be re-read. - */ - public abstract void refresh(); -} |