|
|||||||||||||||||||
| 30 day Evaluation Version distributed via the Maven Jar Repository. Clover is not free. You have 30 days to evaluate it. Please visit http://www.thecortex.net/clover to obtain a licensed version of Clover | |||||||||||||||||||
| Source file | Conditionals | Statements | Methods | TOTAL | |||||||||||||||
| AbstractPolicy.java | 0% | 0% | 0% | 0% |
|
||||||||||||||
| 1 |
/*
|
|
| 2 |
* Copyright (C) The Spice Group. All rights reserved.
|
|
| 3 |
*
|
|
| 4 |
* This software is published under the terms of the Spice
|
|
| 5 |
* Software License version 1.1, a copy of which has been included
|
|
| 6 |
* with this distribution in the LICENSE.txt file.
|
|
| 7 |
*/
|
|
| 8 |
package org.codehaus.spice.xmlpolicy.runtime;
|
|
| 9 |
|
|
| 10 |
import java.io.File;
|
|
| 11 |
import java.net.MalformedURLException;
|
|
| 12 |
import java.net.URL;
|
|
| 13 |
import java.security.CodeSource;
|
|
| 14 |
import java.security.Permission;
|
|
| 15 |
import java.security.PermissionCollection;
|
|
| 16 |
import java.security.Permissions;
|
|
| 17 |
import java.security.Policy;
|
|
| 18 |
import java.security.cert.Certificate;
|
|
| 19 |
import java.util.ArrayList;
|
|
| 20 |
import java.util.Enumeration;
|
|
| 21 |
import org.codehaus.spice.salt.io.FileUtil;
|
|
| 22 |
|
|
| 23 |
/**
|
|
| 24 |
* Abstract Policy class that makes it easy to add permission
|
|
| 25 |
* sets to policy.
|
|
| 26 |
*
|
|
| 27 |
* @author Peter Donald
|
|
| 28 |
*/
|
|
| 29 |
public abstract class AbstractPolicy |
|
| 30 |
extends Policy
|
|
| 31 |
{
|
|
| 32 |
/**
|
|
| 33 |
* List of PolicyEntry objects described by AbstractPolicy.
|
|
| 34 |
*/
|
|
| 35 |
private final ArrayList m_entries = new ArrayList(); |
|
| 36 |
|
|
| 37 |
/**
|
|
| 38 |
* Overide so we can have a per-application security policy with
|
|
| 39 |
* no side-effects to other applications.
|
|
| 40 |
*
|
|
| 41 |
* @param codeSource the CodeSource to get permissions for
|
|
| 42 |
* @return the PermissionCollection
|
|
| 43 |
*/
|
|
| 44 | 0 |
public PermissionCollection getPermissions( final CodeSource codeSource )
|
| 45 |
{
|
|
| 46 | 0 |
final CodeSource target = normalize( codeSource ); |
| 47 |
|
|
| 48 | 0 |
final Permissions permissions = new Permissions();
|
| 49 | 0 |
final int size = m_entries.size();
|
| 50 |
|
|
| 51 | 0 |
for( int i = 0; i < size; i++ ) |
| 52 |
{
|
|
| 53 | 0 |
final PolicyEntry entry = (PolicyEntry)m_entries.get( i ); |
| 54 | 0 |
if( entry.getCodeSource().implies( target ) )
|
| 55 |
{
|
|
| 56 | 0 |
copyPermissions( permissions, entry.getPermissions() ); |
| 57 |
} |
|
| 58 |
} |
|
| 59 |
|
|
| 60 | 0 |
return permissions;
|
| 61 |
} |
|
| 62 |
|
|
| 63 |
/**
|
|
| 64 |
* Refresh policy. Ignored in this implementation.
|
|
| 65 |
*/
|
|
| 66 | 0 |
public void refresh() |
| 67 |
{
|
|
| 68 |
} |
|
| 69 |
|
|
| 70 |
/**
|
|
| 71 |
* Create a set of permissions for a particular codesource.
|
|
| 72 |
* These are read-write permissions and can be written till until the
|
|
| 73 |
* time in which they are applied to code.
|
|
| 74 |
*
|
|
| 75 |
* @param codeSource the code source
|
|
| 76 |
* @return the permission set
|
|
| 77 |
*/
|
|
| 78 | 0 |
protected Permissions createPermissionSetFor( final CodeSource codeSource )
|
| 79 |
{
|
|
| 80 | 0 |
final CodeSource target = normalize( codeSource ); |
| 81 | 0 |
final PolicyEntry entry = |
| 82 |
new PolicyEntry( target, new Permissions() ); |
|
| 83 | 0 |
m_entries.add( entry ); |
| 84 | 0 |
return entry.getPermissions();
|
| 85 |
} |
|
| 86 |
|
|
| 87 |
/**
|
|
| 88 |
* Normalizing CodeSource involves removing relative addressing
|
|
| 89 |
* (like .. and .) for file urls.
|
|
| 90 |
*
|
|
| 91 |
* @param codeSource the codeSource to be normalized
|
|
| 92 |
* @return the normalized codeSource
|
|
| 93 |
*/
|
|
| 94 | 0 |
private CodeSource normalize( final CodeSource codeSource )
|
| 95 |
{
|
|
| 96 | 0 |
final URL initialLocation = codeSource.getLocation(); |
| 97 |
|
|
| 98 |
// This is a bit of a h ack. I don't know why CodeSource should behave like this
|
|
| 99 |
// Fear not, this only seems to be a problem for home grown classloaders.
|
|
| 100 |
// - Paul Hammant, Nov 2000
|
|
| 101 | 0 |
if( null == initialLocation ) |
| 102 |
{
|
|
| 103 | 0 |
return codeSource;
|
| 104 |
} |
|
| 105 |
|
|
| 106 | 0 |
String location = null;
|
| 107 |
|
|
| 108 | 0 |
if( !initialLocation.getProtocol().equalsIgnoreCase( "file" ) ) |
| 109 |
{
|
|
| 110 | 0 |
location = initialLocation.getFile(); |
| 111 | 0 |
location = FileUtil.normalize( location ); |
| 112 |
} |
|
| 113 |
else
|
|
| 114 |
{
|
|
| 115 | 0 |
final File file = new File( initialLocation.getFile() );
|
| 116 | 0 |
location = file.getAbsoluteFile().toString().replace( File.separatorChar, '/' ); |
| 117 | 0 |
location = FileUtil.normalize( location ); |
| 118 |
} |
|
| 119 |
|
|
| 120 | 0 |
URL finalLocation = null;
|
| 121 | 0 |
try
|
| 122 |
{
|
|
| 123 | 0 |
finalLocation = new URL( initialLocation.getProtocol(),
|
| 124 |
initialLocation.getHost(), |
|
| 125 |
initialLocation.getPort(), |
|
| 126 |
location ); |
|
| 127 |
} |
|
| 128 |
catch( final MalformedURLException mue )
|
|
| 129 |
{
|
|
| 130 | 0 |
error( "Error building codeBase", mue );
|
| 131 |
} |
|
| 132 |
|
|
| 133 | 0 |
final Certificate[] certificates = codeSource.getCertificates(); |
| 134 | 0 |
return new CodeSource( finalLocation, certificates ); |
| 135 |
} |
|
| 136 |
|
|
| 137 |
/**
|
|
| 138 |
* Utility method to cpoy permissions from specified source to specified destination.
|
|
| 139 |
*
|
|
| 140 |
* @param destination the destination of permissions
|
|
| 141 |
* @param source the source of permissions
|
|
| 142 |
*/
|
|
| 143 | 0 |
private void copyPermissions( final Permissions destination, |
| 144 |
final Permissions source ) |
|
| 145 |
{
|
|
| 146 | 0 |
final Enumeration enum = source.elements(); |
| 147 | 0 |
while( enum.hasMoreElements() )
|
| 148 |
{
|
|
| 149 | 0 |
destination.add( (Permission)enum.nextElement() ); |
| 150 |
} |
|
| 151 |
} |
|
| 152 |
|
|
| 153 |
/**
|
|
| 154 |
* Error occured in policy. Subclasses should overide.
|
|
| 155 |
*/
|
|
| 156 | 0 |
protected void error( final String message, |
| 157 |
final Throwable throwable ) |
|
| 158 |
{
|
|
| 159 | 0 |
System.err.println( message ); |
| 160 |
} |
|
| 161 |
} |
|
| 162 |
|
|
||||||||||