OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libjava/] [classpath/] [java/] [security/] [Policy.java] - Blame information for rev 771

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 771 jeremybenn 
/* Policy.java --- Policy Manager Class
2 
   Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
3 
 
4 
This file is part of GNU Classpath.
5 
 
6 
GNU Classpath is free software; you can redistribute it and/or modify
7 
it under the terms of the GNU General Public License as published by
8 
the Free Software Foundation; either version 2, or (at your option)
9 
any later version.
10 
 
11 
GNU Classpath is distributed in the hope that it will be useful, but
12 
WITHOUT ANY WARRANTY; without even the implied warranty of
13 
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14 
General Public License for more details.
15 
 
16 
You should have received a copy of the GNU General Public License
17 
along with GNU Classpath; see the file COPYING.  If not, write to the
18 
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 
02110-1301 USA.
20 
 
21 
Linking this library statically or dynamically with other modules is
22 
making a combined work based on this library.  Thus, the terms and
23 
conditions of the GNU General Public License cover the whole
24 
combination.
25 
 
26 
As a special exception, the copyright holders of this library give you
27 
permission to link this library with independent modules to produce an
28 
executable, regardless of the license terms of these independent
29 
modules, and to copy and distribute the resulting executable under
30 
terms of your choice, provided that you also meet, for each linked
31 
independent module, the terms and conditions of the license of that
32 
module.  An independent module is a module which is not derived from
33 
or based on this library.  If you modify this library, you may extend
34 
this exception to your version of the library, but you are not
35 
obligated to do so.  If you do not wish to do so, delete this
36 
exception statement from your version. */
37 
 
38 
package java.security;
39 
 
40 
import java.util.Collections;
41 
import java.util.Enumeration;
42 
import java.util.LinkedHashMap;
43 
import java.util.Map;
44 
 
45 
/**
46 
 * <code>Policy</code> is an abstract class for managing the system security
47 
 * policy for the Java application environment. It specifies which permissions
48 
 * are available for code from various sources. The security policy is
49 
 * represented through a subclass of <code>Policy</code>.
50 
 *
51 
 * <p>Only one <code>Policy</code> is in effect at any time. A
52 
 * {@link ProtectionDomain} initializes itself with information from this class
53 
 * on the set of permssions to grant.</p>
54 
 *
55 
 * <p>The location for the actual <code>Policy</code> could be anywhere in any
56 
 * form because it depends on the Policy implementation. The default system is
57 
 * in a flat ASCII file or it could be in a database.</p>
58 
 *
59 
 * <p>The current installed <code>Policy</code> can be accessed with
60 
 * {@link #getPolicy()} and changed with {@link #setPolicy(Policy)} if the code
61 
 * has the correct permissions.</p>
62 
 *
63 
 * <p>The {@link #refresh()} method causes the <code>Policy</code> instance to
64 
 * refresh/reload its configuration. The method used to refresh depends on the
65 
 * <code>Policy</code> implementation.</p>
66 
 *
67 
 * <p>When a protection domain initializes its permissions, it uses code like
68 
 * the following:</p>
69 
 *
70 
 * <code>
71 
 * policy = Policy.getPolicy();
72 
 * PermissionCollection perms = policy.getPermissions(myCodeSource);
73 
 * </code>
74 
 *
75 
 * <p>The protection domain passes the <code>Policy</code> handler a
76 
 * {@link CodeSource} instance which contains the codebase URL and a public key.
77 
 * The <code>Policy</code> implementation then returns the proper set of
78 
 * permissions for that {@link CodeSource}.</p>
79 
 *
80 
 * <p>The default <code>Policy</code> implementation can be changed by setting
81 
 * the "policy.provider" security provider in the "java.security" file to the
82 
 * correct <code>Policy</code> implementation class.</p>
83 
 *
84 
 * @author Mark Benvenuto
85 
 * @see CodeSource
86 
 * @see PermissionCollection
87 
 * @see SecureClassLoader
88 
 * @since 1.2
89 
 */
90 
public abstract class Policy
91 
{
92 
  private static Policy currentPolicy;
93 
 
94 
  /** Map of ProtectionDomains to PermissionCollections for this instance. */
95 
  private Map pd2pc = null;
96 
 
97 
  /** Constructs a new <code>Policy</code> object. */
98 
  public Policy()
99 
  {
100 
  }
101 
 
102 
  /**
103 
   * Returns the currently installed <code>Policy</code> handler. The value
104 
   * should not be cached as it can be changed any time by
105 
   * {@link #setPolicy(Policy)}.
106 
   *
107 
   * @return the current <code>Policy</code>.
108 
   * @throws SecurityException
109 
   *           if a {@link SecurityManager} is installed which disallows this
110 
   *           operation.
111 
   */
112 
  public static Policy getPolicy()
113 
  {
114 
    SecurityManager sm = System.getSecurityManager();
115 
    if (sm != null)
116 
      sm.checkPermission(new SecurityPermission("getPolicy"));
117 
 
118 
    return getCurrentPolicy();
119 
  }
120 
 
121 
  /**
122 
   * Sets the <code>Policy</code> handler to a new value.
123 
   *
124 
   * @param policy
125 
   *          the new <code>Policy</code> to use.
126 
   * @throws SecurityException
127 
   *           if a {@link SecurityManager} is installed which disallows this
128 
   *           operation.
129 
   */
130 
  public static void setPolicy(Policy policy)
131 
  {
132 
    SecurityManager sm = System.getSecurityManager();
133 
    if (sm != null)
134 
      sm.checkPermission(new SecurityPermission("setPolicy"));
135 
 
136 
    setup(policy);
137 
    currentPolicy = policy;
138 
  }
139 
 
140 
  private static void setup(final Policy policy)
141 
  {
142 
    if (policy.pd2pc == null)
143 
      policy.pd2pc = Collections.synchronizedMap(new LinkedHashMap());
144 
 
145 
    ProtectionDomain pd = policy.getClass().getProtectionDomain();
146 
    if (pd.getCodeSource() != null)
147 
      {
148 
        PermissionCollection pc = null;
149 
        if (currentPolicy != null)
150 
          pc = currentPolicy.getPermissions(pd);
151 
 
152 
        if (pc == null) // assume it has all
153 
          {
154 
            pc = new Permissions();
155 
            pc.add(new AllPermission());
156 
          }
157 
 
158 
        policy.pd2pc.put(pd, pc); // add the mapping pd -> pc
159 
      }
160 
  }
161 
 
162 
  /**
163 
   * Ensures/forces loading of the configured policy provider, while bypassing
164 
   * the {@link SecurityManager} checks for <code>"getPolicy"</code> security
165 
   * permission.  Needed by {@link ProtectionDomain}.
166 
   */
167 
  static Policy getCurrentPolicy()
168 
  {
169 
    // FIXME: The class name of the Policy provider should really be sourced
170 
    // from the "java.security" configuration file. For now, just hard-code
171 
    // a stub implementation.
172 
    if (currentPolicy == null)
173 
      {
174 
        String pp = System.getProperty ("policy.provider");
175 
        if (pp != null)
176 
          try
177 
            {
178 
              currentPolicy = (Policy) Class.forName(pp).newInstance();
179 
            }
180 
          catch (Exception e)
181 
            {
182 
              // Ignored.
183 
            }
184 
 
185 
        if (currentPolicy == null)
186 
          currentPolicy = new gnu.java.security.provider.DefaultPolicy();
187 
      }
188 
    return currentPolicy;
189 
  }
190 
 
191 
  /**
192 
   * Tests if <code>currentPolicy</code> is not <code>null</code>,
193 
   * thus allowing clients to not force loading of any policy
194 
   * provider; needed by {@link ProtectionDomain}.
195 
   */
196 
  static boolean isLoaded()
197 
  {
198 
    return currentPolicy != null;
199 
  }
200 
 
201 
  /**
202 
   * Returns the set of Permissions allowed for a given {@link CodeSource}.
203 
   *
204 
   * @param codesource
205 
   *          the {@link CodeSource} for which, the caller needs to find the
206 
   *          set of granted permissions.
207 
   * @return a set of permissions for {@link CodeSource} specified by the
208 
   *         current <code>Policy</code>.
209 
   * @throws SecurityException
210 
   *           if a {@link SecurityManager} is installed which disallows this
211 
   *           operation.
212 
   */
213 
  public abstract PermissionCollection getPermissions(CodeSource codesource);
214 
 
215 
  /**
216 
   * Returns the set of Permissions allowed for a given {@link ProtectionDomain}.
217 
   *
218 
   * @param domain
219 
   *          the {@link ProtectionDomain} for which, the caller needs to find
220 
   *          the set of granted permissions.
221 
   * @return a set of permissions for {@link ProtectionDomain} specified by the
222 
   *         current <code>Policy.</code>.
223 
   * @since 1.4
224 
   * @see ProtectionDomain
225 
   * @see SecureClassLoader
226 
   */
227 
  public PermissionCollection getPermissions(ProtectionDomain domain)
228 
  {
229 
    if (domain == null)
230 
      return new Permissions();
231 
 
232 
    if (pd2pc == null)
233 
      setup(this);
234 
 
235 
    PermissionCollection result = (PermissionCollection) pd2pc.get(domain);
236 
    if (result != null)
237 
      {
238 
        Permissions realResult = new Permissions();
239 
        for (Enumeration e = result.elements(); e.hasMoreElements(); )
240 
          realResult.add((Permission) e.nextElement());
241 
 
242 
        return realResult;
243 
      }
244 
 
245 
    result = getPermissions(domain.getCodeSource());
246 
    if (result == null)
247 
      result = new Permissions();
248 
 
249 
    PermissionCollection pc = domain.getPermissions();
250 
    if (pc != null)
251 
      for (Enumeration e = pc.elements(); e.hasMoreElements(); )
252 
        result.add((Permission) e.nextElement());
253 
 
254 
    return result;
255 
  }
256 
 
257 
  /**
258 
   * Checks if the designated {@link Permission} is granted to a designated
259 
   * {@link ProtectionDomain}.
260 
   *
261 
   * @param domain
262 
   *          the {@link ProtectionDomain} to test.
263 
   * @param permission
264 
   *          the {@link Permission} to check.
265 
   * @return <code>true</code> if <code>permission</code> is implied by a
266 
   *         permission granted to this {@link ProtectionDomain}. Returns
267 
   *         <code>false</code> otherwise.
268 
   * @since 1.4
269 
   * @see ProtectionDomain
270 
   */
271 
  public boolean implies(ProtectionDomain domain, Permission permission)
272 
  {
273 
    if (pd2pc == null)
274 
      setup(this);
275 
 
276 
    PermissionCollection pc = (PermissionCollection) pd2pc.get(domain);
277 
    if (pc != null)
278 
      return pc.implies(permission);
279 
 
280 
    boolean result = false;
281 
    pc = getPermissions(domain);
282 
    if (pc != null)
283 
      {
284 
        result = pc.implies(permission);
285 
        pd2pc.put(domain, pc);
286 
      }
287 
 
288 
    return result;
289 
  }
290 
 
291 
  /**
292 
   * Causes this <code>Policy</code> instance to refresh / reload its
293 
   * configuration. The method used to refresh depends on the concrete
294 
   * implementation.
295 
   */
296 
  public abstract void refresh();
297 
}

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.