/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package javax.security.auth; import java.security.AccessController; import java.security.CodeSource; import java.security.PermissionCollection; import java.security.PrivilegedAction; import org.apache.harmony.security.fortress.PolicyUtils; import org.apache.harmony.auth.DefaultSubjectPolicy; import org.apache.harmony.auth.internal.nls.Messages; /** * @deprecated Use * {@link java.security.Policy#getPermissions(java.security.ProtectionDomain)} * and * {@link java.security.ProtectionDomain#ProtectionDomain(java.security.CodeSource, java.security.PermissionCollection, ClassLoader, java.security.Principal[])} * to establish a policy's permissions for a principal. */ @Deprecated public abstract class Policy { // Key to security properties, defining default policy provider. private static final String POLICY_PROVIDER = "auth.policy.provider"; //$NON-NLS-1$ // The AuthPermission required to set custom Policy. private static final AuthPermission SET_POLICY = new AuthPermission("setPolicy"); //$NON-NLS-1$ // The AuthPermission required to get current Policy. private static final AuthPermission GET_POLICY = new AuthPermission("getPolicy"); //$NON-NLS-1$ // the current policy object private static Policy activePolicy; public abstract PermissionCollection getPermissions(Subject subject, CodeSource cs); public abstract void refresh(); protected Policy() { super(); } public static Policy getPolicy() { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(GET_POLICY); } return getAccessiblePolicy(); } /** * Shortcut accessor for friendly classes, to skip security checks. If * active policy was set to null, tries to load a default * provider, so this method never returns null.
* This method is synchronized with setPolicy() */ static Policy getAccessiblePolicy() { Policy current = activePolicy; if (current == null) { synchronized (Policy.class) { // double check in case value has been reassigned // while we've been awaiting monitor if (activePolicy == null) { activePolicy = getDefaultProvider(); } return activePolicy; } } return current; } /** * Reads name of default policy provider from security.properties, loads the * class and instantiates the provider. In case of any exception, wraps it * with SecurityException and throws further. */ private static final Policy getDefaultProvider() { final String defaultClass = AccessController .doPrivileged(new PolicyUtils.SecurityPropertyAccessor(POLICY_PROVIDER)); if (defaultClass == null) { return new DefaultSubjectPolicy(); } Object policy = AccessController.doPrivileged(new PrivilegedAction() { public Object run() { try { return Class .forName(defaultClass, true, ClassLoader.getSystemClassLoader()) .newInstance(); } catch (Exception e) { SecurityException se = new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$ se.initCause(e); throw se; } } }); if (!(policy instanceof Policy)) { throw new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$ } return (Policy) policy; } public static void setPolicy(Policy policy) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_POLICY); } synchronized (Policy.class) { activePolicy = policy; } } }