123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 |
- /*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package javax.security.auth;
- import java.security.AccessController;
- import java.security.CodeSource;
- import java.security.PermissionCollection;
- import java.security.PrivilegedAction;
- import org.apache.harmony.security.fortress.PolicyUtils;
- import org.apache.harmony.auth.DefaultSubjectPolicy;
- import org.apache.harmony.auth.internal.nls.Messages;
- /**
- * @deprecated Use
- * {@link java.security.Policy#getPermissions(java.security.ProtectionDomain)}
- * and
- * {@link java.security.ProtectionDomain#ProtectionDomain(java.security.CodeSource, java.security.PermissionCollection, ClassLoader, java.security.Principal[])}
- * to establish a policy's permissions for a principal.
- */
- @Deprecated
- public abstract class Policy {
- // Key to security properties, defining default policy provider.
- private static final String POLICY_PROVIDER = "auth.policy.provider"; //$NON-NLS-1$
- // The AuthPermission required to set custom Policy.
- private static final AuthPermission SET_POLICY = new AuthPermission("setPolicy"); //$NON-NLS-1$
- // The AuthPermission required to get current Policy.
- private static final AuthPermission GET_POLICY = new AuthPermission("getPolicy"); //$NON-NLS-1$
- // the current policy object
- private static Policy activePolicy;
- public abstract PermissionCollection getPermissions(Subject subject, CodeSource cs);
- public abstract void refresh();
- protected Policy() {
- super();
- }
- public static Policy getPolicy() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(GET_POLICY);
- }
- return getAccessiblePolicy();
- }
- /**
- * Shortcut accessor for friendly classes, to skip security checks. If
- * active policy was set to <code>null</code>, tries to load a default
- * provider, so this method never returns <code>null</code>. <br>
- * This method is synchronized with setPolicy()
- */
- static Policy getAccessiblePolicy() {
- Policy current = activePolicy;
- if (current == null) {
- synchronized (Policy.class) {
- // double check in case value has been reassigned
- // while we've been awaiting monitor
- if (activePolicy == null) {
- activePolicy = getDefaultProvider();
- }
- return activePolicy;
- }
- }
- return current;
- }
- /**
- * Reads name of default policy provider from security.properties, loads the
- * class and instantiates the provider. In case of any exception, wraps it
- * with SecurityException and throws further.
- */
- private static final Policy getDefaultProvider() {
- final String defaultClass = AccessController
- .doPrivileged(new PolicyUtils.SecurityPropertyAccessor(POLICY_PROVIDER));
- if (defaultClass == null) {
- return new DefaultSubjectPolicy();
- }
- Object policy = AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- try {
- return Class
- .forName(defaultClass, true, ClassLoader.getSystemClassLoader())
- .newInstance();
- } catch (Exception e) {
- SecurityException se = new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$
- se.initCause(e);
- throw se;
- }
- }
- });
- if (!(policy instanceof Policy)) {
- throw new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$
- }
- return (Policy) policy;
- }
- public static void setPolicy(Policy policy) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(SET_POLICY);
- }
- synchronized (Policy.class) {
- activePolicy = policy;
- }
- }
- }
|