Botnet_Research
/
hostage


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130
							/*
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package javax.security.auth;

import java.security.AccessController;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.PrivilegedAction;

import org.apache.harmony.security.fortress.PolicyUtils;
import org.apache.harmony.auth.DefaultSubjectPolicy;
import org.apache.harmony.auth.internal.nls.Messages;

/**
 * @deprecated Use
 *             {@link java.security.Policy#getPermissions(java.security.ProtectionDomain)}
 *             and
 *             {@link java.security.ProtectionDomain#ProtectionDomain(java.security.CodeSource, java.security.PermissionCollection, ClassLoader, java.security.Principal[])}
 *             to establish a policy's permissions for a principal.
 */
@Deprecated
public abstract class Policy {
    // Key to security properties, defining default policy provider.
    private static final String POLICY_PROVIDER = "auth.policy.provider"; //$NON-NLS-1$

    // The AuthPermission required to set custom Policy.
    private static final AuthPermission SET_POLICY = new AuthPermission("setPolicy"); //$NON-NLS-1$

    // The AuthPermission required to get current Policy.
    private static final AuthPermission GET_POLICY = new AuthPermission("getPolicy"); //$NON-NLS-1$

    // the current policy object
    private static Policy activePolicy;

    public abstract PermissionCollection getPermissions(Subject subject, CodeSource cs);

    public abstract void refresh();

    protected Policy() {
        super();
    }

    public static Policy getPolicy() {
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(GET_POLICY);
        }
        return getAccessiblePolicy();

    }

    /**
     * Shortcut accessor for friendly classes, to skip security checks. If
     * active policy was set to <code>null</code>, tries to load a default
     * provider, so this method never returns <code>null</code>. <br>
     * This method is synchronized with setPolicy()
     */
    static Policy getAccessiblePolicy() {
        Policy current = activePolicy;
        if (current == null) {
            synchronized (Policy.class) {
                // double check in case value has been reassigned
                // while we've been awaiting monitor
                if (activePolicy == null) {
                    activePolicy = getDefaultProvider();
                }
                return activePolicy;
            }
        }
        return current;
    }

    /**
     * Reads name of default policy provider from security.properties, loads the
     * class and instantiates the provider. In case of any exception, wraps it
     * with SecurityException and throws further.
     */
    private static final Policy getDefaultProvider() {
        final String defaultClass = AccessController
                .doPrivileged(new PolicyUtils.SecurityPropertyAccessor(POLICY_PROVIDER));

        if (defaultClass == null) {
            return new DefaultSubjectPolicy();
        }

        Object policy = AccessController.doPrivileged(new PrivilegedAction<Object>() {
            public Object run() {
                try {
                    return Class
                            .forName(defaultClass, true, ClassLoader.getSystemClassLoader())
                            .newInstance();
                } catch (Exception e) {
                    SecurityException se = new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$
                    se.initCause(e);
                    throw se;
                }
            }
        });

        if (!(policy instanceof Policy)) {
            throw new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$
        }
        return (Policy) policy;
    }

    public static void setPolicy(Policy policy) {
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(SET_POLICY);
        }
        synchronized (Policy.class) {
            activePolicy = policy;
        }
    }
}