001: /*
002: * Copyright 1990-2007 Sun Microsystems, Inc. All Rights Reserved.
003: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
004: *
005: * This program is free software; you can redistribute it and/or
006: * modify it under the terms of the GNU General Public License version
007: * 2 only, as published by the Free Software Foundation.
008: *
009: * This program is distributed in the hope that it will be useful, but
010: * WITHOUT ANY WARRANTY; without even the implied warranty of
011: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012: * General Public License version 2 for more details (a copy is
013: * included at /legal/license.txt).
014: *
015: * You should have received a copy of the GNU General Public License
016: * version 2 along with this work; if not, write to the Free Software
017: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
018: * 02110-1301 USA
019: *
020: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
021: * Clara, CA 95054 or visit www.sun.com if you need additional
022: * information or have any questions.
023: */
024:
025: package com.sun.j2me.security;
026:
027: /**
028: * The AccessController class is used for access control operations
029: * and decisons. This is class is used by code that must compile in a
030: * MIDP 2.0 environment. If code only needs to compile under a CDC or MIDP 3.0
031: * environment, it should not use this API.
032: * <p>
033: * This API does not specify the names used to identify permissions, the
034: * policy behind the API should use the standard names in JSR specifications
035: * to identify permissions. Manufacturer API names should be specified in the
036: * documentation for that API so the policy maker can accomidate them.
037: */
038: public final class AccessController {
039: /**
040: * JTWI, MIDP 2.1, and MSA, have restrictions based if a suite is
041: * "trusted" suites this permission is given to those suites.
042: */
043: public static final String TRUSTED_APP_PERMISSION_NAME = "com.sun.j2me.trustedApp";
044:
045: /** Access control context for the application running in this isolate. */
046: private static AccessControlContext context;
047:
048: /**
049: * Don't allow anyone to instantiate an AccessController
050: */
051: private AccessController() {
052: }
053:
054: /**
055: * Called to set the access control context for the application running
056: * in this isolate.
057: *
058: * @param accessControlContext access control context for the application
059: * running in the isolate
060: *
061: * @exception SecurityException if the context is already set
062: */
063: public static void setAccessControlContext(
064: AccessControlContext accessControlContext) {
065:
066: if (context != null) {
067: throw new SecurityException("context already set");
068: }
069:
070: context = accessControlContext;
071: }
072:
073: /**
074: * Determines whether the access request indicated by the
075: * specified permission should be allowed or denied, based on
076: * the security policy currently in effect.
077: * This method quietly returns if the access request
078: * is permitted, or throws a suitable SecurityException otherwise.
079: * May block to ask the user a question.
080: * <p>
081: * If the permission check failed because an InterruptedException was
082: * thrown, this method will throw a InterruptedSecurityException.
083: *
084: * @param name name of the requested permission
085: *
086: * @exception SecurityException if the specified permission
087: * is not permitted, based on the current security policy
088: */
089: public static void checkPermission(String name)
090: throws SecurityException {
091:
092: checkPermission(name, null);
093: }
094:
095: /**
096: * Check for permission and throw an exception if not allowed.
097: * May block to ask the user a question.
098: * <p>
099: * If the permission check failed because an InterruptedException was
100: * thrown, this method will throw a InterruptedSecurityException.
101: *
102: * @param name name of the requested permission
103: *
104: * @param resource string to insert into the question, can be null if
105: * no %2 in the question
106: *
107: * @param name name of the requested permission
108: *
109: * @exception SecurityException if the specified permission
110: * is not permitted, based on the current security policy
111: */
112: public static void checkPermission(String name, String resource)
113: throws SecurityException {
114:
115: checkPermission(name, resource, null);
116: }
117:
118: /**
119: * Checks for permission and throw an exception if not allowed.
120: * May block to ask the user a question.
121: * <p>
122: * If the permission check failed because an InterruptedException was
123: * thrown, this method will throw a InterruptedSecurityException.
124: *
125: * @param permission ID of the permission to check for,
126: * the ID must be from
127: * {@link com.sun.midp.security.Permissions}
128: * @param resource string to insert into the question, can be null if
129: * no %2 in the question
130: * @param extraValue string to insert into the question,
131: * can be null if no %3 in the question
132: *
133: * @param name name of the requested permission
134: *
135: * @exception SecurityException if the specified permission
136: * is not permitted, based on the current security policy
137: */
138: public static synchronized void checkPermission(String name,
139: String resource, String extraValue)
140: throws SecurityException {
141:
142: if (context == null) {
143: throw new SecurityException("not security context set");
144: }
145:
146: context.checkPermission(name, resource, extraValue);
147: }
148: }
|