001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.geronimo.security.jacc.mappingprovider;
017:
018: import java.security.CodeSource;
019: import java.security.Permission;
020: import java.security.PermissionCollection;
021: import java.security.Policy;
022: import java.security.ProtectionDomain;
023: import javax.security.jacc.PolicyContext;
024: import javax.security.jacc.PolicyContextException;
025:
026: /**
027: * @version $Rev: 613094 $ $Date: 2008-01-18 00:00:10 -0800 (Fri, 18 Jan 2008) $
028: */
029: public class GeronimoPolicy extends Policy {
030: private final Policy root;
031: private GeronimoPolicyConfigurationFactory factory;
032: private boolean loaded;
033:
034: public GeronimoPolicy() {
035: String provider = System
036: .getProperty("org.apache.geronimo.jacc.policy.provider");
037:
038: if (provider == null) {
039: root = Policy.getPolicy();
040: } else {
041: try {
042: Object obj = Class.forName(provider).newInstance();
043: if (obj instanceof Policy) {
044: root = (Policy) obj;
045: } else {
046: throw new RuntimeException(provider
047: + "is not a type of java.security.Policy");
048: }
049: } catch (InstantiationException e) {
050: throw new RuntimeException(
051: "Unable to create an instance of " + provider,
052: e);
053: } catch (IllegalAccessException e) {
054: throw new RuntimeException(
055: "Unable to create an instance of " + provider,
056: e);
057: } catch (ClassNotFoundException e) {
058: throw new RuntimeException(
059: "Unable to create an instance of " + provider,
060: e);
061: }
062: }
063: root.refresh();
064: }
065:
066: public PermissionCollection getPermissions(CodeSource codesource) {
067:
068: if (root != null)
069: return root.getPermissions(codesource);
070:
071: return null;
072: }
073:
074: public void refresh() {
075: }
076:
077: public boolean implies(ProtectionDomain domain,
078: Permission permission) {
079:
080: if (!loaded) {
081: factory = GeronimoPolicyConfigurationFactory.getSingleton();
082: loaded = true;
083: }
084:
085: if (factory != null) {
086: String contextID = PolicyContext.getContextID();
087: if (contextID != null) {
088: try {
089: GeronimoPolicyConfiguration configuration = factory
090: .getGeronimoPolicyConfiguration(contextID);
091:
092: if (configuration.inService()) {
093: if (configuration.implies(domain, permission))
094: return true;
095: } else {
096: return false;
097: }
098: } catch (PolicyContextException e) {
099: }
100: }
101: }
102: if (root != null)
103: return root.implies(domain, permission);
104:
105: return false;
106: }
107: }
|