001: /*
002: *
003: * Copyright 1990-2007 Sun Microsystems, Inc. All Rights Reserved.
004: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
005: *
006: * This program is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU General Public License version
008: * 2 only, as published by the Free Software Foundation.
009: *
010: * This program is distributed in the hope that it will be useful, but
011: * WITHOUT ANY WARRANTY; without even the implied warranty of
012: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
013: * General Public License version 2 for more details (a copy is
014: * included at /legal/license.txt).
015: *
016: * You should have received a copy of the GNU General Public License
017: * version 2 along with this work; if not, write to the Free Software
018: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
019: * 02110-1301 USA
020: *
021: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
022: * Clara, CA 95054 or visit www.sun.com if you need additional
023: * information or have any questions.
024: */
025:
026: package com.sun.midp.security;
027:
028: import com.sun.midp.log.Logging;
029: import com.sun.midp.log.LogChannels;
030:
031: /**
032: * The class implements security initializer logic common for core
033: * subsystems and for optional JSRs. Using this implmentation JSRs
034: * can easily introduce own security initializers for redispatching
035: * security tokens within JSR subsystem.
036: */
037: public class SecurityInitializerImpl {
038:
039: /** Internal security token */
040: SecurityToken internalSecurityToken;
041:
042: /** List of trusted class names */
043: private String[] trustedClasses;
044:
045: /** Index of the first trusted name in the list */
046: private int trustedStart = 0;
047:
048: /**
049: * Check whether object is the instance of a trusted class, that means
050: * the object owner has the right to request for a security token.
051: * The optimized implementation for this method can be provided in
052: * VM specific way.
053: *
054: * Note, the implementation allows only single request for
055: * <code>SecurityToken</code> for each trusted class, the class
056: * is removed from the trusted list after token hand out.
057: *
058: * @param object instance of the trusted class known to the initializer
059: * @return true if the object belongs to trusted class, false otherwise
060: */
061: boolean isTrusted(Object object) {
062: if (trustedClasses != null) {
063: String className = object.getClass().getName();
064:
065: // IMPL_NOTE: Optimize search for trusted class name
066: for (int i = trustedStart; i < trustedClasses.length; i++) {
067: if (className.equals(trustedClasses[i])) {
068: // Free name of the used trusted class and
069: // move forward the first name index
070: if (trustedStart != i) {
071: trustedClasses[i] = trustedClasses[trustedStart];
072: }
073: trustedClasses[trustedStart] = null;
074: trustedStart++;
075: return true;
076: }
077: }
078: }
079: return false;
080: }
081:
082: /**
083: * Request security token using trusted object instance.
084: * Note that the imposibility to create trusted objects
085: * for untrusted requesters is the only guarantee of
086: * secure tokens dispatching.
087: */
088: public SecurityToken requestToken(ImplicitlyTrustedClass trusted) {
089:
090: if (!isTrusted(trusted)) {
091: throw new SecurityException(
092: "Failed request for SecurityToken by "
093: + trusted.getClass().getName());
094: }
095: // Grant internal security token to trusted requester
096: return internalSecurityToken;
097: }
098:
099: /**
100: * Create instance of SecurityInitializerImpl with a given token and
101: * list of trusted class names
102: *
103: * @param token security token to hold
104: * @param trusted names of trusted classes
105: */
106: public SecurityInitializerImpl(SecurityToken token, String[] trusted) {
107: internalSecurityToken = token;
108: trustedClasses = trusted;
109: }
110:
111: }
|