001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: package javax.security.auth;
019:
020: import java.security.AccessController;
021: import java.security.CodeSource;
022: import java.security.PermissionCollection;
023: import java.security.PrivilegedAction;
024:
025: import org.apache.harmony.security.fortress.PolicyUtils;
026: import org.apache.harmony.auth.DefaultSubjectPolicy;
027: import org.apache.harmony.auth.internal.nls.Messages;
028:
029: /**
030: * @deprecated Use
031: * {@link java.security.Policy#getPermissions(java.security.ProtectionDomain)}
032: * and
033: * {@link java.security.ProtectionDomain#ProtectionDomain(java.security.CodeSource, java.security.PermissionCollection, ClassLoader, java.security.Principal[])}
034: * to establish a policy's permissions for a principal.
035: */
036: @Deprecated
037: public abstract class Policy {
038: // Key to security properties, defining default policy provider.
039: private static final String POLICY_PROVIDER = "auth.policy.provider"; //$NON-NLS-1$
040:
041: // The AuthPermission required to set custom Policy.
042: private static final AuthPermission SET_POLICY = new AuthPermission(
043: "setPolicy"); //$NON-NLS-1$
044:
045: // The AuthPermission required to get current Policy.
046: private static final AuthPermission GET_POLICY = new AuthPermission(
047: "getPolicy"); //$NON-NLS-1$
048:
049: // the current policy object
050: private static Policy activePolicy;
051:
052: public abstract PermissionCollection getPermissions(
053: Subject subject, CodeSource cs);
054:
055: public abstract void refresh();
056:
057: protected Policy() {
058: super ();
059: }
060:
061: public static Policy getPolicy() {
062: SecurityManager sm = System.getSecurityManager();
063: if (sm != null) {
064: sm.checkPermission(GET_POLICY);
065: }
066: return getAccessiblePolicy();
067:
068: }
069:
070: /**
071: * Shortcut accessor for friendly classes, to skip security checks. If
072: * active policy was set to <code>null</code>, tries to load a default
073: * provider, so this method never returns <code>null</code>. <br>
074: * This method is synchronized with setPolicy()
075: */
076: static Policy getAccessiblePolicy() {
077: Policy current = activePolicy;
078: if (current == null) {
079: synchronized (Policy.class) {
080: // double check in case value has been reassigned
081: // while we've been awaiting monitor
082: if (activePolicy == null) {
083: activePolicy = getDefaultProvider();
084: }
085: return activePolicy;
086: }
087: }
088: return current;
089: }
090:
091: /**
092: * Reads name of default policy provider from security.properties, loads the
093: * class and instantiates the provider. In case of any exception, wraps it
094: * with SecurityException and throws further.
095: */
096: private static final Policy getDefaultProvider() {
097: final String defaultClass = AccessController
098: .doPrivileged(new PolicyUtils.SecurityPropertyAccessor(
099: POLICY_PROVIDER));
100:
101: if (defaultClass == null) {
102: return new DefaultSubjectPolicy();
103: }
104:
105: Object policy = AccessController
106: .doPrivileged(new PrivilegedAction<Object>() {
107: public Object run() {
108: try {
109: return Class.forName(defaultClass, true,
110: ClassLoader.getSystemClassLoader())
111: .newInstance();
112: } catch (Exception e) {
113: SecurityException se = new SecurityException(
114: Messages.getString("auth.08")); //$NON-NLS-1$
115: se.initCause(e);
116: throw se;
117: }
118: }
119: });
120:
121: if (!(policy instanceof Policy)) {
122: throw new SecurityException(Messages.getString("auth.08")); //$NON-NLS-1$
123: }
124: return (Policy) policy;
125: }
126:
127: public static void setPolicy(Policy policy) {
128: SecurityManager sm = System.getSecurityManager();
129: if (sm != null) {
130: sm.checkPermission(SET_POLICY);
131: }
132: synchronized (Policy.class) {
133: activePolicy = policy;
134: }
135: }
136: }
|