Source Code Cross Referenced for DefaultSubjectPolicy.java in  » Apache-Harmony-Java-SE » org-package » org » apache » harmony » auth » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         *  Licensed to the Apache Software Foundation (ASF) under one or more
003:         *  contributor license agreements.  See the NOTICE file distributed with
004:         *  this work for additional information regarding copyright ownership.
005:         *  The ASF licenses this file to You under the Apache License, Version 2.0
006:         *  (the "License"); you may not use this file except in compliance with
007:         *  the License.  You may obtain a copy of the License at
008:         *
009:         *     http://www.apache.org/licenses/LICENSE-2.0
010:         *
011:         *  Unless required by applicable law or agreed to in writing, software
012:         *  distributed under the License is distributed on an "AS IS" BASIS,
013:         *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014:         *  See the License for the specific language governing permissions and
015:         *  limitations under the License.
016:         */
017:
018:        package org.apache.harmony.auth;
019:
020:        import java.io.File;
021:        import java.net.URL;
022:        import java.security.AccessController;
023:        import java.security.CodeSource;
024:        import java.security.Permission;
025:        import java.security.PermissionCollection;
026:        import java.security.Principal;
027:        import java.security.cert.Certificate;
028:        import java.util.Collection;
029:        import java.util.HashSet;
030:        import java.util.Iterator;
031:        import java.util.Properties;
032:        import java.util.Set;
033:
034:        import javax.security.auth.AuthPermission;
035:        import javax.security.auth.Policy;
036:        import javax.security.auth.Subject;
037:
038:        import org.apache.harmony.security.PolicyEntry;
039:        import org.apache.harmony.security.fortress.DefaultPolicyParser;
040:        import org.apache.harmony.security.fortress.PolicyUtils;
041:
042:        /**
043:         * Default implementation for subject-based policy 
044:         */
045:        @SuppressWarnings("deprecation")
046:        public class DefaultSubjectPolicy extends Policy {
047:
048:            private static final AuthPermission REFRESH_POLICY = new AuthPermission(
049:                    "refreshPolicy"); //$NON-NLS-1$
050:
051:            // System property for dynamically added policy location.
052:            private static final String AUTH_SECURITY_POLICY = "java.security.auth.policy"; //$NON-NLS-1$
053:
054:            // Prefix for numbered Policy locations specified in security.properties.
055:            private static final String POLICY_URL_PREFIX = "auth.policy.url."; //$NON-NLS-1$
056:
057:            // A flag to denote whether this policy object was initialized or not. 
058:            private boolean isInitialized;
059:
060:            // A set of PolicyEntries constituting this Policy.
061:            private Set<PolicyEntry> set;
062:
063:            // A specific parser for a particular policy file format.
064:            // The implementation of parse thread-safe, so static instance is used 
065:            private static final DefaultPolicyParser parser = new DefaultPolicyParser();
066:
067:            // empty source object for getPermissions method
068:            private static final CodeSource emptySource = new CodeSource(null,
069:                    (Certificate[]) null);
070:
071:            public DefaultSubjectPolicy() {
072:                super ();
073:                isInitialized = false;
074:            }
075:
076:            @Override
077:            public PermissionCollection getPermissions(Subject subject,
078:                    CodeSource cs) {
079:                if (!isInitialized) {
080:                    init();
081:                }
082:
083:                Collection<Permission> pc = new HashSet<Permission>();
084:                Iterator<PolicyEntry> it = set.iterator();
085:
086:                if (subject != null) {
087:                    int size = subject.getPrincipals().size();
088:                    Principal[] p = new Principal[size];
089:                    subject.getPrincipals().toArray(p);
090:
091:                    if (cs == null) {
092:                        cs = emptySource;
093:                    }
094:
095:                    while (it.hasNext()) {
096:                        PolicyEntry ge = it.next();
097:                        if (ge.impliesCodeSource(cs) && ge.impliesPrincipals(p)) {
098:                            pc.addAll(ge.getPermissions());
099:                        }
100:                    }
101:                }
102:                return PolicyUtils.toPermissionCollection(pc);
103:            }
104:
105:            @Override
106:            public void refresh() {
107:                SecurityManager sm = System.getSecurityManager();
108:                if (sm != null) {
109:                    sm.checkPermission(REFRESH_POLICY);
110:                }
111:                init();
112:            }
113:
114:            private synchronized void init() {
115:
116:                set = new HashSet<PolicyEntry>();
117:
118:                Properties system = new Properties(AccessController
119:                        .doPrivileged(new PolicyUtils.SystemKit()));
120:                system.setProperty("/", File.separator); //$NON-NLS-1$
121:                URL[] policyLocations = PolicyUtils.getPolicyURLs(system,
122:                        AUTH_SECURITY_POLICY, POLICY_URL_PREFIX);
123:
124:                for (URL url : policyLocations) {
125:                    try {
126:                        set.addAll(parser.parse(url, system));
127:                    } catch (Exception e) {
128:                        e.printStackTrace();
129:                    }
130:                }
131:
132:                isInitialized = true;
133:            }
134:        }