001: /*
002: jGuard is a security framework based on top of jaas (java authentication and authorization security).
003: it is written for web applications, to resolve simply, access control problems.
004: version $Name: $
005: http://sourceforge.net/projects/jguard/
006:
007: Copyright (C) 2004 Charles GAY
008:
009: This library is free software; you can redistribute it and/or
010: modify it under the terms of the GNU Lesser General Public
011: License as published by the Free Software Foundation; either
012: version 2.1 of the License, or (at your option) any later version.
013:
014: This library is distributed in the hope that it will be useful,
015: but WITHOUT ANY WARRANTY; without even the implied warranty of
016: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017: Lesser General Public License for more details.
018:
019: You should have received a copy of the GNU Lesser General Public
020: License along with this library; if not, write to the Free Software
021: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
022:
023:
024: jGuard project home page:
025: http://sourceforge.net/projects/jguard/
026:
027: */
028: package net.sf.jguard.example.swing.dialog;
029:
030: import java.awt.BorderLayout;
031: import java.awt.Dimension;
032: import java.awt.Frame;
033: import java.awt.GridLayout;
034: import java.awt.event.ActionEvent;
035: import java.awt.event.ActionListener;
036: import java.io.BufferedReader;
037: import java.io.FileReader;
038: import java.io.IOException;
039: import java.security.AccessController;
040: import java.security.PrivilegedActionException;
041: import java.security.PrivilegedExceptionAction;
042:
043: import javax.security.auth.Subject;
044: import javax.swing.JButton;
045: import javax.swing.JDialog;
046: import javax.swing.JFileChooser;
047: import javax.swing.JLabel;
048: import javax.swing.JOptionPane;
049: import javax.swing.JPanel;
050: import javax.swing.JTextField;
051:
052: import net.sf.jguard.core.authorization.policy.AccessControlContextUtils;
053:
054: import org.apache.log4j.Logger;
055:
056: /**
057: *
058: * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
059: * @author <a href="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
060: */
061: public class CheckPermissionDialog extends JDialog {
062:
063: private static final Logger logger = Logger
064: .getLogger(CheckPermissionDialog.class);
065:
066: private static final long serialVersionUID = -7641435710653804135L;
067:
068: private Subject subject;
069:
070: private JTextField fileTxtField;
071:
072: public CheckPermissionDialog(Frame parentFrame, Subject subject) {
073: super (parentFrame, "Check Permission Dialog", true);
074: this .subject = subject;
075:
076: this .setLayout(new BorderLayout());
077:
078: JPanel informationPanel = new JPanel();
079: GridLayout informationLayout = new GridLayout(1, 3);
080: informationPanel.setLayout(informationLayout);
081:
082: JLabel fileLabel = new JLabel(" filepath :");
083: fileTxtField = new JTextField(100);
084: fileTxtField.setColumns(100);
085:
086: JButton browseButton = new JButton("browse ...");
087: browseButton.addActionListener(new ActionListener() {
088: public void actionPerformed(ActionEvent evt) {
089: handleBrowse();
090: }
091: });
092: informationPanel.add(fileLabel);
093: informationPanel.add(fileTxtField);
094: informationPanel.add(browseButton);
095:
096: informationPanel.setPreferredSize(new Dimension(450, 20));
097:
098: JPanel validationPanel = new JPanel();
099:
100: JButton tryButton = new JButton("try");
101: tryButton.addActionListener(new ActionListener() {
102: public void actionPerformed(ActionEvent e) {
103: handleTry();
104: }
105: });
106:
107: validationPanel.add(tryButton);
108:
109: this .add(informationPanel, BorderLayout.CENTER);
110: this .add(validationPanel, BorderLayout.SOUTH);
111:
112: this .pack();
113: this .setResizable(false);
114: this .setLocation(parentFrame.getLocation().x, parentFrame
115: .getLocation().y);
116: this .setVisible(true);
117: }
118:
119: private void handleTry() {
120:
121: final String filePath = fileTxtField.getText();
122: try {
123: // execute code with subject permissions and protectionDomain from currentThread
124: // @see AccessControllerUtils.getStackSubjectAccessControlContext()
125: AccessController
126: .doPrivileged(
127: new PrivilegedExceptionAction() {
128: public Object run()
129: throws SecurityException,
130: IOException {
131:
132: BufferedReader br = new BufferedReader(
133: new FileReader(filePath));
134: br.readLine();
135: br.close();
136:
137: return null;
138: }
139: },
140: AccessControlContextUtils
141: .getStackSubjectAccessControlContext(subject));
142:
143: JOptionPane.showMessageDialog(this ,
144: "You have the permissions to do that",
145: "permission allowed",
146: JOptionPane.INFORMATION_MESSAGE);
147:
148: } catch (SecurityException e) {
149: logger
150: .error(
151: "Logged subject has no permission to read this file",
152: e);
153: JOptionPane.showMessageDialog(this ,
154: "You don't have the permissions to do that ",
155: "permission denied", JOptionPane.ERROR_MESSAGE);
156: } catch (PrivilegedActionException e) {
157: logger.error("PrivilegedActionException ioException", e);
158: JOptionPane.showMessageDialog(this ,
159: "You don't have the permissions to do that ",
160: "permission denied", JOptionPane.ERROR_MESSAGE);
161: }
162: }
163:
164: private void handleBrowse() {
165:
166: JFileChooser fileChooser = new JFileChooser();
167: int state = fileChooser.showOpenDialog(this );
168: if (state == JFileChooser.APPROVE_OPTION) {
169: String selectedPath = fileChooser.getSelectedFile()
170: .getAbsolutePath();
171: fileTxtField.setText(selectedPath);
172: }
173:
174: }
175: }
|