001: /**
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */package org.apache.openejb.core.security;
017:
018: import javax.security.jacc.PolicyConfiguration;
019: import javax.security.jacc.PolicyConfigurationFactory;
020: import javax.security.jacc.PolicyContextException;
021: import java.security.AccessController;
022: import java.security.CodeSource;
023: import java.security.Permission;
024: import java.security.PermissionCollection;
025: import java.security.PrivilegedActionException;
026: import java.security.PrivilegedExceptionAction;
027: import java.security.ProtectionDomain;
028:
029: /**
030: * @version $Rev: 602704 $ $Date: 2007-12-09 09:58:22 -0800 $
031: */
032: public abstract class JaccProvider {
033:
034: private static final String FACTORY_NAME = JaccProvider.class
035: .getName();
036: private static JaccProvider jaccProvider;
037:
038: public static JaccProvider get() {
039: return jaccProvider;
040: }
041:
042: public static void set(JaccProvider provider) {
043: // todo add a security check
044: jaccProvider = provider;
045: }
046:
047: /**
048: * This static method uses a system property to find and instantiate (via a
049: * public constructor) a provider specific factory implementation class.
050: * The name of the provider specific factory implementation class is
051: * obtained from the value of the system property,<p>
052: * <code>org.apache.openejb.security.JaccProvider</code>.
053: * PolicyConfigurationFactory implementation class.
054: *
055: * @throws ClassNotFoundException when the class named by the system
056: * property could not be found including because the value of the system
057: * property has not be set.
058: * @throws PolicyContextException if the implementation throws a checked
059: * exception that has not been accounted for by the
060: * getPolicyConfigurationFactory method signature. The exception thrown by
061: * the implementation class will be encapsulated (during construction) in
062: * the thrown PolicyContextException
063: */
064: public static void install() throws ClassNotFoundException,
065: PolicyContextException {
066: if (jaccProvider != null)
067: return;
068:
069: final String[] factoryClassName = { null };
070: try {
071: jaccProvider = (JaccProvider) AccessController
072: .doPrivileged(new PrivilegedExceptionAction() {
073: public Object run() throws Exception {
074: factoryClassName[0] = System
075: .getProperty(FACTORY_NAME);
076:
077: if (factoryClassName[0] == null)
078: throw new ClassNotFoundException(
079: "Property " + FACTORY_NAME
080: + " not set");
081: Thread currentThread = Thread
082: .currentThread();
083: ClassLoader tccl = currentThread
084: .getContextClassLoader();
085: return Class.forName(factoryClassName[0],
086: true, tccl).newInstance();
087: }
088: });
089: } catch (PrivilegedActionException pae) {
090: if (pae.getException() instanceof ClassNotFoundException) {
091: throw (ClassNotFoundException) pae.getException();
092: } else if (pae.getException() instanceof InstantiationException) {
093: throw new ClassNotFoundException(factoryClassName[0]
094: + " could not be instantiated");
095: } else if (pae.getException() instanceof IllegalAccessException) {
096: throw new ClassNotFoundException("Illegal access to "
097: + factoryClassName);
098: }
099: throw new PolicyContextException(pae.getException());
100: }
101: }
102:
103: public static class Factory extends PolicyConfigurationFactory {
104: public Factory() throws PolicyContextException,
105: ClassNotFoundException {
106: install();
107: }
108:
109: public PolicyConfiguration getPolicyConfiguration(
110: String contextID, boolean remove)
111: throws PolicyContextException {
112: return get().getPolicyConfiguration(contextID, remove);
113: }
114:
115: public boolean inService(String contextID)
116: throws PolicyContextException {
117: return get().inService(contextID);
118: }
119: }
120:
121: public static class Policy extends java.security.Policy {
122:
123: public Policy() throws PolicyContextException,
124: ClassNotFoundException {
125: install();
126: }
127:
128: public PermissionCollection getPermissions(CodeSource codesource) {
129: return get().getPermissions(codesource);
130: }
131:
132: public void refresh() {
133: get().refresh();
134: }
135:
136: public boolean implies(ProtectionDomain domain,
137: Permission permission) {
138: return get().implies(domain, permission);
139: }
140: }
141:
142: public abstract PolicyConfiguration getPolicyConfiguration(
143: String contextID, boolean remove)
144: throws PolicyContextException;
145:
146: public abstract boolean inService(String contextID)
147: throws PolicyContextException;
148:
149: public abstract PermissionCollection getPermissions(
150: CodeSource codesource);
151:
152: public abstract void refresh();
153:
154: public abstract boolean implies(ProtectionDomain domain,
155: Permission permission);
156: }
|