File Doc Category Size Date Package
SecurityManager.java API Doc Apache Xerces 3.0.1 4241 Fri Sep 14 20:33:52 BST 2007 org.apache.xerces.util

SecurityManager

java.lang.Object

public final class SecurityManager extends Object

This class is a container for parser settings that relate to security, or more specifically, it is intended to be used to prevent denial-of-service attacks from being launched against a system running Xerces. Any component that is aware of a denial-of-service attack that can arise from its processing of a certain kind of document may query its Component Manager for the property (http://apache.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care.

author: Neil Graham, IBM
version: $Id: SecurityManager.java 447241 2006-09-18 05:12:57Z mrglavas $

Fields Summary
private static final int
DEFAULT_ENTITY_EXPANSION_LIMIT
Default value for entity expansion limit.
private static final int
DEFAULT_MAX_OCCUR_NODE_LIMIT
Default value of number of nodes created.
private int
entityExpansionLimit
Entity expansion limit.
private int
maxOccurLimit
W3C XML Schema maxOccurs limit.
Constructors Summary
public SecurityManager()
Default constructor. Establishes default values for known security vulnerabilities.
entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ;
Methods Summary
public int getEntityExpansionLimit()
Returns the number of entity expansions that the parser permits in a document.
return
the number of entity expansions permitted in a document
return entityExpansionLimit;
public int getMaxOccurNodeLimit()
Returns the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".
return
the maximum value for maxOccurs other than "unbounded"
return maxOccurLimit;
public void setEntityExpansionLimit(int limit)
Sets the number of entity expansions that the parser should permit in a document.
param
limit the number of entity expansions permitted in a document
entityExpansionLimit = limit;
public void setMaxOccurNodeLimit(int limit)
Sets the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".
param
limit the maximum value for maxOccurs other than "unbounded"
maxOccurLimit = limit;