PolicyFilepublic class PolicyFile extends Policy This class represents a default implementation for
java.security.Policy.
Note:
For backward compatibility with JAAS 1.0 it loads
both java.auth.policy and java.policy. However it
is recommended that java.auth.policy be not used
and the java.policy contain all grant entries including
that contain principal-based entries.
This object stores the policy for entire Java runtime,
and is the amalgamation of multiple static policy
configurations that resides in files.
The algorithm for locating the policy file(s) and reading their
information into this Policy object is:
-
Loop through the
java.security.Security properties,
policy.url.1, policy.url.2, ...,
policy.url.X" and
auth.policy.url.1, auth.policy.url.2, ...,
auth.policy.url.X". These properties are set
in the Java security properties file, which is located in the file named
<JAVA_HOME>/lib/security/java.security.
<JAVA_HOME> refers to the value of the java.home system property,
and specifies the directory where the JRE is installed.
Each property value specifies a URL pointing to a
policy file to be loaded. Read in and load each policy.
auth.policy.url is supported only for backward compatibility.
-
The
java.lang.System property java.security.policy
may also be set to a URL pointing to another policy file
(which is the case when a user uses the -D switch at runtime).
If this property is defined, and its use is allowed by the
security property file (the Security property,
policy.allowSystemProperty is set to true),
also load that policy.
-
The
java.lang.System property
java.security.auth.policy may also be set to a
URL pointing to another policy file
(which is the case when a user uses the -D switch at runtime).
If this property is defined, and its use is allowed by the
security property file (the Security property,
policy.allowSystemProperty is set to true),
also load that policy.
java.security.auth.policy is supported only for backward
compatibility.
If the java.security.policy or
java.security.auth.policy property is defined using
"==" (rather than "="), then ignore all other specified
policies and only load this policy.
Each policy file consists of one or more grant entries, each of
which consists of a number of permission entries.
grant signedBy "alias", codeBase "URL",
principal principalClass "principalName",
principal principalClass "principalName",
... {
permission Type "name "action",
signedBy "alias";
permission Type "name "action",
signedBy "alias";
....
};
All non-bold items above must appear as is (although case
doesn't matter and some are optional, as noted below).
principal entries are optional and need not be present.
Italicized items represent variable values.
A grant entry must begin with the word grant.
The signedBy,codeBase and principal
name/value pairs are optional.
If they are not present, then any signer (including unsigned code)
will match, and any codeBase will match.
Note that the principalClass
may be set to the wildcard value, *, which allows it to match
any Principal class. In addition, the principalName
may also be set to the wildcard value, *, allowing it to match
any Principal name. When setting the principalName
to the *, do not surround the * with quotes.
A permission entry must begin with the word permission.
The word Type in the template above is
a specific permission type, such as java.io.FilePermission
or java.lang.RuntimePermission.
The "action" is required for
many permission types, such as java.io.FilePermission
(where it specifies what type of file access that is permitted).
It is not required for categories such as
java.lang.RuntimePermission
where it is not necessary - you either have the
permission specified by the "name"
value following the type name or you don't.
The signedBy name/value pair for a permission entry
is optional. If present, it indicates a signed permission. That is,
the permission class itself must be signed by the given alias in
order for it to be granted. For example,
suppose you have the following grant entry:
grant principal foo.com.Principal "Duke" {
permission Foo "foobar", signedBy "FooSoft";
}
Then this permission of type Foo is granted if the
Foo.class permission has been signed by the
"FooSoft" alias, or if XXX Foo.class is a
system class (i.e., is found on the CLASSPATH).
Items that appear in an entry must appear in the specified order
(permission, Type, "name", and
"action"). An entry is terminated with a semicolon.
Case is unimportant for the identifiers (permission,
signedBy, codeBase, etc.) but is
significant for the Type
or for any string that is passed in as a value.
An example of two entries in a policy configuration file is
// if the code is comes from "foo.com" and is running as "Duke",
// grant it read/write to all files in /tmp.
grant codeBase "foo.com", principal foo.com.Principal "Duke" {
permission java.io.FilePermission "/tmp/*", "read,write";
};
// grant any code running as "Duke" permission to read
// the "java.vendor" Property.
grant principal foo.com.Principal "Duke" {
permission java.util.PropertyPermission "java.vendor";
This Policy implementation supports special handling of any
permission that contains the string, "${{self}}", as part of
its target name. When such a permission is evaluated
(such as during a security check), ${{self}} is replaced
with one or more Principal class/name pairs. The exact
replacement performed depends upon the contents of the
grant clause to which the permission belongs.
*
If the grant clause does not contain any principal information,
the permission will be ignored (permissions containing
${{self}} in their target names are only valid in the context
of a principal-based grant clause). For example, BarPermission
will always be ignored in the following grant clause:
*
grant codebase "www.foo.com", signedby "duke" {
permission BarPermission "... ${{self}} ...";
};
*
If the grant clause contains principal information, ${{self}}
will be replaced with that same principal information.
For example, ${{self}} in BarPermission will be replaced by
javax.security.auth.x500.X500Principal "cn=Duke"
in the following grant clause:
grant principal javax.security.auth.x500.X500Principal "cn=Duke" {
permission BarPermission "... ${{self}} ...";
};
If there is a comma-separated list of principals in the grant
clause, then ${{self}} will be replaced by the same
comma-separated list or principals.
In the case where both the principal class and name are
wildcarded in the grant clause, ${{self}} is replaced
with all the principals associated with the Subject
in the current AccessControlContext.
For PrivateCredentialPermissions, you can also use "self"
instead of "${{self}}". However the use of "self" is
deprecated in favour of "${{self}}". |
| Fields Summary |
|---|
| private static final Debug | debug | | private static final String | NONE | | private static final String | P11KEYSTORE | | private static final String | SELF | | private static final String | X500PRINCIPAL | | private static final String | POLICY | | private static final String | SECURITY_MANAGER | | private static final String | POLICY_URL | | private static final String | AUTH_POLICY | | private static final String | AUTH_POLICY_URL | | private static final int | DEFAULT_CACHE_SIZE | | private static IdentityScope | scopethe scope to check | | private AtomicReference | policyInfo | | private boolean | constructed | | private boolean | expandProperties | | private boolean | ignoreIdentityScope | | private boolean | allowSystemProperties | | private boolean | notUtf8 | | private URL | url | | private static final Class[] | PARAMS0 | | private static final Class[] | PARAMS1 | | private static final Class[] | PARAMS2 |
| Constructors Summary |
|---|
public PolicyFile()Initializes the Policy object and reads the default policy
configuration file(s) into the Policy object.
init((URL)null);
| public PolicyFile(URL url)Initializes the Policy object and reads the default policy
from the specified URL only.
this.url = url;
init(url);
|
| Methods Summary |
|---|
| private void | addGrantEntry(PolicyParser.GrantEntry ge, java.security.KeyStore keyStore, com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo)Add one policy entry to the list.
if (debug != null) {
debug.println("Adding policy entry: ");
debug.println(" signedBy " + ge.signedBy);
debug.println(" codeBase " + ge.codeBase);
if (ge.principals != null && ge.principals.size() > 0) {
ListIterator<PolicyParser.PrincipalEntry> li =
ge.principals.listIterator();
while (li.hasNext()) {
PolicyParser.PrincipalEntry pppe = li.next();
debug.println(" " + pppe.toString());
}
}
}
try {
CodeSource codesource = getCodeSource(ge, keyStore, newInfo);
// skip if signedBy alias was unknown...
if (codesource == null) return;
// perform keystore alias principal replacement.
// for example, if alias resolves to X509 certificate,
// replace principal with: <X500Principal class> <SubjectDN>
// -- skip if alias is unknown
if (replacePrincipals(ge.principals, keyStore) == false)
return;
PolicyEntry entry = new PolicyEntry(codesource, ge.principals);
Enumeration<PolicyParser.PermissionEntry> enum_ =
ge.permissionElements();
while (enum_.hasMoreElements()) {
PolicyParser.PermissionEntry pe = enum_.nextElement();
try {
// perform ${{ ... }} expansions within permission name
expandPermissionName(pe, keyStore);
// XXX special case PrivateCredentialPermission-SELF
Permission perm;
if (pe.permission.equals
("javax.security.auth.PrivateCredentialPermission") &&
pe.name.endsWith(" self")) {
pe.name = pe.name.substring(0, pe.name.indexOf("self"))
+ SELF;
}
// check for self
if (pe.name != null && pe.name.indexOf(SELF) != -1) {
// Create a "SelfPermission" , it could be an
// an unresolved permission which will be resolved
// when implies is called
// Add it to entry
Certificate certs[];
if (pe.signedBy != null) {
certs = getCertificates(keyStore,
pe.signedBy,
newInfo);
} else {
certs = null;
}
perm = new SelfPermission(pe.permission,
pe.name,
pe.action,
certs);
} else {
perm = getInstance(pe.permission,
pe.name,
pe.action);
}
entry.add(perm);
if (debug != null) {
debug.println(" "+perm);
}
} catch (ClassNotFoundException cnfe) {
Certificate certs[];
if (pe.signedBy != null) {
certs = getCertificates(keyStore,
pe.signedBy,
newInfo);
} else {
certs = null;
}
// only add if we had no signer or we had a
// a signer and found the keys for it.
if (certs != null || pe.signedBy == null) {
Permission perm = new UnresolvedPermission(
pe.permission,
pe.name,
pe.action,
certs);
entry.add(perm);
if (debug != null) {
debug.println(" "+perm);
}
}
} catch (java.lang.reflect.InvocationTargetException ite) {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
(POLICY +
": error adding Permission, perm:\n\tmessage"));
Object[] source = {pe.permission,
ite.getTargetException().toString()};
System.err.println(form.format(source));
} catch (Exception e) {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
(POLICY +
": error adding Permission, perm:\n\tmessage"));
Object[] source = {pe.permission,
e.toString()};
System.err.println(form.format(source));
}
}
// No need to sync because noone has access to newInfo yet
newInfo.policyEntries.add(entry);
} catch (Exception e) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
(POLICY
+ ": error adding Entry:\n\tmessage"));
Object[] source = {e.toString()};
System.err.println(form.format(source));
}
if (debug != null)
debug.println();
| | private void | addPermissions(java.security.Permissions perms, java.security.CodeSource cs, java.security.Principal[] principals, com.sun.enterprise.security.provider.PolicyFile$PolicyEntry entry)
if (debug != null) {
debug.println("evaluate codesources:\n" +
"\tPolicy CodeSource: " + entry.getCodeSource() + "\n" +
"\tActive CodeSource: " + cs);
}
// check to see if the CodeSource implies
Boolean imp = AccessController.doPrivileged
(new PrivilegedAction<Boolean>() {
public Boolean run() {
return new Boolean(entry.getCodeSource().implies(cs));
}
});
if (!imp.booleanValue()) {
if (debug != null) {
debug.println("evaluation (codesource) failed");
}
// CodeSource does not imply - return and try next policy entry
return;
}
// check to see if the Principals imply
List<PolicyParser.PrincipalEntry> entryPs = entry.getPrincipals();
if (debug != null) {
ArrayList<PolicyParser.PrincipalEntry> accPs =
new ArrayList<PolicyParser.PrincipalEntry>();
if (principals != null) {
for (int i = 0; i < principals.length; i++) {
accPs.add(new PolicyParser.PrincipalEntry
(principals[i].getClass().getName(),
principals[i].getName()));
}
}
debug.println("evaluate principals:\n" +
"\tPolicy Principals: " + entryPs + "\n" +
"\tActive Principals: " + accPs);
}
if (entryPs == null || entryPs.size() == 0) {
// policy entry has no principals -
// add perms regardless of principals in current ACC
addPerms(perms, principals, entry);
if (debug != null) {
debug.println("evaluation (codesource/principals) passed");
}
return;
} else if (principals == null || principals.length == 0) {
// current thread has no principals but this policy entry
// has principals - perms are not added
if (debug != null) {
debug.println("evaluation (principals) failed");
}
return;
}
// current thread has principals and this policy entry
// has principals. see if policy entry principals match
// principals in current ACC
for (int i = 0; i < entryPs.size(); i++) {
PolicyParser.PrincipalEntry pppe = entryPs.get(i);
// see if principal entry is a PrincipalComparator
try {
Class<?> pClass = Class.forName
(pppe.principalClass,
true,
Thread.currentThread().getContextClassLoader());
if (!PrincipalComparator.class.isAssignableFrom(pClass)) {
// common case - dealing with regular Principal class.
// see if policy entry principal is in current ACC
if (!checkEntryPs(principals, pppe)) {
if (debug != null) {
debug.println("evaluation (principals) failed");
}
// policy entry principal not in current ACC -
// immediately return and go to next policy entry
return;
}
} else {
// dealing with a PrincipalComparator
Constructor<?> c = pClass.getConstructor(PARAMS1);
PrincipalComparator pc = (PrincipalComparator)c.newInstance
(new Object[] { pppe.principalName });
if (debug != null) {
debug.println("found PrincipalComparator " +
pc.getClass().getName());
}
// check if the PrincipalComparator
// implies the current thread's principals
Set<Principal> pSet =
new HashSet<Principal>(principals.length);
for (int j = 0; j < principals.length; j++) {
pSet.add(principals[j]);
}
Subject subject = new Subject(true,
pSet,
Collections.EMPTY_SET,
Collections.EMPTY_SET);
if (!pc.implies(subject)) {
if (debug != null) {
debug.println
("evaluation (principal comparator) failed");
}
// policy principal does not imply the current Subject -
// immediately return and go to next policy entry
return;
}
}
} catch (Exception e) {
// fall back to regular principal comparison.
// see if policy entry principal is in current ACC
if (debug != null) {
e.printStackTrace();
}
if (!checkEntryPs(principals, pppe)) {
if (debug != null) {
debug.println("evaluation (principals) failed");
}
// policy entry principal not in current ACC -
// immediately return and go to next policy entry
return;
}
}
// either the principal information matched,
// or the PrincipalComparator.implies succeeded.
// continue loop and test the next policy principal
}
// all policy entry principals were found in the current ACC -
// grant the policy permissions
if (debug != null) {
debug.println("evaluation (codesource/principals) passed");
}
addPerms(perms, principals, entry);
| | private void | addPerms(java.security.Permissions perms, java.security.Principal[] accPs, com.sun.enterprise.security.provider.PolicyFile$PolicyEntry entry)
for (int i = 0; i < entry.permissions.size(); i++) {
Permission p = (Permission)entry.permissions.get(i);
if (debug != null) {
debug.println(" granting " + p);
}
if (p instanceof SelfPermission) {
// handle "SELF" permissions
expandSelf((SelfPermission)p,
entry.getPrincipals(),
accPs,
perms);
} else {
perms.add(p);
}
}
| | public static java.lang.String | canonPath(java.lang.String path)
if (path.endsWith("*")) {
path = path.substring(0, path.length()-1) + "-";
path = new File(path).getCanonicalPath();
return path.substring(0, path.length()-1) + "*";
} else {
return new File(path).getCanonicalPath();
}
| | private java.security.CodeSource | canonicalizeCodebase(java.security.CodeSource cs, boolean extractSignerCerts)
String path = null;
CodeSource canonCs = cs;
URL u = cs.getLocation();
if (u != null && u.getProtocol().equals("file")) {
boolean isLocalFile = false;
String host = u.getHost();
isLocalFile = (host == null || host.equals("") ||
host.equals("~") || host.equalsIgnoreCase("localhost"));
if (isLocalFile) {
path = u.getFile().replace('/", File.separatorChar);
path = ParseUtil.decode(path);
}
}
if (path != null) {
try {
URL csUrl = null;
path = canonPath(path);
csUrl = ParseUtil.fileToEncodedURL(new File(path));
if (extractSignerCerts) {
canonCs = new CodeSource(csUrl,
getSignerCertificates(cs));
} else {
canonCs = new CodeSource(csUrl,
cs.getCertificates());
}
} catch (IOException ioe) {
// leave codesource as it is, unless we have to extract its
// signer certificates
if (extractSignerCerts) {
canonCs = new CodeSource(cs.getLocation(),
getSignerCertificates(cs));
}
}
} else {
if (extractSignerCerts) {
canonCs = new CodeSource(cs.getLocation(),
getSignerCertificates(cs));
}
}
return canonCs;
| | private boolean | checkEntryPs(java.security.Principal[] pList, PolicyParser.PrincipalEntry pppe)This method returns, true, if the principal in the policy entry,
pppe, is part of the current thread's principal array, pList.
This method also returns, true, if the policy entry's principal
is appropriately wildcarded.
Note that the provided pppe argument may have
wildcards (*) for both the Principal class and name.
for (int i = 0; i < pList.length; i++) {
if (pppe.principalClass.equals
(PolicyParser.PrincipalEntry.WILDCARD_CLASS) ||
pppe.principalClass.equals
(pList[i].getClass().getName())) {
if (pppe.principalName.equals
(PolicyParser.PrincipalEntry.WILDCARD_NAME) ||
pppe.principalName.equals
(pList[i].getName())) {
return true;
}
}
}
return false;
| | private boolean | checkForTrustedIdentity(java.security.cert.Certificate cert, com.sun.enterprise.security.provider.PolicyFile$PolicyInfo myInfo)Checks public key. If it is marked as trusted in
the identity database, add it to the policy
with the AllPermission.
if (cert == null)
return false;
// see if we are ignoring the identity scope or not
if (ignoreIdentityScope)
return false;
// try to initialize scope
synchronized(PolicyFile.class) {
if (scope == null) {
IdentityScope is = IdentityScope.getSystemScope();
if (is instanceof sun.security.provider.IdentityDatabase) {
scope = is;
} else {
// leave scope null
}
}
}
if (scope == null) {
ignoreIdentityScope = true;
return false;
}
// need privileged block for getIdentity in case we are trying
// to get a signer
final Identity id = AccessController.doPrivileged(
new java.security.PrivilegedAction<Identity>() {
public Identity run() {
return scope.getIdentity(cert.getPublicKey());
}
});
if (isTrusted(id)) {
if (debug != null) {
debug.println("Adding policy entry for trusted Identity: ");
//needed for identity toString!
AccessController.doPrivileged(
new java.security.PrivilegedAction<Void>() {
public Void run() {
debug.println(" identity = " + id);
return null;
}
});
debug.println("");
}
// add it to the policy for future reference
Certificate certs[] = new Certificate[] {cert};
PolicyEntry pe = new PolicyEntry(new CodeSource(null, certs));
pe.add(SecurityConstants.ALL_PERMISSION);
myInfo.identityPolicyEntries.add(pe);
// add it to the mapping as well so
// we don't have to go through this again
myInfo.aliasMapping.put(cert, id.getName());
return true;
}
return false;
| | private void | expandPermissionName(PolicyParser.PermissionEntry pe, java.security.KeyStore keystore)
// short cut the common case
if (pe.name == null || pe.name.indexOf("${{", 0) == -1) {
return;
}
int startIndex = 0;
int b, e;
StringBuilder sb = new StringBuilder();
while ((b = pe.name.indexOf("${{", startIndex)) != -1) {
e = pe.name.indexOf("}}", b);
if (e < 1) {
break;
}
sb.append(pe.name.substring(startIndex, b));
// get the value in ${{...}}
String value = pe.name.substring(b+3, e);
// parse up to the first ':'
int colonIndex;
String prefix = value;
String suffix;
if ((colonIndex = value.indexOf(":")) != -1) {
prefix = value.substring(0, colonIndex);
}
// handle different prefix possibilities
if (prefix.equalsIgnoreCase("self")) {
// do nothing - handled later
sb.append(pe.name.substring(b, e+2));
startIndex = e+2;
continue;
} else if (prefix.equalsIgnoreCase("alias")) {
// get the suffix and perform keystore alias replacement
if (colonIndex == -1) {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
("alias name not provided (pe.name)"));
Object[] source = {pe.name};
throw new Exception(form.format(source));
}
suffix = value.substring(colonIndex+1);
if ((suffix = getDN(suffix, keystore)) == null) {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
("unable to perform substitution on alias, suffix"));
Object[] source = {value.substring(colonIndex+1)};
throw new Exception(form.format(source));
}
sb.append(X500PRINCIPAL + " \"" + suffix + "\"");
startIndex = e+2;
} else {
MessageFormat form = new MessageFormat
(ResourcesMgr.getString
("substitution value, prefix, unsupported"));
Object[] source = {prefix};
throw new Exception(form.format(source));
}
}
// copy the rest of the value
sb.append(pe.name.substring(startIndex));
// replace the name with expanded value
if (debug != null) {
debug.println(" Permission name expanded from:\n\t" +
pe.name + "\nto\n\t" + sb.toString());
}
pe.name = sb.toString();
| | private void | expandSelf(com.sun.enterprise.security.provider.PolicyFile$SelfPermission sp, java.util.List entryPs, java.security.Principal[] pdp, java.security.Permissions perms)
if (entryPs == null || entryPs.size() == 0) {
// No principals in the grant to substitute
if (debug != null) {
debug.println("Ignoring permission "
+ sp.getSelfType()
+ " with target name ("
+ sp.getSelfName() + "). "
+ "No Principal(s) specified "
+ "in the grant clause. "
+ "SELF-based target names are "
+ "only valid in the context "
+ "of a Principal-based grant entry."
);
}
return;
}
int startIndex = 0;
int v;
StringBuilder sb = new StringBuilder();
while ((v = sp.getSelfName().indexOf(SELF, startIndex)) != -1) {
// add non-SELF string
sb.append(sp.getSelfName().substring(startIndex, v));
// expand SELF
ListIterator<PolicyParser.PrincipalEntry> pli =
entryPs.listIterator();
while (pli.hasNext()) {
PolicyParser.PrincipalEntry pppe = pli.next();
String[][] principalInfo = getPrincipalInfo(pppe,pdp);
for (int i = 0; i < principalInfo.length; i++) {
if (i != 0) {
sb.append(", ");
}
sb.append(principalInfo[i][0] + " " +
"\"" + principalInfo[i][1] + "\"");
}
if (pli.hasNext()) {
sb.append(", ");
}
}
startIndex = v + SELF.length();
}
// add remaining string (might be the entire string)
sb.append(sp.getSelfName().substring(startIndex));
if (debug != null) {
debug.println(" expanded:\n\t" + sp.getSelfName()
+ "\n into:\n\t" + sb.toString());
}
try {
// first try to instantiate the permission
perms.add(getInstance(sp.getSelfType(),
sb.toString(),
sp.getSelfActions()));
} catch (ClassNotFoundException cnfe) {
// ok, the permission is not in the bootclasspath.
// before we add an UnresolvedPermission, check to see
// whether this perm already belongs to the collection.
// if so, use that perm's ClassLoader to create a new
// one.
Class<?> pc = null;
synchronized (perms) {
Enumeration<Permission> e = perms.elements();
while (e.hasMoreElements()) {
Permission pElement = e.nextElement();
if (pElement.getClass().getName().equals(sp.getSelfType())) {
pc = pElement.getClass();
break;
}
}
}
if (pc == null) {
// create an UnresolvedPermission
perms.add(new UnresolvedPermission(sp.getSelfType(),
sb.toString(),
sp.getSelfActions(),
sp.getCerts()));
} else {
try {
// we found an instantiated permission.
// use its class loader to instantiate a new permission.
Constructor<?> c;
// name parameter can not be null
if (sp.getSelfActions() == null) {
try {
c = pc.getConstructor(PARAMS1);
perms.add((Permission)c.newInstance
(new Object[] {sb.toString()}));
} catch (NoSuchMethodException ne) {
c = pc.getConstructor(PARAMS2);
perms.add((Permission)c.newInstance
(new Object[] {sb.toString(),
sp.getSelfActions() }));
}
} else {
c = pc.getConstructor(PARAMS2);
perms.add((Permission)c.newInstance
(new Object[] {sb.toString(),
sp.getSelfActions()}));
}
} catch (Exception nme) {
if (debug != null) {
debug.println("self entry expansion " +
" instantiation failed: "
+ nme.toString());
}
}
}
} catch (Exception e) {
if (debug != null) {
debug.println(e.toString());
}
}
| | private java.security.cert.Certificate[] | getCertificates(java.security.KeyStore keyStore, java.lang.String aliases, com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo)Fetch all certs associated with this alias.
List<Certificate> vcerts = null;
StringTokenizer st = new StringTokenizer(aliases, ",");
int n = 0;
while (st.hasMoreTokens()) {
String alias = st.nextToken().trim();
n++;
Certificate cert = null;
// See if this alias's cert has already been cached
synchronized (newInfo.aliasMapping) {
cert = (Certificate)newInfo.aliasMapping.get(alias);
if (cert == null && keyStore != null) {
try {
cert = keyStore.getCertificate(alias);
} catch (KeyStoreException kse) {
// never happens, because keystore has already been loaded
// when we call this
}
if (cert != null) {
newInfo.aliasMapping.put(alias, cert);
newInfo.aliasMapping.put(cert, alias);
}
}
}
if (cert != null) {
if (vcerts == null)
vcerts = new ArrayList<Certificate>();
vcerts.add(cert);
}
}
// make sure n == vcerts.size, since we are doing a logical *and*
if (vcerts != null && n == vcerts.size()) {
Certificate[] certs = new Certificate[vcerts.size()];
vcerts.toArray(certs);
return certs;
} else {
return null;
}
| | private java.security.CodeSource | getCodeSource(PolicyParser.GrantEntry ge, java.security.KeyStore keyStore, com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo)Given a GrantEntry, create a codeSource.
Certificate[] certs = null;
if (ge.signedBy != null) {
certs = getCertificates(keyStore, ge.signedBy, newInfo);
if (certs == null) {
// we don't have a key for this alias,
// just return
if (debug != null) {
debug.println(" -- No certs for alias '" +
ge.signedBy + "' - ignoring entry");
}
return null;
}
}
URL location;
if (ge.codeBase != null)
location = new URL(ge.codeBase);
else
location = null;
return (canonicalizeCodebase(new CodeSource(location, certs),false));
| | private java.lang.String | getDN(java.lang.String alias, java.security.KeyStore keystore)
Certificate cert = null;
try {
cert = keystore.getCertificate(alias);
} catch (Exception e) {
if (debug != null) {
debug.println(" Error retrieving certificate for '" +
alias +
"': " +
e.toString());
}
return null;
}
if (cert == null || !(cert instanceof X509Certificate)) {
if (debug != null) {
debug.println(" -- No certificate for '" +
alias +
"' - ignoring entry");
}
return null;
} else {
X509Certificate x509Cert = (X509Certificate)cert;
// 4702543: X500 names with an EmailAddress
// were encoded incorrectly. create new
// X500Principal name with correct encoding
X500Principal p = new X500Principal
(x509Cert.getSubjectX500Principal().toString());
return p.getName();
}
| | private static final java.security.Permission | getInstance(java.lang.String type, java.lang.String name, java.lang.String actions)Returns a new Permission object of the given Type. The Permission is
created by getting the
Class object using the Class.forName method, and using
the reflection API to invoke the (String name, String actions)
constructor on the
object.
//XXX we might want to keep a hash of created factories...
Class<?> pc = Class.forName(type);
Permission answer = getKnownInstance(pc, name, actions);
if (answer != null) {
return answer;
}
if (name == null && actions == null) {
try {
Constructor<?> c = pc.getConstructor(PARAMS0);
return (Permission) c.newInstance(new Object[] {});
} catch (NoSuchMethodException ne) {
try {
Constructor<?> c = pc.getConstructor(PARAMS1);
return (Permission) c.newInstance(
new Object[] { name});
} catch (NoSuchMethodException ne1 ) {
Constructor<?> c = pc.getConstructor(PARAMS2);
return (Permission) c.newInstance(
new Object[] { name, actions });
}
}
} else {
if (name != null && actions == null) {
try {
Constructor<?> c = pc.getConstructor(PARAMS1);
return (Permission) c.newInstance(new Object[] { name});
} catch (NoSuchMethodException ne) {
Constructor<?> c = pc.getConstructor(PARAMS2);
return (Permission) c.newInstance(
new Object[] { name, actions });
}
} else {
Constructor<?> c = pc.getConstructor(PARAMS2);
return (Permission) c.newInstance(
new Object[] { name, actions });
}
}
| | private static final java.security.Permission | getKnownInstance(java.lang.Class claz, java.lang.String name, java.lang.String actions)Creates one of the well-known permissions directly instead of
via reflection. Keep list short to not penalize non-JDK-defined
permissions.
// XXX shorten list to most popular ones?
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {
return new NetPermission(name, actions);
} else if (claz.equals(AllPermission.class)) {
return SecurityConstants.ALL_PERMISSION;
} else if (claz.equals(AWTPermission.class)) {
return new AWTPermission(name, actions);
/*
} else if (claz.equals(ReflectPermission.class)) {
return new ReflectPermission(name, actions);
} else if (claz.equals(SecurityPermission.class)) {
return new SecurityPermission(name, actions);
} else if (claz.equals(PrivateCredentialPermission.class)) {
return new PrivateCredentialPermission(name, actions);
} else if (claz.equals(AuthPermission.class)) {
return new AuthPermission(name, actions);
} else if (claz.equals(ServicePermission.class)) {
return new ServicePermission(name, actions);
} else if (claz.equals(DelegationPermission.class)) {
return new DelegationPermission(name, actions);
} else if (claz.equals(SerializablePermission.class)) {
return new SerializablePermission(name, actions);
} else if (claz.equals(AudioPermission.class)) {
return new AudioPermission(name, actions);
} else if (claz.equals(SSLPermission.class)) {
return new SSLPermission(name, actions);
} else if (claz.equals(LoggingPermission.class)) {
return new LoggingPermission(name, actions);
} else if (claz.equals(SQLPermission.class)) {
return new SQLPermission(name, actions);
*/
} else {
return null;
}
| | public java.security.PermissionCollection | getPermissions(java.security.ProtectionDomain domain)Examines this Policy and returns the permissions granted
to the specified ProtectionDomain. This includes
the permissions currently associated with the domain as well
as the policy permissions granted to the domain's
CodeSource, ClassLoader, and Principals.
Note that this Policy implementation has
special handling for PrivateCredentialPermissions.
When this method encounters a PrivateCredentialPermission
which specifies "self" as the Principal class and name,
it does not add that Permission to the returned
PermissionCollection. Instead, it builds
a new PrivateCredentialPermission
for each Principal associated with the provided
Subject. Each new PrivateCredentialPermission
contains the same Credential class as specified in the
originally granted permission, as well as the Class and name
for the respective Principal.
Permissions perms = new Permissions();
if (domain == null)
return perms;
// first get policy perms
getPermissions(perms, domain);
// add static perms
// - adding static perms after policy perms is necessary
// to avoid a regression for 4301064
PermissionCollection pc = domain.getPermissions();
if (pc != null) {
synchronized (pc) {
Enumeration<Permission> e = pc.elements();
while (e.hasMoreElements()) {
perms.add(e.nextElement());
}
}
}
return perms;
| | public java.security.PermissionCollection | getPermissions(java.security.CodeSource codesource)Examines this Policy and creates a PermissionCollection object with
the set of permissions for the specified CodeSource.
return getPermissions(new Permissions(), codesource);
| | private java.security.PermissionCollection | getPermissions(java.security.Permissions perms, java.security.ProtectionDomain pd)Examines the global policy and returns the provided Permissions
object with additional permissions granted to the specified
ProtectionDomain.
if (debug != null) {
debug.println("getPermissions:\n\t" + printPD(pd));
}
final CodeSource cs = pd.getCodeSource();
if (cs == null)
return perms;
CodeSource canonCodeSource = AccessController.doPrivileged(
new java.security.PrivilegedAction<CodeSource>(){
public CodeSource run() {
return canonicalizeCodebase(cs, true);
}
});
return getPermissions(perms, canonCodeSource, pd.getPrincipals());
| | private java.security.PermissionCollection | getPermissions(java.security.Permissions perms, java.security.CodeSource cs)Examines the global policy and returns the provided Permissions
object with additional permissions granted to the specified
CodeSource.
CodeSource canonCodeSource = AccessController.doPrivileged(
new java.security.PrivilegedAction<CodeSource>(){
public CodeSource run() {
return canonicalizeCodebase(cs, true);
}
});
return getPermissions(perms, canonCodeSource, null);
| | private java.security.Permissions | getPermissions(java.security.Permissions perms, java.security.CodeSource cs, java.security.Principal[] principals)
PolicyInfo pi = policyInfo.get();
for (PolicyEntry entry : pi.policyEntries) {
addPermissions(perms, cs, principals, entry);
}
// Go through policyEntries gotten from identity db; sync required
// because checkForTrustedIdentity (below) might update list
synchronized (pi.identityPolicyEntries) {
for (PolicyEntry entry : pi.identityPolicyEntries) {
addPermissions(perms, cs, principals, entry);
}
}
// now see if any of the keys are trusted ids.
if (!ignoreIdentityScope) {
Certificate certs[] = cs.getCertificates();
if (certs != null) {
for (int k=0; k < certs.length; k++) {
Object idMap = pi.aliasMapping.get(certs[k]);
if (idMap == null &&
checkForTrustedIdentity(certs[k], pi)) {
// checkForTrustedIdentity added it
// to the policy for us. next time
// around we'll find it. This time
// around we need to add it.
perms.add(SecurityConstants.ALL_PERMISSION);
}
}
}
}
return perms;
| | private java.lang.String[][] | getPrincipalInfo(PolicyParser.PrincipalEntry pe, java.security.Principal[] pdp)return the principal class/name pair in the 2D array.
array[x][y]: x corresponds to the array length.
if (y == 0), it's the principal class.
if (y == 1), it's the principal name.
// there are 3 possibilities:
// 1) the entry's Principal class and name are not wildcarded
// 2) the entry's Principal name is wildcarded only
// 3) the entry's Principal class and name are wildcarded
if (!pe.principalClass.equals
(PolicyParser.PrincipalEntry.WILDCARD_CLASS) &&
!pe.principalName.equals
(PolicyParser.PrincipalEntry.WILDCARD_NAME)) {
// build an info array for the principal
// from the Policy entry
String[][] info = new String[1][2];
info[0][0] = pe.principalClass;
info[0][1] = pe.principalName;
return info;
} else if (!pe.principalClass.equals
(PolicyParser.PrincipalEntry.WILDCARD_CLASS) &&
pe.principalName.equals
(PolicyParser.PrincipalEntry.WILDCARD_NAME)) {
// build an info array for every principal
// in the current domain which has a principal class
// that is equal to policy entry principal class name
List<Principal> plist = new ArrayList<Principal>();
for (int i = 0; i < pdp.length; i++) {
if(pe.principalClass.equals(pdp[i].getClass().getName()))
plist.add(pdp[i]);
}
String[][] info = new String[plist.size()][2];
int i = 0;
java.util.Iterator<Principal> pIterator = plist.iterator();
while (pIterator.hasNext()) {
Principal p = pIterator.next();
info[i][0] = p.getClass().getName();
info[i][1] = p.getName();
i++;
}
return info;
} else {
// build an info array for every
// one of the current Domain's principals
String[][] info = new String[pdp.length][2];
for (int i = 0; i < pdp.length; i++) {
info[i][0] = pdp[i].getClass().getName();
info[i][1] = pdp[i].getName();
}
return info;
}
| | protected java.security.cert.Certificate[] | getSignerCertificates(java.security.CodeSource cs)
Certificate[] certs = null;
if ((certs = cs.getCertificates()) == null)
return null;
for (int i=0; i<certs.length; i++) {
if (!(certs[i] instanceof X509Certificate))
return cs.getCertificates();
}
// Do we have to do anything?
int i = 0;
int count = 0;
while (i < certs.length) {
count++;
while (((i+1) < certs.length)
&& ((X509Certificate)certs[i]).getIssuerDN().equals(
((X509Certificate)certs[i+1]).getSubjectDN())) {
i++;
}
i++;
}
if (count == certs.length)
// Done
return certs;
ArrayList<Certificate> userCertList = new ArrayList<Certificate>();
i = 0;
while (i < certs.length) {
userCertList.add(certs[i]);
while (((i+1) < certs.length)
&& ((X509Certificate)certs[i]).getIssuerDN().equals(
((X509Certificate)certs[i+1]).getSubjectDN())) {
i++;
}
i++;
}
Certificate[] userCerts = new Certificate[userCertList.size()];
userCertList.toArray(userCerts);
return userCerts;
| | public boolean | implies(java.security.ProtectionDomain pd, java.security.Permission p)Evaluates the the global policy for the permissions granted to
the ProtectionDomain and tests whether the permission is
granted.
PolicyInfo pi = policyInfo.get();
Map<ProtectionDomain, PermissionCollection> pdMap = pi.getPdMapping();
PermissionCollection pc = pdMap.get(pd);
if (pc != null) {
return pc.implies(p);
}
pc = getPermissions(pd);
if (pc == null) {
return false;
}
// cache mapping of protection domain to its PermissionCollection
pdMap.put(pd, pc);
return pc.implies(p);
| | private void | init(java.net.URL url)Initializes the Policy object and reads the default policy
configuration file(s) into the Policy object.
The algorithm for locating the policy file(s) and reading their
information into the Policy object is:
loop through the Security Properties named "policy.url.1",
""policy.url.2", "auth.policy.url.1", "auth.policy.url.2" etc, until
you don't find one. Each of these specify a policy file.
if none of these could be loaded, use a builtin static policy
equivalent to the default lib/security/java.policy file.
if the system property "java.policy" or "java.auth.policy" is defined
(which is the
case when the user uses the -D switch at runtime), and
its use is allowed by the security property file,
also load it.
Each policy file consists of one or more grant entries, each of
which consists of a number of permission entries.
grant signedBy "alias", codeBase "URL" {
permission Type "name", "action",
signedBy "alias";
....
permission Type "name", "action",
signedBy "alias";
};
All non-italicized items above must appear as is (although case
doesn't matter and some are optional, as noted below).
Italicized items represent variable values.
A grant entry must begin with the word grant.
The signedBy and codeBase name/value
pairs are optional.
If they are not present, then any signer (including unsigned code)
will match, and any codeBase will match.
A permission entry must begin with the word permission.
The word Type in the template above would actually
be a specific permission type, such as
java.io.FilePermission or
java.lang.RuntimePermission.
The "action" is required for
many permission types, such as java.io.FilePermission
(where it specifies what type of file access is permitted).
It is not required for categories such as
java.lang.RuntimePermission
where it is not necessary - you either have the
permission specified by the "name"
value following the type name or you don't.
The signedBy name/value pair for a permission entry
is optional. If present, it indicates a signed permission. That is,
the permission class itself must be signed by the given alias in
order for it to be granted. For example,
suppose you have the following grant entry:
grant {
permission Foo "foobar", signedBy "FooSoft";
}
Then this permission of type Foo is granted if the
Foo.class permission has been signed by the
"FooSoft" alias, or if Foo.class is a
system class (i.e., is found on the CLASSPATH).
Items that appear in an entry must appear in the specified order
(permission, Type, "name", and
"action"). An entry is terminated with a semicolon.
Case is unimportant for the identifiers (permission,
signedBy, codeBase, etc.) but is
significant for the Type
or for any string that is passed in as a value.
An example of two entries in a policy configuration file is
// if the code is signed by "Duke", grant it read/write to all
// files in /tmp.
grant signedBy "Duke" {
permission java.io.FilePermission "/tmp/*", "read,write";
};
// grant everyone the following permission
grant {
permission java.util.PropertyPermission "java.vendor";
};
// Properties are set once for each init(); ignore changes between
// between diff invocations of initPolicyFile(policy, url, info).
String numCacheStr =
AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
expandProperties = "true".equalsIgnoreCase
(Security.getProperty("policy.expandProperties"));
ignoreIdentityScope = "true".equalsIgnoreCase
(Security.getProperty("policy.ignoreIdentityScope"));
allowSystemProperties = "true".equalsIgnoreCase
(Security.getProperty("policy.allowSystemProperty"));
notUtf8 = "false".equalsIgnoreCase
(System.getProperty("sun.security.policy.utf8"));
return System.getProperty("sun.security.policy.numcaches");
}});
int numCaches;
if (numCacheStr != null) {
try {
numCaches = Integer.parseInt(numCacheStr);
} catch (NumberFormatException e) {
numCaches = DEFAULT_CACHE_SIZE;
}
} else {
numCaches = DEFAULT_CACHE_SIZE;
}
// System.out.println("number caches=" + numCaches);
PolicyInfo newInfo = new PolicyInfo(numCaches);
initPolicyFile(newInfo, url);
policyInfo.set(newInfo);
| | private boolean | init(java.net.URL policy, com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo)Reads a policy configuration into the Policy object using a
Reader object.
boolean success = false;
PolicyParser pp = new PolicyParser(expandProperties);
InputStreamReader isr = null;
try {
// read in policy using UTF-8 by default
//
// check non-standard system property to see if
// the default encoding should be used instead
if (notUtf8) {
isr = new InputStreamReader
(PolicyUtil.getInputStream(policy));
} else {
isr = new InputStreamReader
(PolicyUtil.getInputStream(policy), "UTF-8");
}
pp.read(isr);
KeyStore keyStore = null;
try {
keyStore = PolicyUtil.getKeyStore
(policy,
pp.getKeyStoreUrl(),
pp.getKeyStoreType(),
pp.getKeyStoreProvider(),
pp.getStorePassURL(),
debug);
} catch (Exception e) {
// ignore, treat it like we have no keystore
if (debug != null) {
e.printStackTrace();
}
}
Enumeration<PolicyParser.GrantEntry> enum_ = pp.grantElements();
while (enum_.hasMoreElements()) {
PolicyParser.GrantEntry ge = enum_.nextElement();
addGrantEntry(ge, keyStore, newInfo);
}
} catch (PolicyParser.ParsingException pe) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString
(POLICY + ": error parsing policy:\n\tmessage"));
Object[] source = {policy, pe.getLocalizedMessage()};
System.err.println(form.format(source));
if (debug != null)
pe.printStackTrace();
} catch (Exception e) {
if (debug != null) {
debug.println("error parsing "+policy);
debug.println(e.toString());
e.printStackTrace();
}
} finally {
if (isr != null) {
try {
isr.close();
success = true;
} catch (IOException e) {
// ignore the exception
}
} else {
success = true;
}
}
return success;
| | private void | initPolicyFile(com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo, java.net.URL url)
if (url != null) {
/**
* If the caller specified a URL via Policy.getInstance,
* we only read from that URL
*/
if (debug != null) {
debug.println("reading "+url);
}
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
if (init(url, newInfo) == false) {
// use static policy if all else fails
initStaticPolicy(newInfo);
}
return null;
}
});
} else {
/**
* Caller did not specify URL via Policy.getInstance.
* Read from URLs listed in the java.security properties file.
*
* We call initPolicyFile with POLICY , POLICY_URL and then
* call it with AUTH_POLICY and AUTH_POLICY_URL
* So first we will process the JAVA standard policy
* and then process the JAVA AUTH Policy.
* This is for backward compatibility as well as to handle
* cases where the user has a single unified policyfile
* with both java policy entries and auth entries
*/
boolean loaded_one = initPolicyFile(POLICY, POLICY_URL, newInfo);
// To maintain strict backward compatibility
// we load the static policy only if POLICY load failed
if (!loaded_one) {
// use static policy if all else fails
initStaticPolicy(newInfo);
}
initPolicyFile(AUTH_POLICY, AUTH_POLICY_URL, newInfo);
}
| | private boolean | initPolicyFile(java.lang.String propname, java.lang.String urlname, com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo)
Boolean loadedPolicy =
AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
public Boolean run() {
boolean loaded_policy = false;
if (allowSystemProperties) {
String extra_policy = System.getProperty(propname);
if (extra_policy != null) {
boolean overrideAll = false;
if (extra_policy.startsWith("=")) {
overrideAll = true;
extra_policy = extra_policy.substring(1);
}
try {
extra_policy =
PropertyExpander.expand(extra_policy);
URL policyURL;
File policyFile = new File(extra_policy);
if (policyFile.exists()) {
policyURL = ParseUtil.fileToEncodedURL
(new File(policyFile.getCanonicalPath()));
} else {
policyURL = new URL(extra_policy);
}
if (debug != null)
debug.println("reading "+policyURL);
if (init(policyURL, newInfo))
loaded_policy = true;
} catch (Exception e) {
// ignore.
if (debug != null) {
debug.println("caught exception: "+e);
}
}
if (overrideAll) {
if (debug != null) {
debug.println("overriding other policies!");
}
return Boolean.valueOf(loaded_policy);
}
}
}
int n = 1;
String policy_uri;
while ((policy_uri = Security.getProperty(urlname+n)) != null) {
try {
URL policy_url = null;
String expanded_uri = PropertyExpander.expand
(policy_uri).replace(File.separatorChar, '/");
if (policy_uri.startsWith("file:${java.home}/") ||
policy_uri.startsWith("file:${user.home}/")) {
// this special case accommodates
// the situation java.home/user.home
// expand to a single slash, resulting in
// a file://foo URI
policy_url = new File
(expanded_uri.substring(5)).toURI().toURL();
} else {
policy_url = new URI(expanded_uri).toURL();
}
if (debug != null)
debug.println("reading "+policy_url);
if (init(policy_url, newInfo))
loaded_policy = true;
} catch (Exception e) {
if (debug != null) {
debug.println("error reading policy "+e);
e.printStackTrace();
}
// ignore that policy
}
n++;
}
return Boolean.valueOf(loaded_policy);
}
});
return loadedPolicy.booleanValue();
| | private void | initStaticPolicy(com.sun.enterprise.security.provider.PolicyFile$PolicyInfo newInfo)
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
PolicyEntry pe = new PolicyEntry(new CodeSource(null,
(Certificate[]) null));
pe.add(SecurityConstants.LOCAL_LISTEN_PERMISSION);
pe.add(new PropertyPermission("java.version",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("java.vendor",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("java.vendor.url",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("java.class.version",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("os.name",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("os.version",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("os.arch",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("file.separator",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("path.separator",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("line.separator",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission
("java.specification.version",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission
("java.specification.vendor",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission
("java.specification.name",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission
("java.vm.specification.version",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission
("java.vm.specification.vendor",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission
("java.vm.specification.name",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("java.vm.version",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("java.vm.vendor",
SecurityConstants.PROPERTY_READ_ACTION));
pe.add(new PropertyPermission("java.vm.name",
SecurityConstants.PROPERTY_READ_ACTION));
// No need to sync because noone has access to newInfo yet
newInfo.policyEntries.add(pe);
// Add AllPermissions for standard extensions
String[] extCodebases = PolicyParser.parseExtDirs(
PolicyParser.EXTDIRS_EXPANSION, 0);
if (extCodebases != null && extCodebases.length > 0) {
for (int i = 0; i < extCodebases.length; i++) {
try {
pe = new PolicyEntry(canonicalizeCodebase(
new CodeSource(new URL(extCodebases[i]),
(Certificate[]) null), false ));
pe.add(SecurityConstants.ALL_PERMISSION);
// No need to sync because noone has access to
// newInfo yet
newInfo.policyEntries.add(pe);
} catch (Exception e) {
// this is probably bad (though not dangerous).
// What should we do?
}
}
}
return null;
}
});
| | private static boolean | isTrusted(java.security.Identity id)
if (id instanceof SystemIdentity) {
SystemIdentity sysid = (SystemIdentity)id;
if (sysid.isTrusted()) {
return true;
}
} else if (id instanceof SystemSigner) {
SystemSigner sysid = (SystemSigner)id;
if (sysid.isTrusted()) {
return true;
}
}
return false;
| | private java.lang.String | printPD(java.security.ProtectionDomain pd)
Principal[] principals = pd.getPrincipals();
String pals = "<no principals>";
if (principals != null && principals.length > 0) {
StringBuilder palBuf = new StringBuilder("(principals ");
for (int i = 0; i < principals.length; i++) {
palBuf.append(principals[i].getClass().getName() +
" \"" + principals[i].getName() +
"\"");
if (i < principals.length-1)
palBuf.append(", ");
else
palBuf.append(")");
}
pals = palBuf.toString();
}
return "PD CodeSource: "
+ pd.getCodeSource()
+"\n\t" + "PD ClassLoader: "
+ pd.getClassLoader()
+"\n\t" + "PD Principals: "
+ pals;
| | public void | refresh()Refreshes the policy object by re-reading all the policy files.
init(url);
| | private boolean | replacePrincipals(java.util.List principals, java.security.KeyStore keystore)return true if no replacement was performed,
or if replacement succeeded.
if (principals == null || principals.size() == 0 || keystore == null)
return true;
ListIterator<PolicyParser.PrincipalEntry> i = principals.listIterator();
while (i.hasNext()) {
PolicyParser.PrincipalEntry pppe = i.next();
if (pppe.principalClass.equals(PolicyParser.REPLACE_NAME)) {
// perform replacement
// (only X509 replacement is possible now)
String name;
if ((name = getDN(pppe.principalName, keystore)) == null) {
return false;
}
if (debug != null) {
debug.println(" Replacing \"" +
pppe.principalName +
"\" with " +
X500PRINCIPAL + "/\"" +
name +
"\"");
}
pppe.principalClass = X500PRINCIPAL;
pppe.principalName = name;
}
}
// return true if no replacement was performed,
// or if replacement succeeded
return true;
|
|
