FileDocCategorySizeDatePackage
Permissions.javaAPI DocApache Ant 1.7012728Wed Dec 13 06:16:18 GMT 2006org.apache.tools.ant.types

Permissions

public class Permissions extends Object
This class implements a security manager meant for usage by tasks that run inside the Ant VM. An examples are the Java Task and JUnitTask. The basic functionality is that nothing (except for a base set of permissions) is allowed, unless the permission is granted either explicitly or implicitly. If a permission is granted this can be overruled by explicitly revoking the permission. It is not permissible to add permissions (either granted or revoked) while the Security Manager is active (after calling setSecurityManager() but before calling restoreSecurityManager()).
since
Ant 1.6

Fields Summary
private List
grantedPermissions
private List
revokedPermissions
private Permissions
granted
private SecurityManager
origSm
private boolean
active
private boolean
delegateToOldSM
Constructors Summary
public Permissions()
Create a set of Permissions. Equivalent to calling new Permissions(false).


                    
      
        this(false);
public Permissions(boolean delegateToOldSM)
Create a set of permissions.

param
delegateToOldSM if true the old security manager will be used if the permission has not been explicitly granted or revoked in this instance.

        this.delegateToOldSM = delegateToOldSM;
Methods Summary
public voidaddConfiguredGrant(org.apache.tools.ant.types.Permissions$Permission perm)
Adds a permission to be granted.

param
perm The Permissions.Permission to be granted.

        grantedPermissions.add(perm);
public voidaddConfiguredRevoke(org.apache.tools.ant.types.Permissions$Permission perm)
Adds a permission to be revoked.

param
perm The Permissions.Permission to be revoked

        revokedPermissions.add(perm);
private voidinit()
Initializes the list of granted permissions, checks the list of revoked permissions.

        granted = new java.security.Permissions();
        for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) {
            Permissions.Permission p = (Permissions.Permission) i.next();
            if (p.getClassName() == null) {
                throw new BuildException("Revoked permission " + p + " does not contain a class.");
            }
        }
        for (Iterator i = grantedPermissions.listIterator(); i.hasNext();) {
            Permissions.Permission p = (Permissions.Permission) i.next();
            if (p.getClassName() == null) {
                throw new BuildException("Granted permission " + p + " does not contain a class.");
            } else {
                java.security.Permission perm =
                    new UnresolvedPermission(p.getClassName(), p.getName(), p.getActions(), null);
                granted.add(perm);
            }
        }
        // Add base set of permissions
        granted.add(new java.net.SocketPermission("localhost:1024-", "listen"));
        granted.add(new java.util.PropertyPermission("java.version", "read"));
        granted.add(new java.util.PropertyPermission("java.vendor", "read"));
        granted.add(new java.util.PropertyPermission("java.vendor.url", "read"));
        granted.add(new java.util.PropertyPermission("java.class.version", "read"));
        granted.add(new java.util.PropertyPermission("os.name", "read"));
        granted.add(new java.util.PropertyPermission("os.version", "read"));
        granted.add(new java.util.PropertyPermission("os.arch", "read"));
        granted.add(new java.util.PropertyPermission("file.encoding", "read"));
        granted.add(new java.util.PropertyPermission("file.separator", "read"));
        granted.add(new java.util.PropertyPermission("path.separator", "read"));
        granted.add(new java.util.PropertyPermission("line.separator", "read"));
        granted.add(new java.util.PropertyPermission("java.specification.version", "read"));
        granted.add(new java.util.PropertyPermission("java.specification.vendor", "read"));
        granted.add(new java.util.PropertyPermission("java.specification.name", "read"));
        granted.add(new java.util.PropertyPermission("java.vm.specification.version", "read"));
        granted.add(new java.util.PropertyPermission("java.vm.specification.vendor", "read"));
        granted.add(new java.util.PropertyPermission("java.vm.specification.name", "read"));
        granted.add(new java.util.PropertyPermission("java.vm.version", "read"));
        granted.add(new java.util.PropertyPermission("java.vm.vendor", "read"));
        granted.add(new java.util.PropertyPermission("java.vm.name", "read"));
public synchronized voidrestoreSecurityManager()
To be used by tasks that just finished executing the parts subject to these permissions.

        active = false;
        System.setSecurityManager(origSm);
public synchronized voidsetSecurityManager()
To be used by tasks wishing to use this security model before executing the part to be subject to these Permissions. Note that setting the SecurityManager too early may prevent your part from starting, as for instance changing classloaders may be prohibited. The classloader for the new situation is supposed to be present.

throws
BuildException on error

        origSm = System.getSecurityManager();
        init();
        System.setSecurityManager(new MySM());
        active = true;