| Methods Summary |
|---|
| public void | addToExcludedPolicy(java.security.PermissionCollection permissions)Used to add excluded policy statements to this PolicyConfiguration.
assertStateIsOpen();
assert permissions != null;
if (permissions != null) {
checkSetPolicyPermission();
for(Enumeration e = permissions.elements(); e.hasMoreElements();){
this.getExcludedPermissions().add((Permission) e.nextElement());
writeOnCommit = true;
}
}
|
| public void | addToExcludedPolicy(java.security.Permission permission)Used to add a single excluded policy statement to this
PolicyConfiguration.
assertStateIsOpen();
assert permission != null;
if (permission != null) {
checkSetPolicyPermission();
this.getExcludedPermissions().add(permission);
writeOnCommit = true;
}
|
| public void | addToRole(java.lang.String roleName, java.security.PermissionCollection permissions)Used to add permissions to a named role in this PolicyConfiguration.
If the named Role does not exist in the PolicyConfiguration, it is
created as a result of the call to this function.
It is the job of the Policy provider to ensure that all the permissions
added to a role are granted to principals "mapped to the role".
assertStateIsOpen();
assert roleName != null;
assert permissions != null;
if (roleName != null && permissions != null) {
checkSetPolicyPermission();
for(Enumeration e = permissions.elements(); e.hasMoreElements();) {
this.getRolePermissions(roleName).add((Permission)e.nextElement());
writeOnCommit = true;
}
}
|
| public void | addToRole(java.lang.String roleName, java.security.Permission permission)Used to add a single permission to a named role in this
PolicyConfiguration.
If the named Role does not exist in the PolicyConfiguration, it is
created as a result of the call to this function.
It is the job of the Policy provider to ensure that all the permissions
added to a role are granted to principals "mapped to the role".
assertStateIsOpen();
assert permission != null;
assert roleName != null;
if (roleName != null && permission != null) {
checkSetPolicyPermission();
this.getRolePermissions(roleName).add(permission);
writeOnCommit = true;
}
|
| public void | addToUncheckedPolicy(java.security.PermissionCollection permissions)Used to add unchecked policy statements to this PolicyConfiguration.
assertStateIsOpen();
assert permissions != null;
if (permissions != null) {
checkSetPolicyPermission();
for(Enumeration e = permissions.elements(); e.hasMoreElements();){
this.getUncheckedPermissions().add((Permission) e.nextElement());
writeOnCommit = true;
}
}
|
| public void | addToUncheckedPolicy(java.security.Permission permission)Used to add a single unchecked policy statement to this
PolicyConfiguration.
assertStateIsOpen();
assert permission != null;
if (permission != null) {
checkSetPolicyPermission();
this.getUncheckedPermissions().add(permission);
writeOnCommit = true;
}
|
| private void | assertStateIsOpen()
if (state != OPEN_STATE){
String defMsg="Operation invoked on closed or deleted PolicyConfiguration.";
String msg = localStrings.getLocalString("pc.op_requires_state_open",defMsg);
logger.log(Level.WARNING, msg);
throw new UnsupportedOperationException(defMsg);
}
|
| private void | captureFileTime(boolean granted)
String name = getPolicyFileName(granted);
File f = new File(name);
lastModTimes[(int) (granted ? 1 : 0)] = f.lastModified();
|
| protected static void | checkSetPolicyPermission()
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (setPolicyPermission == null) {
setPolicyPermission = new java.security.SecurityPermission("setPolicy");
}
sm.checkPermission(setPolicyPermission);
}
|
| public void | commit()This method is used to set to "inService" the state of the policy context
whose interface is this PolicyConfiguration Object. Only those policy
contexts whose state is "inService" will be included in the policy
contexts processed by the Policy.refresh method. A policy context whose
state is "inService" may be returned to the "open" state by calling the
getPolicyConfiguration method of the PolicyConfiguration factory
with the policy context identifier of the policy context.
When the state of a policy context is "inService", calling any method
other than commit, delete, getContextID, or inService on its
PolicyConfiguration Object will cause an UnsupportedOperationException
to be thrown.
synchronized(refreshLock) {
if(state == DELETED_STATE){
String defMsg="Cannot perform Operation on a deleted PolicyConfiguration";
String msg=localStrings.getLocalString("pc.invalid_op_for_state_delete",defMsg);
logger.log(Level.WARNING,msg);
throw new UnsupportedOperationException(defMsg);
} else {
try {
checkSetPolicyPermission();
if (state == OPEN_STATE) {
generatePermissions();
state = INSERVICE_STATE;
}
} catch(Exception e){
String defMsg="commit fail for contextod "+CONTEXT_ID;
String msg=localStrings.getLocalString("pc.commit_failure",defMsg,new Object[]{CONTEXT_ID,e});
logger.log(Level.SEVERE,msg);
throw new PolicyContextException(e);
}
if (logger.isLoggable(Level.FINE)){
logger.fine("JACC Policy Provider: PC.commit "+CONTEXT_ID);
}
}
}
|
| private void | createPolicyContextDirectory()
String contextDirectoryName = getContextDirectoryName();
File d = new File(contextDirectoryName);
if (d.exists()) {
if(!d.isDirectory()) {
String defMsg="unable to create policy context directory";
String msg=localStrings.getLocalString("pc.unable_to_create_context_directory",
defMsg,new Object []{contextDirectoryName});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
}
} else {
d.mkdirs();
}
|
| private boolean | createPolicyFile(boolean granted, sun.security.provider.PolicyParser parser, boolean woc)
boolean result = woc;
createPolicyContextDirectory();
removePolicyFile(granted);
String name = getPolicyFileName(granted);
FileWriter writer = null;
try {
if(logger.isLoggable (Level.FINE)){
logger.fine("JACC Policy Provider: Writing grant statements to policy file: "+name);
}
writer = new FileWriter(name);
parser.write(writer);
result = false;
} catch(java.io.FileNotFoundException fnfe) {
String msg=localStrings.getLocalString("pc.file_error","file not found "+name,
new Object []{name, fnfe});
logger.log(Level.SEVERE,msg);
throw fnfe;
} catch(java.io.IOException ioe){
String msg=localStrings.getLocalString("pc.file_write_error","file IO error on file "+name,
new Object []{name,ioe});
logger.log(Level.SEVERE,msg);
throw ioe;
} finally {
if (writer != null) {
try {
writer.close();
captureFileTime(granted);
} catch (Exception e) {
String defMsg="Unable to close Policy file: "+name;
String msg=localStrings.getLocalString("pc.file_close_error",defMsg,new Object []{name,e});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
}
}
}
return result;
|
| public void | delete()Causes all policy statements to be deleted from this PolicyConfiguration
and sets its internal state such that calling any method, other than
delete, getContextID, or inService on the PolicyConfiguration will
be rejected and cause an UnsupportedOperationException to be thrown.
This operation has no affect on any linked PolicyConfigurations
other than removing any links involving the deleted PolicyConfiguration.
checkSetPolicyPermission();
synchronized(refreshLock) {
try {
removePolicy();
} finally {
state = DELETED_STATE;
}
}
|
| private java.lang.String | escapeName(java.lang.String name)
return (name != null && name.indexOf('"") > 0) ?
name.replaceAll("\"", "\\\\\"") : name;
|
| private boolean | fileChanged(boolean granted)
String name = getPolicyFileName(granted);
File f = new File(name);
return !(lastModTimes[(int) (granted ? 1 : 0)] == f.lastModified());
|
| private boolean | filesChanged()
return (fileChanged(true) || fileChanged(false));
|
| private void | generatePermissions()
// optimization - return if the rules have not changed
if (!writeOnCommit) return;
// otherwise proceed to write policy file
Map roleToSubjectMap = null;
if (rolePermissionsTable != null) {
// Make sure a role to subject map has been defined for the Policy Context
if (factory != null) {
// the rolemapper is stored against the
// appname, for a web app get the appname for this contextid
SecurityRoleMapper srm = factory.getRoleMapper(CONTEXT_ID);
if (srm != null) {
roleToSubjectMap = srm.getRoleToSubjectMapping();
}
if (roleToSubjectMap != null) {
// make sure all liked PC's have the same roleToSubjectMap
Set linkSet = (Set) linkTable.get(CONTEXT_ID);
if (linkSet != null) {
Iterator it = linkSet.iterator();
while (it.hasNext()) {
String contextId = (String)it.next();
if (!CONTEXT_ID.equals(contextId)) {
SecurityRoleMapper otherSrm = factory.getRoleMapper(contextId);
Map otherRoleToSubjectMap = null;
if (otherSrm != null) {
otherRoleToSubjectMap = otherSrm.getRoleToSubjectMapping();
}
if (otherRoleToSubjectMap != roleToSubjectMap) {
String defMsg="Linked policy contexts have different roleToSubjectMaps ("+CONTEXT_ID+")<->("+contextId+")";
String msg=localStrings.getLocalString("pc.linked_with_different_role_maps",defMsg,new Object []{CONTEXT_ID,contextId});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
}
}
}
}
}
}
}
if (roleToSubjectMap == null && rolePermissionsTable != null) {
String defMsg="This application has no role mapper factory defined";
String msg=localStrings.getLocalString("pc.role_map_not_defined_at_commit",defMsg,new Object []{CONTEXT_ID});
logger.log(Level.SEVERE,msg);
throw new RuntimeException
(localStrings.getLocalString
("enterprise.deployment.deployment.norolemapperfactorydefine",defMsg));
}
PolicyParser parser = new PolicyParser(false);
// load unchecked grants in parser
if (uncheckedPermissions != null) {
Enumeration pEnum = uncheckedPermissions.elements();
if (pEnum.hasMoreElements()) {
GrantEntry grant = new GrantEntry();
while (pEnum.hasMoreElements()) {
Permission p = (Permission) pEnum.nextElement();
PermissionEntry entry =
new PermissionEntry(p.getClass().getName(),
p.getName(),p.getActions());
grant.add(entry);
}
parser.add(grant);
}
}
// load role based grants in parser
if (rolePermissionsTable != null) {
Iterator roleIt = rolePermissionsTable.keySet().iterator();
while (roleIt.hasNext()) {
boolean withPrincipals = false;
String roleName = (String) roleIt.next();
Permissions rolePerms = getRolePermissions(roleName);
Subject rolePrincipals = (Subject) roleToSubjectMap.get(roleName);
if (rolePrincipals != null) {
Iterator pit = rolePrincipals.getPrincipals().iterator();
while (pit.hasNext()){
Principal prin = (Principal) pit.next();
assert prin instanceof java.security.Principal;
if (prin instanceof java.security.Principal) {
withPrincipals = true;
PrincipalEntry prinEntry =
new PrincipalEntry(prin.getClass().getName(),
escapeName(prin.getName()));
GrantEntry grant = new GrantEntry();
grant.principals.add(prinEntry);
Enumeration pEnum = rolePerms.elements();
while (pEnum.hasMoreElements()) {
Permission perm = (Permission) pEnum.nextElement();
PermissionEntry permEntry =
new PermissionEntry(perm.getClass().getName(),
perm.getName(),
perm.getActions());
grant.add(permEntry);
}
parser.add(grant);
}
else {
String msg = localStrings.getLocalString("pc.non_principal_mapped_to_role",
"non principal mapped to role "+roleName,new Object[]{prin,roleName});
logger.log(Level.WARNING,msg);
}
}
}
if (!withPrincipals) {
String msg = localStrings.getLocalString("pc.no_principals_mapped_to_role",
"no principals mapped to role "+roleName, new Object []{ roleName});
logger.log(Level.WARNING,msg);
}
}
}
writeOnCommit = createPolicyFile(true,parser,writeOnCommit);
// load excluded perms in excluded parser
if (excludedPermissions != null) {
PolicyParser excludedParser = new PolicyParser(false);
Enumeration pEnum = excludedPermissions.elements();
if (pEnum.hasMoreElements()) {
GrantEntry grant = new GrantEntry();
while (pEnum.hasMoreElements()) {
Permission p = (Permission) pEnum.nextElement();
PermissionEntry entry =
new PermissionEntry(p.getClass().getName(),
p.getName(),p.getActions());
grant.add(entry);
}
excludedParser.add(grant);
}
writeOnCommit = createPolicyFile(false,excludedParser,writeOnCommit);
}
if (!writeOnCommit) wasRefreshed = false;
|
| private java.lang.String | getContextDirectoryName()
if (repository == null) {
throw new RuntimeException("JACC Policy provider: repository not initialized");
}
return getContextDirectoryName(CONTEXT_ID);
|
| protected static java.lang.String | getContextDirectoryName(java.lang.String contextId)
if (repository == null) {
throw new RuntimeException("JACC Policy provider: repository not initialized");
}
return repository+File.separator+contextId;
|
| public java.lang.String | getContextID()This method returns this object's policy context identifier.
checkSetPolicyPermission();
return this.CONTEXT_ID;
|
| private java.security.Permissions | getExcludedPermissions()
if (excludedPermissions == null) {
excludedPermissions = new Permissions();
}
return excludedPermissions;
|
| protected java.security.Permissions | getExcludedPolicy()
synchronized(refreshLock) {
return state == INSERVICE_STATE ? this.excludedPermissions : null;
}
|
| private java.security.Policy | getNewPolicy()
Object wrapper = java.security.Policy.getPolicy();
if (wrapper != null && wrapper instanceof BasePolicyWrapper) {
return ((BasePolicyWrapper) wrapper).getNewPolicy();
} else {
return new sun.security.provider.PolicyFile();
}
|
| protected java.security.Policy | getPolicy()
synchronized(refreshLock) {
if (state == INSERVICE_STATE) {
return this.policy;
}
if (logger.isLoggable(Level.FINEST)) {
logger.finest("JACC Policy Provider: getPolicy ("+CONTEXT_ID+") is NOT in service");
}
return null;
}
|
| private java.lang.String | getPolicyFileName(boolean granted)
return granted ?
getContextDirectoryName()+File.separator+"granted"+policySuffix :
getContextDirectoryName()+File.separator+"excluded"+policySuffix;
|
| private java.security.Permissions | getRolePermissions(java.lang.String roleName)
if (rolePermissionsTable == null) rolePermissionsTable = new HashMap();
Permissions rolePermissions = (Permissions) rolePermissionsTable.get(roleName);
if (rolePermissions == null) {
rolePermissions = new Permissions();
rolePermissionsTable.put(roleName,rolePermissions);
}
return rolePermissions;
|
| private java.security.Permissions | getUncheckedPermissions()
if (uncheckedPermissions == null) {
uncheckedPermissions = new Permissions();
}
return uncheckedPermissions;
|
| public boolean | inService()This method is used to determine if the policy context whose interface is
this PolicyConfiguration Object is in the "inService" state.
checkSetPolicyPermission();
return (state == INSERVICE_STATE)? true: false;
|
| private void | initLinkTable()
synchronized(refreshLock) {
// get the linkSet corresponding to this context.
Set linkSet = (Set) linkTable.get(CONTEXT_ID);
// remobe this context id from the linkSet (which may be shared
// with other contexts), and unmap the linkSet form this context.
if (linkSet != null) {
linkSet.remove(CONTEXT_ID);
linkTable.remove(CONTEXT_ID);
}
// create a new linkSet with onlythis context id, and put it in the table.
linkSet = new HashSet();
linkSet.add(CONTEXT_ID);
linkTable.put(CONTEXT_ID,linkSet);
}
|
| protected void | initialize(boolean open, boolean remove, boolean fromFile)
synchronized(refreshLock) {
String name = getPolicyFileName(true);
if (open || remove) {
state = OPEN_STATE;
} else {
state = INSERVICE_STATE;
}
try {
if (remove) {
removePolicy();
}
policyUrlValue =
sun.net.www.ParseUtil.fileToEncodedURL(new File(name)).toString();
if (fromFile && !remove) {
excludedPermissions = loadExcludedPolicy();
writeOnCommit = false;
}
wasRefreshed = false;
} catch (java.net.MalformedURLException mue) {
String defMsg="Unable to convert Policy file Name to URL: "+name;
String msg=localStrings.getLocalString("pc.file_to_url",defMsg, new Object[]{name,mue});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
}
}
|
| private static java.lang.String | initializeRepository()Read the repository directory name, create the directory, and
save the name in 'repository'
try {
repository = System.getProperty(REPOSITORY_HOME_PROP);
if (repository == null) {
String msg=localStrings.getLocalString("pc.no_repository","no repository");
logger.log(Level.SEVERE,msg);
} else {
if (logger.isLoggable(Level.FINE)) {
logger.fine("JACC policy provider: repository set to: "+repository);
}
File rf = new File(repository);
if (rf.exists()) {
if(!rf.isDirectory()) {
String msg=localStrings.getLocalString("pc.unable_to_create_repository",
"unable to create repository"+repository,new Object []{repository});
logger.log(Level.SEVERE,msg);
} else {
// read deployed policy contextes
File[] appsInService = rf.listFiles();
if (appsInService != null) {
for (int i = 0; i <appsInService.length; i++) {
File[] contextsInService =
appsInService[i].listFiles(new FileFilter() {
public boolean accept(File pathname) {
return pathname.isDirectory();
}
});
if (contextsInService != null) {
for (int j = 0; j < contextsInService.length; j++) {
try {
PolicyConfigurationImpl pc =
new PolicyConfigurationImpl(contextsInService[j],false,false);
PolicyConfigurationFactoryImpl.
putPolicyConfigurationImpl(pc.CONTEXT_ID,pc);
} catch(Exception ex) {
String msg=localStrings.getLocalString("pc.unable_to_read_repostory",
"unable to read repository" ,new Object []{contextsInService[i].toString()});
logger.log(Level.WARNING,msg);
}
}
}
}
}
}
} else {
if(logger.isLoggable(Level.FINE)){
logger.fine("JACC Policy Provider: creating new policy repository");
}
rf.mkdirs();
}
}
} catch (Exception e) {
String msg=localStrings.getLocalString("pc.unable_to_init_repository",
"unable to init repository",new Object []{e});
logger.log(Level.SEVERE,msg);
repository = null;
}
return repository;
|
| public void | linkConfiguration(javax.security.jacc.PolicyConfiguration link)Creates a relationship between this configuration and another
such that they share the same principal-to-role mappings.
PolicyConfigurations are linked to apply a common principal-to-role
mapping to multiple seperately manageable PolicyConfigurations,
as is required when an application is composed of multiple
modules.
Note that the policy statements which comprise a role, or comprise
the excluded or unchecked policy collections in a PolicyConfiguration
are unaffected by the configuration being linked to another.
assertStateIsOpen();
String linkId = link.getContextID();
if (this.CONTEXT_ID == linkId) {
String defMsg="Operation attempted to link PolicyConfiguration to itself.";
String msg=localStrings.getLocalString("pc.unsupported_link_operation",defMsg);
logger.log(Level.WARNING,msg);
throw new IllegalArgumentException(defMsg);
}
checkSetPolicyPermission();
updateLinkTable(linkId);
|
| private java.security.Permissions | loadExcludedPolicy()
Permissions result = null;
String name = getPolicyFileName(false);
FileReader reader = null;
PolicyParser parser = new PolicyParser(false);
try {
captureFileTime(false);
reader = new FileReader(name);
parser.read(reader);
} catch (java.io.FileNotFoundException fnf) {
//Just means there is no excluded Policy file, which
// is the typical case
parser = null;
} catch (java.io.IOException ioe) {
String defMsg="Error reading Policy file: "+name;
String msg=localStrings.getLocalString("pc.file_read_error",defMsg,
new Object []{name, ioe});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
} catch ( sun.security.provider.PolicyParser.ParsingException pe) {
String defMsg="Unable to parse Policy file: "+name;
String msg=localStrings.getLocalString("pc.policy_parsing_exception",defMsg,
new Object []{name,pe});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
} finally {
if (reader != null) {
try {
reader.close();
} catch (Exception e) {
String defMsg="Unable to close Policy file: "+name;
String msg=localStrings.getLocalString("pc.file_close_error",defMsg,
new Object []{name,e});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
}
}
}
if (parser != null) {
Enumeration grants = parser.grantElements();
while (grants.hasMoreElements()) {
GrantEntry grant = (GrantEntry) grants.nextElement();
if (grant.codeBase != null || grant.signedBy != null ||
grant.principals.size() != 0) {
String msg=localStrings.getLocalString("pc.excluded_grant_context_ignored",
"ignore excluded grant context", new Object []{grant});
logger.log(Level.WARNING,msg);
} else {
Enumeration perms = grant.permissionEntries.elements();
while (perms.hasMoreElements()) {
PermissionEntry entry = (PermissionEntry) perms.nextElement();
Permission p =
loadPermission(entry.permission,entry.name,entry.action);
if (result == null) {
result = new Permissions();
}
result.add(p);
}
}
}
}
return result;
|
| private java.security.Permission | loadPermission(java.lang.String className, java.lang.String name, java.lang.String actions)
Class clazz = null;
Permission permission = null;
try{
clazz = Class.forName(className);
Constructor c = clazz.getConstructor(permissionParams);
permission = (Permission) c.newInstance(new Object[] { name, actions });
} catch(Exception e){
String defMsg="PolicyConfiguration error loading permission";
String msg=localStrings.getLocalString("pc.permission_load_error",defMsg,
new Object []{className, e});
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg,e);
}
return permission;
|
| protected void | refresh(boolean force)
synchronized(refreshLock){
if (state == INSERVICE_STATE &&
(wasRefreshed == false || force || filesChanged())) {
// find open policy.url
int i = 0;
String value = null;
String urlKey = null;
while (true) {
urlKey = PROVIDER_URL+(++i);
value = java.security.Security.getProperty(urlKey);
if (value == null || value.equals("")) {
break;
}
}
try {
java.security.Security.setProperty(urlKey,policyUrlValue);
if (fileChanged(false)) {
excludedPermissions = loadExcludedPolicy();
}
// capture time before load, to ensure that we
// have a time that precedes load
captureFileTime(true);
if (policy == null) {
policy = getNewPolicy();
} else {
policy.refresh();
if (logger.isLoggable(Level.FINE)){
logger.fine("JACC Policy Provider: Called Policy.refresh on contextId: "+CONTEXT_ID+" policyUrlValue was "+policyUrlValue);
}
}
wasRefreshed = true;
} finally {
// can't setProperty back to null, workaround is to
// use empty string
java.security.Security.setProperty(urlKey,"");
}
}
}
|
| public void | removeExcludedPolicy()Used to remove any excluded policy statements from this
PolicyConfiguration.
assertStateIsOpen();
checkSetPolicyPermission();
if (excludedPermissions != null) {
excludedPermissions = null;
writeOnCommit = true;
}
|
| private void | removePolicy()
excludedPermissions = null;
uncheckedPermissions = null;
rolePermissionsTable = null;
removePolicyFile(true);
removePolicyFile(false);
removePolicyContextDirectory();
initLinkTable();
policy = null;
writeOnCommit = true;
|
| private void | removePolicyContextDirectory()
String directoryName = getContextDirectoryName();
File f = new File(directoryName);
if(f.exists()){
// WORKAROUND: due to existence of timestamp file in given directory
// for SE/EE synchronization
File[] files = f.listFiles();
if (files != null && files.length > 0) {
for (int i = 0; i < files.length; i++) {
files[i].delete();
}
}
//WORKAROUND: End
if (!f.delete()) {
String defMsg = "Failure removing policy context directory: "+directoryName;
String msg=localStrings.getLocalString("pc.file_delete_error", defMsg);
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
} else if(logger.isLoggable(Level.FINE)){
logger.fine("JACC Policy Provider: Policy context directory removed: "+directoryName);
}
File appDir = f.getParentFile();
// WORKAROUND: due to existence of timestamp file in given directory
// for SE/EE synchronization
File[] fs = appDir.listFiles();
if (fs != null && fs.length > 0) {
boolean hasDir = false;
for (int i = 0; i < fs.length; i++) {
if (fs[i].isDirectory()) {
hasDir = true;
break;
}
}
if (!hasDir) {
for (int i = 0; i < fs.length; i++) {
fs[i].delete();
}
}
}
//WORKAROUND: End
File[] moduleDirs = appDir.listFiles();
if (moduleDirs == null || moduleDirs.length == 0) {
if (!appDir.delete()) {
String defMsg = "Failure removing policy context directory: " + appDir;
String msg = localStrings.getLocalString("pc.file_delete_error", defMsg);
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
}
}
}
|
| private void | removePolicyFile(boolean granted)
String fileName = getPolicyFileName(granted);
File f = new File(fileName);
if(f.exists()){
if (!f.delete()) {
String defMsg = "Failure removing policy file: "+fileName;
String msg=localStrings.getLocalString("pc.file_delete_error", defMsg,new Object []{ fileName} );
logger.log(Level.SEVERE,msg);
throw new RuntimeException(defMsg);
} else if(logger.isLoggable(Level.FINE)){
logger.fine("JACC Policy Provider: Policy file removed: "+fileName);
}
}
|
| public void | removeRole(java.lang.String roleName)Used to remove a role and all its permissions from this
PolicyConfiguration.
assertStateIsOpen();
assert roleName != null;
if(roleName != null && rolePermissionsTable != null) {
checkSetPolicyPermission();
if (rolePermissionsTable.remove(roleName) != null)
writeOnCommit = true;
}
|
| public void | removeUncheckedPolicy()Used to remove any unchecked policy statements from this
PolicyConfiguration.
assertStateIsOpen();
checkSetPolicyPermission();
if (uncheckedPermissions != null) {
uncheckedPermissions = null;
writeOnCommit = true;
}
|
| private void | updateLinkTable(java.lang.String otherId)
synchronized(refreshLock) {
// get the linkSet corresponding to this context
Set linkSet = (Set) linkTable.get(CONTEXT_ID);
// get the linkSet corresponding to the context being linked to this
Set otherLinkSet = (Set) linkTable.get(otherId);
if (otherLinkSet == null) {
String defMsg="Linked policy configuration ("+otherId+") does not exist";
String msg = localStrings.getLocalString("pc.invalid_link_target",defMsg, new Object []{otherId});
logger.log(Level.SEVERE,"pc.invalid_link_target",otherId);
throw new RuntimeException(defMsg);
} else {
Iterator it = otherLinkSet.iterator();
// for each context (id) linked to the context being linked to this
while (it.hasNext()) {
String id = (String) it.next();
//add the id to this linkSet
linkSet.add(id);
//replace the linkset mapped to all the contexts being linked
//to this context, with this linkset.
linkTable.put(id,linkSet);
}
}
}
|
