avalon-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dona...@apache.org
Subject cvs commit: jakarta-avalon-excalibur/loader/src/test/org/apache/excalibur/policy/test AbstractPolicyTestCase.java
Date Sun, 22 Sep 2002 03:17:47 GMT
donaldp     2002/09/21 20:17:47

  Modified:    loader/src/java/org/apache/excalibur/policy/reader
                        PolicyReader.java
               loader/src/java/org/apache/excalibur/policy/runtime
                        AbstractPolicy.java
               loader/src/test/org/apache/excalibur/policy/test
                        AbstractPolicyTestCase.java
  Added:       loader/src/java/org/apache/excalibur/policy/builder
                        PolicyBuilder.java PolicyResolver.java
               loader/src/java/org/apache/excalibur/policy/runtime
                        DefaultPolicy.java
  Log:
  Incorporated infrstructure to build a Policy object.
  
  Revision  Changes    Path
  1.1                  jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/builder/PolicyBuilder.java
  
  Index: PolicyBuilder.java
  ===================================================================
  /*
   * Copyright (C) The Apache Software Foundation. All rights reserved.
   *
   * This software is published under the terms of the Apache Software License
   * version 1.1, a copy of which has been included with this distribution in
   * the LICENSE.txt file.
   */
  package org.apache.excalibur.policy.builder;
  
  import java.io.InputStream;
  import java.lang.reflect.Constructor;
  import java.net.MalformedURLException;
  import java.net.URL;
  import java.security.CodeSource;
  import java.security.KeyStore;
  import java.security.KeyStoreException;
  import java.security.Permission;
  import java.security.Policy;
  import java.security.UnresolvedPermission;
  import java.security.cert.Certificate;
  import java.util.ArrayList;
  import java.util.HashMap;
  import java.util.List;
  import java.util.Map;
  import java.util.PropertyPermission;
  import java.util.StringTokenizer;
  import org.apache.excalibur.policy.metadata.GrantMetaData;
  import org.apache.excalibur.policy.metadata.KeyStoreMetaData;
  import org.apache.excalibur.policy.metadata.PermissionMetaData;
  import org.apache.excalibur.policy.metadata.PolicyMetaData;
  
  /**
   * A Utility class that builds a Policy object from a specified
   * PolicyMetaData.
   *
   * @author <a href="mailto:peter at apache.org">Peter Donald</a>
   * @version $Revision: 1.1 $ $Date: 2002/09/22 03:17:46 $
   */
  public class PolicyBuilder
  {
      /**
       * Build a policy for a specified meta data.
       *
       * @param policy the policy metadata
       * @return the Policy object
       * @throws Exception if unable to create Policy object
       */
      public Policy buildPolicy( final PolicyMetaData policy,
                                 final PolicyResolver resolver )
          throws Exception
      {
          final Map keyStores =
              createKeyStores( policy.getKeyStores(), resolver );
          final Map grants = new HashMap();
          processGrants( policy.getGrants(), keyStores, grants, resolver );
  
          final CodeSource codeSource = createDefaultCodeSource();
          final Permission[] permissions = getDefaultPermissions();
          grants.put( codeSource, permissions );
  
          return resolver.createPolicy( grants );
      }
  
      /**
       * Porcess all the grants and build up a grant map.
       *
       * @param metaDatas the metadata
       * @param keyStores the configured keystores
       * @param grants the grant map
       * @param resolver the resolver to use to resolve locations etc
       * @throws Exception if unable to create grant map
       */
      private void processGrants( final GrantMetaData[] metaDatas,
                                  final Map keyStores,
                                  final Map grants,
                                  final PolicyResolver resolver )
          throws Exception
      {
          for( int i = 0; i < metaDatas.length; i++ )
          {
              processGrant( metaDatas[ i ], keyStores, grants, resolver );
          }
      }
  
      /**
       * Porcess a grants and add to the grant map.
       *
       * @param metaData the metadata
       * @param keyStores the configured keystores
       * @param grants the grant map
       * @param resolver the resolver to use to resolve locations etc
       * @throws Exception if unable to create grant map
       */
      private void processGrant( final GrantMetaData metaData,
                                 final Map keyStores,
                                 final Map grants,
                                 final PolicyResolver resolver )
          throws Exception
      {
          final URL url =
              resolver.resolveLocation( metaData.getCodebase() );
  
          final Certificate[] signers =
              getSigners( metaData.getSignedBy(),
                          metaData.getKeyStore(),
                          keyStores );
          final CodeSource codeSource = new CodeSource( url, signers );
  
          final Permission[] permissions =
              createPermissions( metaData.getPermissions(),
                                 keyStores,
                                 resolver );
          grants.put( codeSource, permissions );
      }
  
      /**
       * Create all permissions for specified metadata.
       *
       * @param metaDatas the metadata
       * @param keyStores the keystores to use when loading signers
       * @param resolver the resolver to use to resolve targets
       * @return the created permissions
       * @throws Exception if unabel to create permissions
       */
      private Permission[] createPermissions( final PermissionMetaData[] metaDatas,
                                              final Map keyStores,
                                              final PolicyResolver resolver )
          throws Exception
      {
          final List set = new ArrayList();
  
          for( int i = 0; i < metaDatas.length; i++ )
          {
              final Permission permission =
                  createPermission( metaDatas[ i ], keyStores, resolver );
              set.add( permission );
          }
  
          return (Permission[]) set.toArray( new Permission[ set.size() ] );
      }
  
      /**
       * Create a permission for metadata.
       *
       * @param metaData the permission metadata
       * @param keyStores the keystore to use (if needed)
       * @param resolver the resovler to use when resolving target
       * @return the created permission
       * @throws Exception if unable to create permission
       */
      private Permission createPermission( final PermissionMetaData metaData,
                                           final Map keyStores,
                                           final PolicyResolver resolver )
          throws Exception
      {
          final String type = metaData.getClassname();
          final String actions = metaData.getAction();
          final String signedBy = metaData.getSignedBy();
          final String keyStoreName = metaData.getKeyStore();
  
          String target = metaData.getTarget();
          if( null != target )
          {
              target = resolver.resolveTarget( target );
          }
  
          final Certificate[] signers =
              getSigners( signedBy, keyStoreName, keyStores );
          try
          {
              return createPermission( type, target, actions, signers );
          }
          catch( final Exception e )
          {
              throw new Exception( e.getMessage(), e );
          }
      }
  
      /**
       * Create a mpa of keystores from specified metadata.
       *
       * @param metaDatas the metadata
       * @return the keystore map
       * @throws Exception if unable to create all keystores
       */
      private Map createKeyStores( final KeyStoreMetaData[] metaDatas,
                                   final PolicyResolver resolver )
          throws Exception
      {
          final Map keyStores = new HashMap();
  
          for( int i = 0; i < metaDatas.length; i++ )
          {
              final KeyStoreMetaData metaData = metaDatas[ i ];
              final String name = metaData.getName();
  
              try
              {
                  final URL url =
                      resolver.resolveLocation( metaData.getLocation() );
                  final KeyStore keyStore =
                      createKeyStore( metaData.getType(), url );
  
                  keyStores.put( name, keyStore );
              }
              catch( final Exception e )
              {
                  final String message =
                      "Error creating keystore " + name + ".";
                  throw new Exception( message, e );
              }
          }
  
          return keyStores;
      }
  
      /**
       * Create a permission of specified class and
       * with specified target, action and signers.
       *
       * @param type the classname of Permission object
       * @param target the target of permission
       * @param actions the actions allowed on permission (if any)
       * @param signers the signers (if any)
       * @return the created Permission object
       * @throws Exception if unable to create permission
       */
      private final Permission createPermission( final String type,
                                                 final String target,
                                                 final String actions,
                                                 final Certificate[] signers )
          throws Exception
      {
          if( null != signers )
          {
              return new UnresolvedPermission( type, target, actions, signers );
          }
  
          try
          {
              final Class clazz = Class.forName( type );
  
              Class paramClasses[] = null;
              Object params[] = null;
  
              if( null == actions && null == target )
              {
                  paramClasses = new Class[ 0 ];
                  params = new Object[ 0 ];
              }
              else if( null == actions )
              {
                  paramClasses = new Class[ 1 ];
                  paramClasses[ 0 ] = String.class;
                  params = new Object[ 1 ];
                  params[ 0 ] = target;
              }
              else
              {
                  paramClasses = new Class[ 2 ];
                  paramClasses[ 0 ] = String.class;
                  paramClasses[ 1 ] = String.class;
                  params = new Object[ 2 ];
                  params[ 0 ] = target;
                  params[ 1 ] = actions;
              }
  
              final Constructor constructor = clazz.getConstructor( paramClasses );
              return (Permission) constructor.newInstance( params );
          }
          catch( final ClassNotFoundException cnfe )
          {
              return new UnresolvedPermission( type, target, actions, signers );
          }
      }
  
      /**
       * A utility method to get a default codesource
       * that covers all files on fielsystem
       *
       * @return the code source
       */
      private CodeSource createDefaultCodeSource()
      {
          //Create a URL that covers whole file system.
          final URL url;
          try
          {
              url = new URL( "file:/-" );
          }
          catch( final MalformedURLException mue )
          {
              //will never happen
              throw new IllegalStateException( mue.getMessage() );
          }
          final CodeSource codeSource = new CodeSource( url, null );
          return codeSource;
      }
  
      /**
       * A utility method to get all the default permissions.
       */
      private Permission[] getDefaultPermissions()
      {
          final ArrayList list = new ArrayList();
          //these properties straight out ot ${java.home}/lib/security/java.policy
          list.add( new PropertyPermission( "os.name", "read" ) );
          list.add( new PropertyPermission( "os.arch", "read" ) );
          list.add( new PropertyPermission( "os.version", "read" ) );
          list.add( new PropertyPermission( "file.separator", "read" ) );
          list.add( new PropertyPermission( "path.separator", "read" ) );
          list.add( new PropertyPermission( "line.separator", "read" ) );
  
          list.add( new PropertyPermission( "java.version", "read" ) );
          list.add( new PropertyPermission( "java.vendor", "read" ) );
          list.add( new PropertyPermission( "java.vendor.url", "read" ) );
  
          list.add( new PropertyPermission( "java.class.version", "read" ) );
          list.add( new PropertyPermission( "java.vm.version", "read" ) );
          list.add( new PropertyPermission( "java.vm.vendor", "read" ) );
          list.add( new PropertyPermission( "java.vm.name", "read" ) );
  
          list.add( new PropertyPermission( "java.specification.version", "read" ) );
          list.add( new PropertyPermission( "java.specification.vendor", "read" ) );
          list.add( new PropertyPermission( "java.specification.name", "read" ) );
          list.add( new PropertyPermission( "java.vm.specification.version", "read" ) );
          list.add( new PropertyPermission( "java.vm.specification.vendor", "read" ) );
          list.add( new PropertyPermission( "java.vm.specification.name", "read" ) );
  
          return (Permission[]) list.toArray( new Permission[ list.size() ] );
      }
  
      /**
       * Create a keystore of specified type and loading from specified url.
       *
       * @param type the type of key store
       * @param url the location of key store data
       * @return the create and configured keystore
       * @throws Exception if unable to create or load keystore
       */
      private final KeyStore createKeyStore( final String type,
                                            final URL url )
          throws Exception
      {
          final KeyStore keyStore = KeyStore.getInstance( type );
          final InputStream ins = url.openStream();
          keyStore.load( ins, null );
          return keyStore;
      }
  
      /**
       * Retrieve Certificates for specified signers
       * as loaded from keyStore.
       *
       * @param signedBy the signers
       * @param keyStoreName the name of keystore
       * @param keyStores the list of keystores to lookup
       * @return the certificates
       * @throws Exception if unable to get signers
       */
      private Certificate[] getSigners( final String signedBy,
                                        final String keyStoreName,
                                        final Map keyStores )
          throws Exception
      {
          if( null == signedBy )
          {
              return null;
          }
          else
          {
              final KeyStore keyStore = getKeyStore( keyStoreName, keyStores );
              return getCertificates( signedBy, keyStore );
          }
      }
  
      /**
       * Retrieve the set of Ceritificates for all signers.
       *
       * @param signedBy the comma separated list of signers
       * @param keyStore the keystore to look for signers certificates in
       * @return the certificate set
       * @throws Exception if unabel to create certificates
       */
      private Certificate[] getCertificates( final String signedBy,
                                             final KeyStore keyStore )
          throws Exception
      {
          final List certificateSet = new ArrayList();
  
          final StringTokenizer st = new StringTokenizer( signedBy, "," );
          while( st.hasMoreTokens() )
          {
              final String alias = st.nextToken().trim();
              Certificate certificate = null;
  
              try
              {
                  certificate = keyStore.getCertificate( alias );
              }
              catch( final KeyStoreException kse )
              {
                  final String message =
                      "Unable to get certificate for alias " +
                      alias + " due to " + kse;
                  throw new Exception( message, kse );
              }
  
              if( null == certificate )
              {
                  final String message =
                      "Missing certificate for alias " + alias;
                  throw new Exception( message );
              }
  
              if( !certificateSet.contains( certificate ) )
              {
                  certificateSet.add( certificate );
              }
          }
  
          return (Certificate[]) certificateSet.toArray( new Certificate[ certificateSet.size()
] );
      }
  
      /**
       * Retrieve keystore with specified name from map.
       * If missing throw an exception.
       *
       * @param keyStoreName the name of key store
       * @param keyStores the map of stores
       * @return the keystore
       * @throws Exception thrown if unable to locate keystore
       */
      private KeyStore getKeyStore( final String keyStoreName, final Map keyStores ) throws
Exception
      {
          final KeyStore keyStore = (KeyStore) keyStores.get( keyStoreName );
          if( null == keyStore )
          {
              final String message = "Missing keystore named: " + keyStoreName;
              throw new Exception( message );
          }
          else
          {
              return keyStore;
          }
      }
  }
  
  
  
  1.1                  jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/builder/PolicyResolver.java
  
  Index: PolicyResolver.java
  ===================================================================
  /*
   * Copyright (C) The Apache Software Foundation. All rights reserved.
   *
   * This software is published under the terms of the Apache Software License
   * version 1.1, a copy of which has been included with this distribution in
   * the LICENSE.txt file.
   */
  package org.apache.excalibur.policy.builder;
  
  import java.net.URL;
  import java.security.Policy;
  import java.util.Map;
  
  /**
   * This is the interface via which elements of Policy are resolved.
   * For example it is possible for the Policy file to use abstract URLs
   * such as "sar:/SAR-INF/lib/" which need to be mapped to a concrete
   * URL. It is also necessary for the target values of permissions
   * to be "resolved" using a pseuedo expression language.
   *
   * @author <a href="mailto:peter at apache.org">Peter Donald</a>
   * @version $Revision: 1.1 $ $Date: 2002/09/22 03:17:46 $
   */
  public interface PolicyResolver
  {
      /**
       * Resolve a location to a URL.
       *
       * @param location the location
       * @return the URL
       * @throws Exception if unable to resolve URL
       */
      URL resolveLocation( String location )
          throws Exception;
  
      /**
       * Expand a target string to correct value.
       *
       * @param target the target
       * @return the expanded value
       */
      String resolveTarget( String target );
  
      /**
       * Create a Policy object from a grant map.
       *
       * @param grants the grants map
       * @return the Policy object
       */
      Policy createPolicy( Map grants )
          throws Exception;
  }
  
  
  
  1.5       +2 -2      jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/reader/PolicyReader.java
  
  Index: PolicyReader.java
  ===================================================================
  RCS file: /home/cvs/jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/reader/PolicyReader.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- PolicyReader.java	22 Sep 2002 01:09:51 -0000	1.4
  +++ PolicyReader.java	22 Sep 2002 03:17:46 -0000	1.5
  @@ -31,7 +31,7 @@
        * @return the meta data
        * @throws Exception if malformed DOM
        */
  -    public PolicyMetaData build( final Element element )
  +    public PolicyMetaData readPolicy( final Element element )
           throws Exception
       {
           final String version = element.getAttribute( "version" );
  
  
  
  1.6       +11 -179   jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/runtime/AbstractPolicy.java
  
  Index: AbstractPolicy.java
  ===================================================================
  RCS file: /home/cvs/jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/runtime/AbstractPolicy.java,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- AbstractPolicy.java	15 Sep 2002 13:36:26 -0000	1.5
  +++ AbstractPolicy.java	22 Sep 2002 03:17:46 -0000	1.6
  @@ -8,21 +8,15 @@
   package org.apache.excalibur.policy.runtime;
   
   import java.io.File;
  -import java.io.InputStream;
  -import java.lang.reflect.Constructor;
   import java.net.MalformedURLException;
   import java.net.URL;
   import java.security.CodeSource;
  -import java.security.KeyStore;
   import java.security.Permission;
   import java.security.PermissionCollection;
   import java.security.Permissions;
   import java.security.Policy;
  -import java.security.UnresolvedPermission;
  -import java.security.cert.Certificate;
   import java.util.ArrayList;
   import java.util.Enumeration;
  -import java.util.PropertyPermission;
   
   /**
    * Abstract Policy class that makes it easy to add permission
  @@ -39,17 +33,12 @@
        * Overide so we can have a per-application security policy with
        * no side-effects to other applications.
        *
  -     * @param codeSource the codeSource to get permissions for
  +     * @param codeSource the CodeSource to get permissions for
        * @return the PermissionCollection
        */
  -    public PermissionCollection getPermissions( CodeSource codeSource )
  +    public PermissionCollection getPermissions( final CodeSource codeSource )
       {
  -        codeSource = normalize( codeSource );
  -
  -        if( isDebugEnabled() )
  -        {
  -            debug( "getPermissions(" + codeSource.getLocation() + ");" );
  -        }
  +        final CodeSource target = normalize( codeSource );
   
           final Permissions permissions = new Permissions();
           final int size = m_entries.size();
  @@ -57,7 +46,7 @@
           for( int i = 0; i < size; i++ )
           {
               final PolicyEntry entry = (PolicyEntry)m_entries.get( i );
  -            if( entry.getCodeSource().implies( codeSource ) )
  +            if( entry.getCodeSource().implies( target ) )
               {
                   copyPermissions( permissions, entry.getPermissions() );
               }
  @@ -74,54 +63,18 @@
       }
   
       /**
  -     * Create a keystore of specified type and loading from specified url.
  -     *
  -     * @param type the type of key store
  -     * @param url the location of key store data
  -     * @return the create and configured keystore
  -     * @throws Exception if unable to create or load keystore
  -     */
  -    protected final KeyStore createKeyStore( final String type,
  -                                             final URL url )
  -        throws Exception
  -    {
  -        final KeyStore keyStore = KeyStore.getInstance( type );
  -        final InputStream ins = url.openStream();
  -        keyStore.load( ins, null );
  -        return keyStore;
  -    }
  -
  -    /**
  -     * Create a permission set for a codeBase.
  +     * Create a set of permissions for a particular codesource.
        * These are read-write permissions and can be written till until the
        * time in which they are applied to code.
        *
  -     * @param location the location of codes to apply permission set to.
  -     * @param signers a comma seperated string of thos who signed codebase
  -     * @return the new permission set
  -     * @throws MalformedURLException if location string is malformed
  -     */
  -    protected Permissions createPermissionSetFor( final String location,
  -                                                  final Certificate[] signers )
  -        throws MalformedURLException
  -    {
  -        return createPermissionSetFor( new URL( location ), signers );
  -    }
  -
  -    /**
  -     * Create permission set for a codebase and a set of certificates
  +     * @param codeSource the code source
  +     * @return the permission set
        */
  -    protected Permissions createPermissionSetFor( final URL url,
  -                                                  final Certificate[] signers )
  +    protected Permissions createPermissionSetFor( final CodeSource codeSource )
       {
  -        if( isDebugEnabled() )
  -        {
  -            debug( "createPermissionSetFor(" + url + ");" );
  -        }
  -
  -        CodeSource codeSource = new CodeSource( url, signers );
  -        codeSource = normalize( codeSource );
  -        final PolicyEntry entry = new PolicyEntry( codeSource, new Permissions() );
  +        final CodeSource target = normalize( codeSource );
  +        final PolicyEntry entry =
  +            new PolicyEntry( target, new Permissions() );
           m_entries.add( entry );
           return entry.getPermissions();
       }
  @@ -198,127 +151,6 @@
                             final Throwable throwable )
       {
           System.err.println( message );
  -    }
  -
  -    /**
  -     * Print out a debug message.
  -     */
  -    protected void debug( final String message )
  -    {
  -        System.out.println( message );
  -    }
  -
  -    /**
  -     * Return true if we should print debug information.
  -     */
  -    protected boolean isDebugEnabled()
  -    {
  -        return false;
  -    }
  -
  -    /**
  -     * Create a permission of specified class and
  -     * with specified target, action and signers.
  -     *
  -     * @param type the classname of Permission object
  -     * @param target the target of permission
  -     * @param actions the actions allowed on permission (if any)
  -     * @param signers the signers (if any)
  -     * @return the created Permission object
  -     * @throws Exception if unable to create permission
  -     */
  -    protected final Permission createPermission( final String type,
  -                                                 final String target,
  -                                                 final String actions,
  -                                                 final Certificate[] signers )
  -        throws Exception
  -    {
  -        if( null != signers )
  -        {
  -            return new UnresolvedPermission( type, target, actions, signers );
  -        }
  -
  -        try
  -        {
  -            final Class clazz = Class.forName( type );
  -
  -            Class paramClasses[] = null;
  -            Object params[] = null;
  -
  -            if( null == actions && null == target )
  -            {
  -                paramClasses = new Class[ 0 ];
  -                params = new Object[ 0 ];
  -            }
  -            else if( null == actions )
  -            {
  -                paramClasses = new Class[ 1 ];
  -                paramClasses[ 0 ] = String.class;
  -                params = new Object[ 1 ];
  -                params[ 0 ] = target;
  -            }
  -            else
  -            {
  -                paramClasses = new Class[ 2 ];
  -                paramClasses[ 0 ] = String.class;
  -                paramClasses[ 1 ] = String.class;
  -                params = new Object[ 2 ];
  -                params[ 0 ] = target;
  -                params[ 1 ] = actions;
  -            }
  -
  -            final Constructor constructor = clazz.getConstructor( paramClasses );
  -            return (Permission)constructor.newInstance( params );
  -        }
  -        catch( final ClassNotFoundException cnfe )
  -        {
  -            return new UnresolvedPermission( type, target, actions, signers );
  -        }
  -    }
  -
  -    /**
  -     * Setup the default permissions in a form that is identical
  -     * to normal java.policy setup
  -     */
  -    protected final void setupDefaultPermissions()
  -    {
  -        //these properties straight out ot ${java.home}/lib/security/java.policy
  -
  -        //Create a URL that covers whole file system.
  -        final URL url;
  -        try
  -        {
  -            url = new URL( "file:/-" );
  -        }
  -        catch( final MalformedURLException mue )
  -        {
  -            //will never happen
  -            throw new IllegalStateException( mue.getMessage() );
  -        }
  -        final Permissions permissions = createPermissionSetFor( url, null );
  -
  -        permissions.add( new PropertyPermission( "os.name", "read" ) );
  -        permissions.add( new PropertyPermission( "os.arch", "read" ) );
  -        permissions.add( new PropertyPermission( "os.version", "read" ) );
  -        permissions.add( new PropertyPermission( "file.separator", "read" ) );
  -        permissions.add( new PropertyPermission( "path.separator", "read" ) );
  -        permissions.add( new PropertyPermission( "line.separator", "read" ) );
  -
  -        permissions.add( new PropertyPermission( "java.version", "read" ) );
  -        permissions.add( new PropertyPermission( "java.vendor", "read" ) );
  -        permissions.add( new PropertyPermission( "java.vendor.url", "read" ) );
  -
  -        permissions.add( new PropertyPermission( "java.class.version", "read" ) );
  -        permissions.add( new PropertyPermission( "java.vm.version", "read" ) );
  -        permissions.add( new PropertyPermission( "java.vm.vendor", "read" ) );
  -        permissions.add( new PropertyPermission( "java.vm.name", "read" ) );
  -
  -        permissions.add( new PropertyPermission( "java.specification.version", "read" )
);
  -        permissions.add( new PropertyPermission( "java.specification.vendor", "read" )
);
  -        permissions.add( new PropertyPermission( "java.specification.name", "read" ) );
  -        permissions.add( new PropertyPermission( "java.vm.specification.version", "read"
) );
  -        permissions.add( new PropertyPermission( "java.vm.specification.vendor", "read"
) );
  -        permissions.add( new PropertyPermission( "java.vm.specification.name", "read" )
);
       }
   
       /**
  
  
  
  1.1                  jakarta-avalon-excalibur/loader/src/java/org/apache/excalibur/policy/runtime/DefaultPolicy.java
  
  Index: DefaultPolicy.java
  ===================================================================
  /*
   * Copyright (C) The Apache Software Foundation. All rights reserved.
   *
   * This software is published under the terms of the Apache Software License
   * version 1.1, a copy of which has been included with this distribution in
   * the LICENSE.txt file.
   */
  package org.apache.excalibur.policy.runtime;
  
  import java.util.Map;
  import java.util.Iterator;
  import java.security.CodeSource;
  import java.security.Permission;
  import java.security.Permissions;
  
  /**
   * A policy implementation that accepts policys details from a map.
   * The map is between a codebase and a array of permissions.
   * Note that it was a deliberate decision to limit the time at which you can
   * specify policy data for security reasons.
   *
   * @author <a href="mailto:peter at apache.org">Peter Donald</a>
   */
  public class DefaultPolicy
      extends AbstractPolicy
  {
      /**
       * Create a Policy that applies specified grants.
       * Each entry in map maps a codeSOurce to an array
       * of Permissions.
       *
       * @param grants the grant map
       * @throws Exception if unable to construct Policy
       */
      public DefaultPolicy( final Map grants )
          throws Exception
      {
          processGrants( grants );
      }
  
      /**
       * Process map of grants and configure Policy appropriately.
       *
       * @param grants the grants map
       * @throws Exception if unable to perform configuration
       */
      protected final void processGrants( final Map grants )
          throws Exception
      {
          final Iterator iterator = grants.keySet().iterator();
          while( iterator.hasNext() )
          {
              final CodeSource codeSource = (CodeSource) iterator.next();
              final Permission[] permissions = (Permission[]) grants.get( codeSource );
              final Permissions permissionSet = createPermissionSetFor( codeSource );
  
              for( int i = 0; i < permissions.length; i++ )
              {
                  final Permission permission = permissions[ i ];
                  permissionSet.add( permission );
              }
          }
      }
  }
  
  
  
  1.2       +2 -2      jakarta-avalon-excalibur/loader/src/test/org/apache/excalibur/policy/test/AbstractPolicyTestCase.java
  
  Index: AbstractPolicyTestCase.java
  ===================================================================
  RCS file: /home/cvs/jakarta-avalon-excalibur/loader/src/test/org/apache/excalibur/policy/test/AbstractPolicyTestCase.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- AbstractPolicyTestCase.java	20 Sep 2002 10:01:47 -0000	1.1
  +++ AbstractPolicyTestCase.java	22 Sep 2002 03:17:46 -0000	1.2
  @@ -31,7 +31,7 @@
           {
               final PolicyReader builder = new PolicyReader();
               final Document config = load( stream );
  -            return builder.build( config.getDocumentElement() );
  +            return builder.readPolicy( config.getDocumentElement() );
           }
           catch( final Exception e )
           {
  
  
  

--
To unsubscribe, e-mail:   <mailto:avalon-cvs-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-cvs-help@jakarta.apache.org>


Mime
View raw message