aboutsummaryrefslogtreecommitdiff
path: root/libjava/classpath/java/security/Policy.java
diff options
context:
space:
mode:
Diffstat (limited to 'libjava/classpath/java/security/Policy.java')
-rw-r--r--libjava/classpath/java/security/Policy.java297
1 files changed, 0 insertions, 297 deletions
diff --git a/libjava/classpath/java/security/Policy.java b/libjava/classpath/java/security/Policy.java
deleted file mode 100644
index 118626e..0000000
--- a/libjava/classpath/java/security/Policy.java
+++ /dev/null
@@ -1,297 +0,0 @@
-/* Policy.java --- Policy Manager Class
- Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
-
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING. If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library. Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module. An independent module is a module which is not derived from
-or based on this library. If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so. If you do not wish to do so, delete this
-exception statement from your version. */
-
-package java.security;
-
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-/**
- * <code>Policy</code> is an abstract class for managing the system security
- * policy for the Java application environment. It specifies which permissions
- * are available for code from various sources. The security policy is
- * represented through a subclass of <code>Policy</code>.
- *
- * <p>Only one <code>Policy</code> is in effect at any time. A
- * {@link ProtectionDomain} initializes itself with information from this class
- * on the set of permssions to grant.</p>
- *
- * <p>The location for the actual <code>Policy</code> could be anywhere in any
- * form because it depends on the Policy implementation. The default system is
- * in a flat ASCII file or it could be in a database.</p>
- *
- * <p>The current installed <code>Policy</code> can be accessed with
- * {@link #getPolicy()} and changed with {@link #setPolicy(Policy)} if the code
- * has the correct permissions.</p>
- *
- * <p>The {@link #refresh()} method causes the <code>Policy</code> instance to
- * refresh/reload its configuration. The method used to refresh depends on the
- * <code>Policy</code> implementation.</p>
- *
- * <p>When a protection domain initializes its permissions, it uses code like
- * the following:</p>
- *
- * <code>
- * policy = Policy.getPolicy();
- * PermissionCollection perms = policy.getPermissions(myCodeSource);
- * </code>
- *
- * <p>The protection domain passes the <code>Policy</code> handler a
- * {@link CodeSource} instance which contains the codebase URL and a public key.
- * The <code>Policy</code> implementation then returns the proper set of
- * permissions for that {@link CodeSource}.</p>
- *
- * <p>The default <code>Policy</code> implementation can be changed by setting
- * the "policy.provider" security provider in the "java.security" file to the
- * correct <code>Policy</code> implementation class.</p>
- *
- * @author Mark Benvenuto
- * @see CodeSource
- * @see PermissionCollection
- * @see SecureClassLoader
- * @since 1.2
- */
-public abstract class Policy
-{
- private static Policy currentPolicy;
-
- /** Map of ProtectionDomains to PermissionCollections for this instance. */
- private Map pd2pc = null;
-
- /** Constructs a new <code>Policy</code> object. */
- public Policy()
- {
- }
-
- /**
- * Returns the currently installed <code>Policy</code> handler. The value
- * should not be cached as it can be changed any time by
- * {@link #setPolicy(Policy)}.
- *
- * @return the current <code>Policy</code>.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed which disallows this
- * operation.
- */
- public static Policy getPolicy()
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(new SecurityPermission("getPolicy"));
-
- return getCurrentPolicy();
- }
-
- /**
- * Sets the <code>Policy</code> handler to a new value.
- *
- * @param policy
- * the new <code>Policy</code> to use.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed which disallows this
- * operation.
- */
- public static void setPolicy(Policy policy)
- {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null)
- sm.checkPermission(new SecurityPermission("setPolicy"));
-
- setup(policy);
- currentPolicy = policy;
- }
-
- private static void setup(final Policy policy)
- {
- if (policy.pd2pc == null)
- policy.pd2pc = Collections.synchronizedMap(new LinkedHashMap());
-
- ProtectionDomain pd = policy.getClass().getProtectionDomain();
- if (pd.getCodeSource() != null)
- {
- PermissionCollection pc = null;
- if (currentPolicy != null)
- pc = currentPolicy.getPermissions(pd);
-
- if (pc == null) // assume it has all
- {
- pc = new Permissions();
- pc.add(new AllPermission());
- }
-
- policy.pd2pc.put(pd, pc); // add the mapping pd -> pc
- }
- }
-
- /**
- * Ensures/forces loading of the configured policy provider, while bypassing
- * the {@link SecurityManager} checks for <code>"getPolicy"</code> security
- * permission. Needed by {@link ProtectionDomain}.
- */
- static Policy getCurrentPolicy()
- {
- // FIXME: The class name of the Policy provider should really be sourced
- // from the "java.security" configuration file. For now, just hard-code
- // a stub implementation.
- if (currentPolicy == null)
- {
- String pp = System.getProperty ("policy.provider");
- if (pp != null)
- try
- {
- currentPolicy = (Policy) Class.forName(pp).newInstance();
- }
- catch (Exception e)
- {
- // Ignored.
- }
-
- if (currentPolicy == null)
- currentPolicy = new gnu.java.security.provider.DefaultPolicy();
- }
- return currentPolicy;
- }
-
- /**
- * Tests if <code>currentPolicy</code> is not <code>null</code>,
- * thus allowing clients to not force loading of any policy
- * provider; needed by {@link ProtectionDomain}.
- */
- static boolean isLoaded()
- {
- return currentPolicy != null;
- }
-
- /**
- * Returns the set of Permissions allowed for a given {@link CodeSource}.
- *
- * @param codesource
- * the {@link CodeSource} for which, the caller needs to find the
- * set of granted permissions.
- * @return a set of permissions for {@link CodeSource} specified by the
- * current <code>Policy</code>.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed which disallows this
- * operation.
- */
- public abstract PermissionCollection getPermissions(CodeSource codesource);
-
- /**
- * Returns the set of Permissions allowed for a given {@link ProtectionDomain}.
- *
- * @param domain
- * the {@link ProtectionDomain} for which, the caller needs to find
- * the set of granted permissions.
- * @return a set of permissions for {@link ProtectionDomain} specified by the
- * current <code>Policy.</code>.
- * @since 1.4
- * @see ProtectionDomain
- * @see SecureClassLoader
- */
- public PermissionCollection getPermissions(ProtectionDomain domain)
- {
- if (domain == null)
- return new Permissions();
-
- if (pd2pc == null)
- setup(this);
-
- PermissionCollection result = (PermissionCollection) pd2pc.get(domain);
- if (result != null)
- {
- Permissions realResult = new Permissions();
- for (Enumeration e = result.elements(); e.hasMoreElements(); )
- realResult.add((Permission) e.nextElement());
-
- return realResult;
- }
-
- result = getPermissions(domain.getCodeSource());
- if (result == null)
- result = new Permissions();
-
- PermissionCollection pc = domain.getPermissions();
- if (pc != null)
- for (Enumeration e = pc.elements(); e.hasMoreElements(); )
- result.add((Permission) e.nextElement());
-
- return result;
- }
-
- /**
- * Checks if the designated {@link Permission} is granted to a designated
- * {@link ProtectionDomain}.
- *
- * @param domain
- * the {@link ProtectionDomain} to test.
- * @param permission
- * the {@link Permission} to check.
- * @return <code>true</code> if <code>permission</code> is implied by a
- * permission granted to this {@link ProtectionDomain}. Returns
- * <code>false</code> otherwise.
- * @since 1.4
- * @see ProtectionDomain
- */
- public boolean implies(ProtectionDomain domain, Permission permission)
- {
- if (pd2pc == null)
- setup(this);
-
- PermissionCollection pc = (PermissionCollection) pd2pc.get(domain);
- if (pc != null)
- return pc.implies(permission);
-
- boolean result = false;
- pc = getPermissions(domain);
- if (pc != null)
- {
- result = pc.implies(permission);
- pd2pc.put(domain, pc);
- }
-
- return result;
- }
-
- /**
- * Causes this <code>Policy</code> instance to refresh / reload its
- * configuration. The method used to refresh depends on the concrete
- * implementation.
- */
- public abstract void refresh();
-}
generated by cgit v1.1 at 2026-01-06 20:03:41 +0000