J2EESecurityManager


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise;
24  
25  import java.net.SocketPermission  ;
26  import java.util.PropertyPermission  ;
27  import com.sun.enterprise.security.CachedPermissionImpl;
28  import com.sun.enterprise.security.PermissionCache;
29  import com.sun.enterprise.security.PermissionCacheFactory;
30  
31  import java.util.*;
32  // IASRI 4660742 START
33  import java.util.logging.*;
34  import com.sun.logging.*;
35  // IASRI 4660742 END
36  
37  /**
38   * Java 2 security manager that enforces code security.
39   * @author Harish Prabandham
40   */
41  public class J2EESecurityManager extends java.rmi.RMISecurityManager   {
42  
43  // IASRI 4660742 START
44      private static Logger _logger=null;
45      static{
46         _logger=LogDomains.getLogger(LogDomains.ROOT_LOGGER);
47          }
48  // IASRI 4660742 END
49  
50      private CachedPermissionImpl connectPerm;
51  
52      private PermissionCache cache;
53  
54      private boolean cacheEnabled = false;
55  
56      public J2EESecurityManager() {
57      }
58  
59  /*
60     public void checkAccess(ThreadGroup t) {
61     Class[] clss = getClassContext();
62     for(int i=1; i < clss.length; ++i) {
63  // IASRI 4660742   System.out.println(clss[i] + " : " + clss[i].getProtectionDomain());
64  // START OF IASRI 4660742
65              _logger.log(Level.FINE,clss[i] + " : " + clss[i].getProtectionDomain());
66  // END OF IASRI 4660742
67     }
68     
69     System.out.flush();
70     
71     // JDK 1.1. implementation...
72     Class[] clss = getClassContext();
73     for(int i=1; i < clss.length; ++i) {
74     checkIfInContainer(clss[i]);
75     }
76     }
77     
78     // JDK 1.1. implementation...
79      private void checkIfInContainer(Class clazz) {
80      Class[] parents = clazz.getDeclaredClasses();
81      for(int i=0; i < parents.length; ++i) {
82          if(parents[i] == com.sun.ejb.Container.class) 
83          throw new SecurityException("Got it....");
84      }
85      }
86  */
87  
88     public void checkAccess(ThreadGroup   t) {
89         super.checkAccess(t);
90         checkPermission(new java.lang.RuntimePermission  ("modifyThreadGroup"));
91     }
92      
93      public void checkPackageAccess(final String   pkgname) {
94      // Remove this once 1.2.2 SecurityManager/ClassLoader bug is fixed.
95      if(!pkgname.startsWith("sun."))
96          super.checkPackageAccess(pkgname);
97      }
98  
99      public void checkExit(int status) {
100         // Verify exit permission
101         super.checkExit(status);
102     }
103 
104     public void checkConnect(String   host, int port) {
105     if (checkConnectPermission()) {
106         return;
107     }
108     super.checkConnect(host, port);
109     }
110 
111     public void checkConnect(String   host, int port, Object   context) {
112     if (checkConnectPermission()) {
113         return;
114     }
115     super.checkConnect(host, port, context);
116     }
117 
118     public void checkPropertyAccess(String   key) {
119     if (checkProperty(key)) {
120         return;
121     } 
122     super.checkPropertyAccess(key);
123     }
124 
125     private boolean checkConnectPermission() {
126     if (cacheEnabled()) {
127         return connectPerm.checkPermission();
128     } 
129     return false;
130     }
131 
132     private boolean checkProperty(String   key) {
133     if (cacheEnabled()) {
134         return cache.checkPermission(new PropertyPermission  (key, "read"));
135     } 
136     return false;
137     }
138 
139     public synchronized boolean cacheEnabled() {
140     return cacheEnabled;
141     }
142 
143     public synchronized void enablePermissionCache(PermissionCache c) {
144     if (c != null) {
145         cache = c;
146         connectPerm = new CachedPermissionImpl
147         (cache, new SocketPermission  ("*","connect"));
148         cacheEnabled = true;
149     }
150     }
151    
152 }
153 
154 
155 
156 
157 
158
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags