PolicyLoader


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise.security;
24  
25  import java.util.logging.*;
26  
27  import com.sun.logging.LogDomains;
28  import com.sun.enterprise.server.ApplicationServer;
29  import com.sun.enterprise.config.serverbeans.SecurityService;
30  import com.sun.enterprise.config.serverbeans.ServerBeansFactory;
31  import com.sun.enterprise.config.serverbeans.JaccProvider;
32  import com.sun.enterprise.config.serverbeans.ElementProperty;
33  import com.sun.enterprise.config.ConfigContext;
34  import com.sun.enterprise.util.i18n.StringManager;
35  
36  /**
37   * Loads the Default Policy File into the system.
38   *
39   * @author Harpreet Singh
40   * @author Jyri J. Virkki
41   *
42   */
43  public class PolicyLoader{
44  
45      private static Logger _logger = null;
46      static {
47          _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
48      }
49      private static StringManager sm =
50          StringManager.getManager("com.sun.enterprise.security");
51  
52      private static final String   POLICY_PROVIDER_14 = 
53          "javax.security.jacc.policy.provider";
54      private static final String   POLICY_PROVIDER_13 = 
55          "javax.security.jacc.auth.policy.provider";
56      private static final String   POLICY_CONF_FACTORY = 
57          "javax.security.jacc.PolicyConfigurationFactory.provider";
58      private static final String   POLICY_PROP_PREFIX =
59          "com.sun.enterprise.jaccprovider.property.";
60      private static boolean isPolicyInstalled = false;
61  
62      private static PolicyLoader _policyLoader = null;
63      
64      private PolicyLoader(){
65      }
66      /** 
67       *  gets the PolicyLoader instance
68       */
69      public static PolicyLoader getInstance(){
70          if(_policyLoader == null){
71              _policyLoader = new PolicyLoader();
72          }
73          return _policyLoader;
74      }
75      /**
76       * Attempts to install the policy-provider. The policy-provider
77       * element in domain.xml is consulted for the class to use. Note
78       * that if the javax.security.jacc.policy.provider system property
79       * is set it will override the domain.xml configuration. This will
80       * normally not be the case in S1AS.
81       *
82       * <P>The J2EE 1.3 property javax.security.jacc.auth.policy.provider is
83       * checked as a last resort. It should not be set in J2EE 1.4.
84       *
85       */
86      public void loadPolicy() {
87  
88          if (isPolicyInstalled) {
89              _logger.log(Level.FINE,
90                          "Policy already installed. Will not re-install.");
91              return;
92          }
93  
94          // get config object
95          JaccProvider jacc = getConfiguredJaccProvider();
96  
97          // set config properties (see method comments)
98          setPolicyConfigurationFactory(jacc);
99          
100         boolean j2ee13 = false;
101         
102 
103         // check if system property is set
104         String   javaPolicy = System.getProperty(POLICY_PROVIDER_14);
105 
106         if (javaPolicy !=null) {
107             // inform user domain.xml is being ignored
108             _logger.log(Level.INFO, "policy.propoverride",
109                         new String  [] { POLICY_PROVIDER_14, javaPolicy } );
110         } else {
111             // otherwise obtain JACC policy-provider from domain.xml
112             if (jacc != null) {
113                 javaPolicy = jacc.getPolicyProvider();
114             }
115         }
116         
117         if (javaPolicy == null) {
118             javaPolicy = System.getProperty(POLICY_PROVIDER_13);
119             if (javaPolicy != null) {
120                 // warn user j2ee13 property is being used
121                 j2ee13 = true;
122                 _logger.log(Level.WARNING, "policy.propoverride",
123                             new String  [] { POLICY_PROVIDER_13, javaPolicy} );
124             }
125         }
126 
127         // now install the policy provider if one was identified
128         if (javaPolicy != null) {
129 
130             try {
131                 _logger.log(Level.INFO, "policy.loading", javaPolicy);
132                 
133                 Object   obj = Class.forName(javaPolicy).newInstance();
134 
135                 if (j2ee13) {
136                     // Use JDK 1.3 classes if j2ee13 property being used
137                     if (!(obj instanceof javax.security.auth.Policy  )) {
138                         String   msg = 
139                             sm.getString("enterprise.security.plcyload.not13");
140                         throw new RuntimeException  (msg);
141                     }
142                     javax.security.auth.Policy   policy =
143                         (javax.security.auth.Policy  )obj;
144                     javax.security.auth.Policy.setPolicy(policy);
145                     policy.refresh();
146                     
147                 } else {
148                     // Otherwise use JDK 1.4 classes.
149                     if (!(obj instanceof java.security.Policy  )) {
150                         String   msg = 
151                             sm.getString("enterprise.security.plcyload.not14");
152                         throw new RuntimeException  (msg);
153                     }
154                     java.security.Policy   policy = (java.security.Policy  )obj;
155                     java.security.Policy.setPolicy(policy);
156                     policy.refresh();
157                 }
158 
159             } catch (Exception   e) {
160                 _logger.log(Level.SEVERE, "policy.installerror",
161                             e.getMessage());
162                 throw new RuntimeException  (e);
163             }
164 
165             // Success.
166             _logger.fine("Policy set to: " + javaPolicy);
167             isPolicyInstalled = true;
168             
169         } else {
170             // no value for policy provider found
171             _logger.warning("policy.notloading");
172         }
173     }
174 
175 
176     /**
177      * Returns a JaccProvider object representing the jacc element from
178      * domain.xml which is configured in security-service.
179      *
180      * @return The config object or null on errors.
181      *
182      */
183     private JaccProvider getConfiguredJaccProvider() {
184 
185         JaccProvider jacc = null;
186 
187         try {
188             ConfigContext configContext =
189                 ApplicationServer.getServerContext().getConfigContext();
190             assert(configContext != null);
191             SecurityService securityBean =
192                 ServerBeansFactory.getSecurityServiceBean(configContext);
193             assert(securityBean != null);
194             
195             String   name = securityBean.getJacc();
196             jacc = securityBean.getJaccProviderByName(name);
197 
198             if (jacc == null) {
199                 _logger.log(Level.WARNING, "policy.nosuchname", name);
200             }
201                     
202         } catch (Exception   e) {
203             _logger.warning("policy.errorreading");
204             jacc =  null;
205         }            
206 
207         return jacc;
208     }
209 
210     
211     /**
212      * Set internal properties based on domain.xml configuration.
213      *
214      * <P>The POLICY_CONF_FACTORY property is consumed by the jacc-api
215      * as documented in JACC specification. It's value is set here to the
216      * value given in domain.xml <i>unless</i> it is already set in which
217      * case the value is not modified.
218      *
219      * <P>Then and properties associated with this jacc provider from
220      * domain.xml are set as internal properties prefixed with
221      * POLICY_PROP_PREFIX. This is currently a workaround for bug 4846938.
222      * A cleaner interface should be adopted.
223      *
224      */
225     private void setPolicyConfigurationFactory(JaccProvider jacc) {
226 
227         if (jacc == null) {
228             return;
229         }
230         
231         // Handle JACC-specified property for factory
232         String   prop = System.getProperty(POLICY_CONF_FACTORY);
233         if (prop != null) {
234             // warn user of override
235             _logger.log(Level.WARNING, "policy.factoryoverride",
236                         new String  [] { POLICY_CONF_FACTORY, prop } );
237             
238         } else {
239             // use domain.xml value by setting the property to it
240             String   factory = jacc.getPolicyConfigurationFactoryProvider();
241             if (factory == null) {
242                 _logger.log(Level.WARNING, "policy.nofactory");
243             } else {
244                 System.setProperty(POLICY_CONF_FACTORY, factory);
245             }
246         }
247 
248         // Next, make properties of this jacc provider available to provider
249 
250         int propCount = jacc.sizeElementProperty();
251         for (int i=0; i<propCount; i++) {
252 
253             ElementProperty p = jacc.getElementProperty(i);
254             String   name = POLICY_PROP_PREFIX + p.getName();
255             String   value = p.getValue();
256             _logger.finest("PolicyLoader set ["+name+"] to ["+value+"]");
257             System.setProperty(name, value);
258         }
259 
260     }
261 }
262
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags