1 28 package net.sf.jguard.core.authorization.policy; 29 30 import java.lang.ref.WeakReference ; 31 import java.security.Permission ; 32 import java.security.PermissionCollection ; 33 import java.security.Policy ; 34 import java.security.Principal ; 35 import java.security.ProtectionDomain ; 36 import java.util.Arrays ; 37 import java.util.Enumeration ; 38 import java.util.HashSet ; 39 import java.util.Iterator ; 40 import java.util.Map ; 41 import java.util.Set ; 42 import java.util.WeakHashMap ; 43 import java.util.logging.Level ; 44 import java.util.logging.Logger ; 45 46 import net.sf.jguard.core.authorization.manager.PermissionProvider; 47 import net.sf.jguard.core.authorization.permissions.PermissionUtils; 48 import net.sf.jguard.core.principals.JMXPrincipal; 49 50 51 61 public abstract class AbstractMultipleAppPolicy extends JGuardPolicy { 62 63 private static Map permissionProviderRepository; 64 private static Logger logger = Logger.getLogger(AbstractMultipleAppPolicy.class.getName()); 65 66 70 public AbstractMultipleAppPolicy(){ 71 72 logger.log(Level.INFO,"####### loading jGuardPolicy "+JGuardPolicy.version+" ###########"); 73 74 permissionProviderRepository = new WeakHashMap (); 75 76 loadDefaultPolicy(); 77 } 78 79 83 public AbstractMultipleAppPolicy(Policy oldPolicy){ 84 85 logger.log(Level.INFO,"####### loading AbstractMultipleAppPolicy "+JGuardPolicy.version+" ###########"); 86 87 permissionProviderRepository = new WeakHashMap (); 88 defaultPolicy = oldPolicy; 89 } 90 91 92 93 101 public void refresh() { 102 Set keys = permissionProviderRepository.keySet(); 103 Iterator itKeys = keys.iterator(); 104 while(itKeys.hasNext()){ 105 Object objectID = itKeys.next(); 106 refresh(objectID); 107 } 108 109 } 110 111 118 public void refresh(Object objectID) { 119 PermissionProvider pm = getContextPermissionProvider(objectID); 122 123 if (pm != null) { 124 pm.refresh(); 126 } 127 } 128 129 130 141 public PermissionCollection getPermissions(ProtectionDomain protectionDomain) { 142 PermissionCollection pc = null; 143 144 ClassLoader cl = protectionDomain.getClassLoader(); 146 PermissionProvider pm = getContextPermissionProvider(cl); 148 149 if(System.getSecurityManager()!=null){ 150 pc = defaultPolicy.getPermissions(protectionDomain); 151 } 152 153 if(pm!=null){ 155 PermissionCollection pc2= pm.getPermissionCollection(new HashSet (Arrays.asList(protectionDomain.getPrincipals())),protectionDomain); 158 159 if(System.getSecurityManager()!=null){ 161 Enumeration enumeration = pc2.elements(); 162 while(enumeration.hasMoreElements()){ 163 pc.add((Permission )enumeration.nextElement()); 164 } 165 }else{ 166 pc = pc2; 169 } 170 } 171 172 return pc; 173 } 174 175 176 177 184 public void registerPermissionProvider(Object objectID, PermissionProvider pm) { 185 186 if (getContextPermissionProvider(objectID) == null) { 187 setContextPermissionProvider(objectID, pm); 189 }else{ 190 logger.log(Level.SEVERE,"registerPermissionProvider() - two webapps have got the same classLoader ....application will stop"); 191 192 throw new RuntimeException ( 194 " an exception occurs in the registerPermissionProvider method of the JGuardPolicy \n webApplication stops "); 195 } 196 } 197 198 205 public void unregisterPermissionProvider(Object objectID) { 206 207 if (permissionProviderRepository.containsKey(objectID)) { 208 209 permissionProviderRepository.remove(objectID); 211 } 212 } 213 214 223 public PermissionProvider getContextPermissionProvider(Object objectID) { 224 225 WeakReference ref = (WeakReference ) permissionProviderRepository.get(objectID); 227 228 if (ref == null) { 229 return null; 230 } 231 232 PermissionProvider pm = (PermissionProvider) ref.get(); 234 235 if (pm == null) { 236 237 return null; 238 } 239 240 return pm; 241 } 242 243 251 private void setContextPermissionProvider(Object objectID, PermissionProvider pm) { 252 253 permissionProviderRepository.put(objectID, new WeakReference (pm)); 255 } 256 257 258 264 public boolean implies(ProtectionDomain domain, Permission permission) { 265 266 if(domain.getClassLoader() == null){ 267 278 Principal [] principals = domain.getPrincipals(); 279 boolean jmxHandled = false; 280 int i = 0; 281 ProtectionDomain newDomain = null; 282 283 while (i < principals.length && !jmxHandled){ 284 if (principals[i] instanceof JMXPrincipal){ 285 newDomain = new ProtectionDomain (domain.getCodeSource(), 286 domain.getPermissions(), 287 (ClassLoader )((JMXPrincipal)principals[i]).getObjectID(), 288 domain.getPrincipals()); 289 jmxHandled = true; 290 } 291 i++; 292 } 293 294 if (newDomain != null){ 295 return super.implies(newDomain, permission); 302 } 303 } 304 return super.implies(domain, permission); 305 } 306 307 } 308 | Popular Tags |