KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > core > authorization > policy > AccessControlContextUtils


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name$
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.core.authorization.policy;
29
30 import java.net.URL JavaDoc;
31 import java.security.AccessControlContext JavaDoc;
32 import java.security.CodeSource JavaDoc;
33 import java.security.DomainCombiner JavaDoc;
34 import java.security.Principal JavaDoc;
35 import java.security.ProtectionDomain JavaDoc;
36 import java.security.cert.Certificate JavaDoc;
37 import java.util.ArrayList JavaDoc;
38 import java.util.Collection JavaDoc;
39 import java.util.Iterator JavaDoc;
40
41 import javax.security.auth.Subject JavaDoc;
42
43 import net.sf.jguard.core.authorization.domaincombiners.RestrictDomainCombiner;
44 import net.sf.jguard.core.authorization.domaincombiners.StackSubjectDomainCombiner;
45 import net.sf.jguard.core.principals.RolePrincipal;
46
47 /**
48  *
49  * utility class for authorization work related to {@link AccessControlContext} and {@link ProtectionDomain}.
50  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
51  * @author <a HREF="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
52  * @see java.security.AccessControlContext
53  * @see java.security.ProtectionDomain
54  */
55 public class AccessControlContextUtils {
56
57     /**
58       * return the convenient {@link AccessControlContext} corresponding to the principal.
59       * @param principal RolePrincipal used to restrict execution code rights
60       * @return object embedding used to restrict permissions
61       */
62       public static AccessControlContext JavaDoc getRestrictedAccessControlContext(Principal JavaDoc principal){
63           ProtectionDomain JavaDoc pd = ProtectionDomainUtils.getEmptyProtectionDomain(principal);
64           DomainCombiner JavaDoc restrictDomainCombiner = new RestrictDomainCombiner();
65           AccessControlContext JavaDoc acc = new AccessControlContext JavaDoc(new ProtectionDomain JavaDoc[]{pd});
66           AccessControlContext JavaDoc acc2 = new AccessControlContext JavaDoc(acc,restrictDomainCombiner);
67           return acc2;
68       }
69
70     /**
71        * gets an <code>AccessControlContext</code> containing a single <code>ProtectionDomain</code>
72        * with an <code>null</code> <code>CodeSource</code>, an empty array of <code>Certificates</code>,
73        * the current <code>Thread</code> <code>ClassLoader</code>, and the subject principals.
74        * @param subject
75        * @return the generated AccessControlContext
76        */
77       public static AccessControlContext JavaDoc getSubjectOnlyAccessControlContext(Subject JavaDoc subject){
78           ProtectionDomain JavaDoc pd = new ProtectionDomain JavaDoc(new CodeSource JavaDoc((URL JavaDoc)null,(Certificate JavaDoc[])null),null,Thread.currentThread().getContextClassLoader(),(Principal JavaDoc[])subject.getPrincipals().toArray(new Principal JavaDoc[subject.getPrincipals().size()]));
79           ProtectionDomain JavaDoc[] pds = new ProtectionDomain JavaDoc[1];
80           pds[0] = pd;
81           AccessControlContext JavaDoc acc = new AccessControlContext JavaDoc(pds);
82           return acc;
83       }
84
85     public static AccessControlContext JavaDoc getStackSubjectAccessControlContext(Subject JavaDoc subject){
86           ProtectionDomain JavaDoc[] arrayPd = new ProtectionDomain JavaDoc[0];
87           AccessControlContext JavaDoc acc = new AccessControlContext JavaDoc(arrayPd);
88           DomainCombiner JavaDoc dc = new StackSubjectDomainCombiner(subject);
89           AccessControlContext JavaDoc acc2 = new AccessControlContext JavaDoc(acc,dc);
90           return acc2;
91       }
92
93     /**
94        * return the convenient {@link AccessControlContext} corresponding to the principal.
95        * @param principals RolePrincipal used to restrict execution code rights
96        * @return object used to restrict permissions
97        */
98       public static AccessControlContext JavaDoc getAccessControlContext(Collection JavaDoc principals){
99           Iterator JavaDoc itPrincipals = principals.iterator();
100           Collection JavaDoc protectionDomains = new ArrayList JavaDoc();
101           while(itPrincipals.hasNext()){
102               RolePrincipal principal = (RolePrincipal)itPrincipals.next();
103               protectionDomains.add(ProtectionDomainUtils.getEmptyProtectionDomain(principal));
104           }
105           AccessControlContext JavaDoc acc = new AccessControlContext JavaDoc((ProtectionDomain JavaDoc[]) protectionDomains.toArray(new ProtectionDomain JavaDoc[protectionDomains.size()]));
106           return acc;
107       }
108
109 }
110
Popular Tags