AccessControllerUtils


1   /*
2   jGuard is a security framework based on top of jaas (java authentication and authorization security).
3   it is written for web applications, to resolve simply, access control problems.
4   version $Name$
5   http://sourceforge.net/projects/jguard/
6   
7   Copyright (C) 2004  Charles GAY
8   
9   This library is free software; you can redistribute it and/or
10  modify it under the terms of the GNU Lesser General Public
11  License as published by the Free Software Foundation; either
12  version 2.1 of the License, or (at your option) any later version.
13  
14  This library is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  Lesser General Public License for more details.
18  
19  You should have received a copy of the GNU Lesser General Public
20  License along with this library; if not, write to the Free Software
21  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
22  
23  
24  jGuard project home page:
25  http://sourceforge.net/projects/jguard/
26  
27  */
28  package net.sf.jguard.core.authorization.policy;
29  
30  import java.security.AccessControlException  ;
31  import java.security.AccessController  ;
32  import java.security.Permission  ;
33  import java.security.Policy  ;
34  import java.security.PrivilegedActionException  ;
35  import java.security.PrivilegedExceptionAction  ;
36  import java.util.logging.Level  ;
37  import java.util.logging.Logger  ;
38  
39  import javax.security.auth.Subject  ;
40  
41  
42  
43  /**
44   * 
45   * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
46   * @author <a HREF="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
47   * @see java.security.AccessControlContext
48   * @see java.security.ProtectionDomain
49   */
50  public class AccessControllerUtils {
51      private static final Logger   logger = Logger.getLogger(AccessControllerUtils.class.getName());
52      private LocalAccessController accessController = null;
53      
54      public AccessControllerUtils(){
55          
56      }
57      
58      public AccessControllerUtils(Policy   policy){
59          if(policy == null){
60              throw new IllegalArgumentException  (" policy is null ");
61          }
62          if(accessController == null){
63              accessController = new LocalAccessController(policy) ;
64          }
65      }
66      
67      /**
68       * traps any {@link SecurityException} raised when acces is denied
69       * and returns <strong>false</strong>.
70       * if no SecurityException is raised, return <strong>true</strong>.
71       * @param subj
72       * @param p
73       * @return <code>true</code> if subject implies the permission p, <code>false</code> otherwise
74       * @throws PrivilegedActionException 
75       */
76      public void checkPermission(Subject   subj, final Permission   p) throws AccessControlException  ,PrivilegedActionException   {
77  
78            try {
79                Subject.doAsPrivileged(subj, new PrivilegedExceptionAction  () {
80                    public Object   run() {
81                        if(accessController == null){
82                        AccessController.checkPermission(p);
83                        }else{
84                            accessController.checkPermission(p);
85                        }
86                        // the 'null' tells the SecurityManager to consider this resource access
87                        //in an isolated context, ignoring the permissions of code currently
88                        //on the execution stack.
89                        return null;
90                    }
91                    },null);
92                
93            } catch (AccessControlException   ace) {
94                if(logger.isLoggable(Level.FINEST)){
95                    logger.log(Level.FINEST,"AccessControlException ",ace);
96                }
97                throw ace;
98            } 
99        }
100 
101     /**
102      * {@link LocalAccessController} returned can be <strong>null</strong> in <i>JVM</i> mode.
103      * @return
104      */
105     public LocalAccessController getAccessController() {
106         return accessController;
107     }
108     
109 }
110
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags