KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > core > authorization > policy > PolicyHelper


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name$
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.core.authorization.policy;
29
30 import java.io.File JavaDoc;
31 import java.security.Policy JavaDoc;
32 import java.util.Enumeration JavaDoc;
33 import java.util.Properties JavaDoc;
34 import java.util.logging.Level JavaDoc;
35 import java.util.logging.Logger JavaDoc;
36
37 /**
38  * utility class to deal with the {@link java.security.Policy} class.
39  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
40  */
41 public class PolicyHelper {
42
43     //well-known java policies
44 public static final String JavaDoc GNU_JAVA_SECURITY_POLICY_FILE = "gnu.java.security.PolicyFile";
45     private static final String JavaDoc COM_SUN_SECURITY_AUTH_POLICY_FILE = "com.sun.security.auth.PolicyFile";
46     public static final String JavaDoc SUN_SECURITY_PROVIDER_POLICY_FILE = "sun.security.provider.PolicyFile";
47
48     private static Logger JavaDoc logger = Logger.getLogger(PolicyHelper.class.getName());
49
50     /**
51      * install the jGuardPolicy if the default policy of the platform is not
52      * a jGuardPolicy instance.
53      */
54     public static void installPolicyOnJVM() {
55
56              Policy JavaDoc runtimePolicy = Policy.getPolicy();
57
58              //the jGuard Policy is not set as the policy provider
59 if(!(runtimePolicy.getClass().getName().equals(MultipleAppPolicy.class.getName()))){
60
61                 logger.log(Level.INFO,"init() - JGuardPolicy is not set as the policy provider . the actual policy provider is '"+ runtimePolicy.getClass().getName()+"' which is different of '"+MultipleAppPolicy.class.getName()+"' ");
62                 logger.log(Level.INFO,"init() - if you want the jGuard policy 'governs' all java applications (one choice among others described in the jGuard documentation),");
63                 logger.log(Level.INFO,"init() - please correct the 'policy.provider' property (policy.provider=net.sf.jguard.core.JGuardPolicy) in your 'java.security' file,");
64                 logger.log(Level.INFO,"init() - located in this directory: "+ System.getProperty("java.home") + File.separator+ "lib"+ File.separator + "security"+ File.separator);
65
66                 try {
67                    //we set the old policy to the Sun's Policy implementation
68 try {
69                         Class JavaDoc clazz = Class.forName(PolicyHelper.COM_SUN_SECURITY_AUTH_POLICY_FILE);
70                         //we have tested that the com.sun.security.auth.PolicyFile is reachable
71 javax.security.auth.Policy.setPolicy((javax.security.auth.Policy JavaDoc)clazz.newInstance());
72                     } catch (ClassNotFoundException JavaDoc e) {
73                         logger.log(Level.WARNING,"com.sun.security.auth.PolicyFile is not reachable.\n we cannot set the old javax.security.auth.Policy implementation to it\n "+e.getMessage());
74                     }
75
76                     //give to the new JGuardPolicy the old Policy instance
77 Policy.setPolicy(new MultipleAppPolicy(Policy.getPolicy()));
78
79                 } catch (InstantiationException JavaDoc e) {
80                     logger.log(Level.SEVERE,"init() - Policy Implementation cannot be instantiated : InstantiationException"+e.getMessage());
81                 } catch (IllegalAccessException JavaDoc e) {
82                     logger.log(Level.SEVERE,"init() - Policy Implementation cannot be accessed : IllegalAccessException"+e.getMessage());
83                 }catch(SecurityException JavaDoc e){
84                     logger.log(Level.SEVERE,"init() - Policy Implementation cannot be defined : SecurityException . you haven't got the right to set the java policy"+e.getMessage());
85                 }
86             }
87
88             try{
89
90                   logger.log(Level.FINE,"System properties : \n");
91                   Properties JavaDoc props = System.getProperties();
92                   Enumeration JavaDoc enumeration = props.keys();
93                   while(enumeration.hasMoreElements()){
94                       String JavaDoc key = (String JavaDoc)enumeration.nextElement();
95                       String JavaDoc value = (String JavaDoc)props.get(key);
96                       logger.log(Level.FINE,key+"="+value);
97                   }
98
99             }catch(SecurityException JavaDoc sex){
100                 logger.log(Level.WARNING,"you have not the permission to grab system properties ");
101             }
102
103     }
104
105      /**
106         * discover the default policy installed on the running platform.
107         * @return defaultPolicy class
108         */
109      public static Class JavaDoc findDefaultPolicy(){
110          //known default policies class => do you know other java.lang.security.Policy implementations?
111 String JavaDoc[] policies = {PolicyHelper.SUN_SECURITY_PROVIDER_POLICY_FILE,PolicyHelper.GNU_JAVA_SECURITY_POLICY_FILE};
112          Class JavaDoc defaultPolicyClass = null;
113          for(int i = 0; i< policies.length;i++){
114              try {
115                  defaultPolicyClass = Class.forName(policies[i]);
116             } catch (ClassNotFoundException JavaDoc e) {
117                 logger.log(Level.FINE,"findDefaultPolicy() - " + policies[i]+ " is not the defaultPolicy class ");
118                 i++;
119                 continue;
120             }
121             logger.log(Level.FINE,"findDefaultPolicy() - " + policies[i]+ " is the defaultPolicy class ");
122             break;
123          }
124          if(null == defaultPolicyClass){
125              logger.log(Level.FINE,"findDefaultPolicy() - no defaultPolicy class has been found ");
126          }
127          return defaultPolicyClass;
128      }
129
130
131 }
132
Popular Tags