AbstractPolicy


1   /*
2    * Copyright (C) The Apache Software Foundation. All rights reserved.
3    *
4    * This software is published under the terms of the Apache Software License
5    * version 1.1, a copy of which has been included with this distribution in
6    * the LICENSE.txt file.
7    */
8   package org.apache.avalon.phoenix.components.classloader;
9   
10  import java.io.File;
11  import java.net.MalformedURLException;
12  import java.net.URL;
13  import java.security.CodeSource;
14  import java.security.Permission;
15  import java.security.PermissionCollection;
16  import java.security.Permissions;
17  import java.security.Policy;
18  import java.security.cert.Certificate;
19  import java.util.ArrayList;
20  import java.util.Enumeration;
21  import org.apache.avalon.excalibur.io.FileUtil;
22  import org.apache.avalon.framework.logger.LogEnabled;
23  import org.apache.avalon.framework.logger.Logger;
24  
25  /**
26   * Abstract policy extended in avalon.
27   *
28   * @author <a HREF="mailto:peter at apache.org">Peter Donald</a>
29   */
30  abstract class AbstractPolicy
31      extends Policy
32      implements LogEnabled
33  {
34      private final ArrayList m_entries = new ArrayList();
35  
36      private Logger m_logger;
37  
38      public void enableLogging( final Logger logger )
39      {
40          m_logger = logger;
41      }
42  
43      /**
44       * Overide so we can have a per-application security policy with
45       * no side-effects to other applications.
46       *
47       * @param codeSource the codeSource to get permissions for
48       * @return the PermissionCollection
49       */
50      public PermissionCollection getPermissions( CodeSource codeSource )
51      {
52          codeSource = normalize( codeSource );
53  
54          if( getLogger().isDebugEnabled() )
55          {
56              getLogger().debug( "getPermissions(" + codeSource.getLocation() + ");" );
57          }
58  
59          final Permissions permissions = new Permissions();
60          final int size = m_entries.size();
61  
62          for( int i = 0; i < size; i++ )
63          {
64              final PolicyEntry entry = (PolicyEntry)m_entries.get( i );
65              if( entry.getCodeSource().implies( codeSource ) )
66              {
67                  copyPermissions( permissions, entry.getPermissions() );
68              }
69          }
70  
71          return permissions;
72      }
73  
74      /**
75       * Refresh policy. Ignored in this implementation.
76       */
77      public void refresh()
78      {
79      }
80  
81      /**
82       * Create a permission set for a codeBase.
83       * These are read-write permissions and can be written till until the
84       * time in which they are applied to code.
85       *
86       * @param location the location of codes to apply permission set to.
87       * @param signers a comma seperated string of thos who signed codebase
88       * @return the new permission set
89       * @throws MalformedURLException if location string is malformed
90       */
91      protected Permissions createPermissionSetFor( final String location,
92                                                    final Certificate[] signers )
93          throws MalformedURLException
94      {
95          return createPermissionSetFor( new URL( location ), signers );
96      }
97  
98      protected Permissions createPermissionSetFor( final URL url,
99                                                    final Certificate[] signers )
100     {
101         getLogger().debug( "createPermissionSetFor(" + url + ");" );
102 
103         CodeSource codeSource = new CodeSource( url, signers );
104         codeSource = normalize( codeSource );
105         final PolicyEntry entry = new PolicyEntry( codeSource, new Permissions() );
106         m_entries.add( entry );
107         return entry.getPermissions();
108     }
109 
110     protected final Logger getLogger()
111     {
112         return m_logger;
113     }
114 
115     /**
116      * Normalizing CodeSource involves removing relative addressing
117      * (like .. and .) for file urls.
118      *
119      * @param codeSource the codeSource to be normalized
120      * @return the normalized codeSource
121      */
122     private CodeSource normalize( final CodeSource codeSource )
123     {
124         final URL initialLocation = codeSource.getLocation();
125 
126         // This is a bit of a hack.  I don't know why CodeSource should behave like this
127         // Fear not, this only seems to be a problem for home grown classloaders.
128         // - Paul Hammant, Nov 2000
129         if( null == initialLocation )
130         {
131             return codeSource;
132         }
133 
134         String location = null;
135 
136         if( !initialLocation.getProtocol().equalsIgnoreCase( "file" ) )
137         {
138             location = initialLocation.getFile();
139             location = FileUtil.normalize( location );
140         }
141         else
142         {
143             final File file = new File( initialLocation.getFile() );
144             location = file.getAbsoluteFile().toString().replace( File.separatorChar, '/' );
145             location = FileUtil.normalize( location );
146         }
147 
148         URL finalLocation = null;
149 
150         try
151         {
152             finalLocation = new URL( initialLocation.getProtocol(),
153                                      initialLocation.getHost(),
154                                      initialLocation.getPort(),
155                                      location );
156         }
157         catch( final MalformedURLException mue )
158         {
159             getLogger().warn( "Error building codeBase", mue );
160         }
161 
162         return new CodeSource( finalLocation, codeSource.getCertificates() );
163     }
164 
165     /**
166      * Utility method to cpoy permissions from specified source to specified destination.
167      *
168      * @param destination the destination of permissions
169      * @param source the source of permissions
170      */
171     private void copyPermissions( final Permissions destination,
172                                   final Permissions source )
173     {
174         final Enumeration enum = source.elements();
175         while( enum.hasMoreElements() )
176         {
177             destination.add( (Permission)enum.nextElement() );
178         }
179     }
180 }
181
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Java Books Remove Frame
Popular Tags