BatikSecurityController


1   /*
2   
3      Copyright 2003-2004  The Apache Software Foundation 
4   
5      Licensed under the Apache License, Version 2.0 (the "License");
6      you may not use this file except in compliance with the License.
7      You may obtain a copy of the License at
8   
9          http://www.apache.org/licenses/LICENSE-2.0
10  
11     Unless required by applicable law or agreed to in writing, software
12     distributed under the License is distributed on an "AS IS" BASIS,
13     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14     See the License for the specific language governing permissions and
15     limitations under the License.
16  
17   */
18  package org.apache.batik.script.rhino;
19  
20  import org.mozilla.javascript.Context;
21  import org.mozilla.javascript.GeneratedClassLoader;
22  import org.mozilla.javascript.JavaScriptException;
23  import org.mozilla.javascript.Script;
24  import org.mozilla.javascript.Scriptable;
25  import org.mozilla.javascript.SecurityController;
26  
27  import java.security.AccessController  ;
28  import java.security.AccessControlContext  ;
29  import java.security.PrivilegedAction  ;
30  import java.security.PrivilegedExceptionAction  ;
31  import java.security.PrivilegedActionException  ;
32  
33  /**
34   * This implementation of the Rhino <tt>SecurityController</tt> interface is
35   * meant for use within the context of Batik only. It is a partial
36   * implementation of the interface that does what is needed by Batik and
37   * no more.
38   *
39   * @author <a HREF="mailto:cjolif@ilog.fr">Christophe Jolif</a>
40   * @version $Id: BatikSecurityController.java,v 1.6 2004/08/18 07:14:57 vhardy Exp $
41   */
42  public class BatikSecurityController extends SecurityController {
43  
44      /**
45       * Default constructor
46       */
47      public GeneratedClassLoader createClassLoader
48          (final ClassLoader   parentLoader, Object   securityDomain) {
49  
50          if (securityDomain instanceof RhinoClassLoader) {
51              return (RhinoClassLoader)securityDomain;
52          }
53          
54          // FIXX: This should be supported by intersecting perms.
55          // Calling var script = Script(source); script(); is not supported
56          throw new SecurityException  ("Script() objects are not supported");
57      }
58  
59      /**
60       * Get dynamic security domain that allows an action only if it is allowed
61       * by the current Java stack and <i>securityDomain</i>. If
62       * <i>securityDomain</i> is null, return domain representing permissions
63       * allowed by the current stack.
64       */
65      public Object   getDynamicSecurityDomain(Object   securityDomain) {
66  
67          ClassLoader   loader = (RhinoClassLoader)securityDomain;
68          // Already have a rhino loader in place no need to
69          // do anything (normally you would want to union the
70          // the current stack with the loader's context but
71          // in our case no one has lower privledges than a
72          // rhino class loader).
73          if (loader != null) 
74              return loader;
75  
76          return AccessController.getContext();
77      }
78  
79      /**
80       * Call {@link Script#exec(Context cx, Scriptable scope)} of
81       * <i>script</i> under restricted security domain where an action is
82       * allowed only if it is allowed according to the Java stack on the
83       * moment of the <i>execWithDomain</i> call and <i>securityDomain</i>.
84       * Any call to {@link #getDynamicSecurityDomain(Object)} during
85       * execution of {@link Script#exec(Context cx, Scriptable scope)}
86       * should return a domain incorporate restrictions imposed by
87       * <i>securityDomain</i>.
88       */
89      public Object   execWithDomain(final Context cx, final Scriptable scope,
90                                   final Script script, Object   securityDomain)
91          throws JavaScriptException {
92          
93          AccessControlContext   acc;
94          if (securityDomain instanceof AccessControlContext  )
95              acc = (AccessControlContext  )securityDomain;
96          else {
97              RhinoClassLoader loader = (RhinoClassLoader)securityDomain;
98              acc = loader.rhinoAccessControlContext;
99          }
100 
101         try {
102             // acc = new AccessController(acc, acc.getDomainCombiner());
103             return AccessController.doPrivileged
104                 (new PrivilegedExceptionAction  () {
105                         public Object   run() throws JavaScriptException {
106                             return script.exec(cx, scope);
107                         }
108                     }, acc );
109         } catch (Exception   e) {
110             throw new JavaScriptException(e);
111         }
112 
113     }
114 }
115
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags