KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > security > jacc > PolicyConfigurationGeneric


1 /**
2  * Licensed to the Apache Software Foundation (ASF) under one or more
3  * contributor license agreements. See the NOTICE file distributed with
4  * this work for additional information regarding copyright ownership.
5  * The ASF licenses this file to You under the Apache License, Version 2.0
6  * (the "License"); you may not use this file except in compliance with
7  * the License. You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */

17
18 package org.apache.geronimo.security.jacc;
19
20 import java.security.Permission JavaDoc;
21 import java.security.PermissionCollection JavaDoc;
22 import java.security.Permissions JavaDoc;
23 import java.security.Principal JavaDoc;
24 import java.security.ProtectionDomain JavaDoc;
25 import java.util.Enumeration JavaDoc;
26 import java.util.HashMap JavaDoc;
27 import java.util.HashSet JavaDoc;
28 import java.util.Iterator JavaDoc;
29 import java.util.Map JavaDoc;
30
31 import javax.security.jacc.PolicyContextException JavaDoc;
32
33
34 /**
35  * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
36  */

37 public class PolicyConfigurationGeneric implements GeronimoPolicyConfiguration {
38     final static int OPEN = 1;
39     final static int IN_SERVICE = 2;
40     final static int DELETED = 3;
41
42     private final String JavaDoc contextID;
43     private int state;
44     private final HashMap JavaDoc rolePermissionsMap = new HashMap JavaDoc();
45     private final HashMap JavaDoc principalRoleMapping = new HashMap JavaDoc();
46     private Permissions JavaDoc unchecked = null;
47     private Permissions JavaDoc excluded = null;
48
49     private final HashMap JavaDoc principalPermissionsMap = new HashMap JavaDoc();
50
51     PolicyConfigurationGeneric(String JavaDoc contextID) {
52         this.contextID = contextID;
53         this.state = OPEN;
54     }
55
56     public String JavaDoc getContextID() throws PolicyContextException JavaDoc {
57         return contextID;
58     }
59
60     public boolean implies(ProtectionDomain JavaDoc domain, Permission JavaDoc permission) {
61
62         if (excluded != null && excluded.implies(permission)) return false;
63
64         if (unchecked != null && unchecked.implies(permission)) return true;
65
66         Principal JavaDoc[] principals = domain.getPrincipals();
67         if (principals.length == 0) return false;
68
69         for (int i = 0; i < principals.length; i++) {
70             Principal JavaDoc principal = principals[i];
71
72             Permissions JavaDoc permissions = (Permissions JavaDoc) principalPermissionsMap.get(principal);
73
74             if (permissions != null && permissions.implies(permission)) return true;
75         }
76
77         return false;
78     }
79
80     public void setPrincipalRoleMapping(Map JavaDoc principalRoleMap) throws PolicyContextException JavaDoc {
81         principalRoleMapping.clear();
82         principalRoleMapping.putAll(principalRoleMap);
83     }
84
85     public void addToRole(String JavaDoc roleName, PermissionCollection JavaDoc permissions) throws PolicyContextException JavaDoc {
86         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
87
88         Enumeration JavaDoc e = permissions.elements();
89         while (e.hasMoreElements()) {
90             addToRole(roleName, (Permission JavaDoc) e.nextElement());
91         }
92     }
93
94     public void addToRole(String JavaDoc roleName, Permission JavaDoc permission) throws PolicyContextException JavaDoc {
95         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
96
97         Permissions JavaDoc permissions = (Permissions JavaDoc) rolePermissionsMap.get(roleName);
98         if (permissions == null) {
99             permissions = new Permissions JavaDoc();
100             rolePermissionsMap.put(roleName, permissions);
101         }
102         permissions.add(permission);
103     }
104
105     public void addToUncheckedPolicy(PermissionCollection JavaDoc permissions) throws PolicyContextException JavaDoc {
106         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
107
108         Enumeration JavaDoc e = permissions.elements();
109         while (e.hasMoreElements()) {
110             addToUncheckedPolicy((Permission JavaDoc) e.nextElement());
111         }
112     }
113
114     public void addToUncheckedPolicy(Permission JavaDoc permission) throws PolicyContextException JavaDoc {
115         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
116
117         if (unchecked == null) unchecked = new Permissions JavaDoc();
118
119         unchecked.add(permission);
120     }
121
122     public void addToExcludedPolicy(PermissionCollection JavaDoc permissions) throws PolicyContextException JavaDoc {
123         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
124
125         Enumeration JavaDoc e = permissions.elements();
126         while (e.hasMoreElements()) {
127             addToExcludedPolicy((Permission JavaDoc) e.nextElement());
128         }
129     }
130
131     public void addToExcludedPolicy(Permission JavaDoc permission) throws PolicyContextException JavaDoc {
132         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
133
134         if (excluded == null) excluded = new Permissions JavaDoc();
135
136         excluded.add(permission);
137     }
138
139     public void removeRole(String JavaDoc roleName) throws PolicyContextException JavaDoc {
140         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
141
142         rolePermissionsMap.remove(roleName);
143     }
144
145     public void removeUncheckedPolicy() throws PolicyContextException JavaDoc {
146         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
147
148         unchecked = null;
149     }
150
151     public void removeExcludedPolicy() throws PolicyContextException JavaDoc {
152         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
153
154         excluded = null;
155     }
156
157     public void linkConfiguration(javax.security.jacc.PolicyConfiguration JavaDoc link) throws PolicyContextException JavaDoc {
158         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
159     }
160
161     public void delete() throws PolicyContextException JavaDoc {
162         state = DELETED;
163     }
164
165     public void commit() throws PolicyContextException JavaDoc {
166         if (state != OPEN) throw new UnsupportedOperationException JavaDoc("Not in an open state");
167
168         for (Iterator JavaDoc principalEntries = principalRoleMapping.entrySet().iterator(); principalEntries.hasNext(); ) {
169             Map.Entry JavaDoc principalEntry = (Map.Entry JavaDoc) principalEntries.next();
170             Principal JavaDoc principal = (Principal JavaDoc) principalEntry.getKey();
171             Permissions JavaDoc principalPermissions = (Permissions JavaDoc) principalPermissionsMap.get(principal);
172
173             if (principalPermissions == null) {
174                 principalPermissions = new Permissions JavaDoc();
175                 principalPermissionsMap.put(principal, principalPermissions);
176             }
177
178             HashSet JavaDoc roleSet = (HashSet JavaDoc) principalEntry.getValue();
179             for (Iterator JavaDoc roles = roleSet.iterator(); roles.hasNext(); ) {
180                 Permissions JavaDoc permissions = (Permissions JavaDoc) rolePermissionsMap.get(roles.next());
181                 if (permissions == null) continue;
182                 for (Enumeration JavaDoc rolePermissions = permissions.elements(); rolePermissions.hasMoreElements(); ) {
183                     principalPermissions.add((Permission JavaDoc) rolePermissions.nextElement());
184                 }
185             }
186
187         }
188         state = IN_SERVICE;
189     }
190
191     public boolean inService() throws PolicyContextException JavaDoc {
192         return (state == IN_SERVICE);
193     }
194
195     //TODO I have no idea what side effects this might have, but it's needed in some form from GeronimoPolicyConfigurationFactory.
196
//see JACC spec 1.0 section 3.1.1.1 discussion of in service and deleted.
197
//spec p. 31 3.1.7 on the effects of remove:
198
//If the getPolicyConfiguration method is used, the value true should be passed as the second
199
// argument to cause the corresponding policy statements to be deleted from the context.
200
public void open(boolean remove) {
201         if (remove) {
202             rolePermissionsMap.clear();
203             principalRoleMapping.clear();
204             unchecked = null;
205             excluded = null;
206             principalPermissionsMap.clear();
207         }
208         state = OPEN;
209     }
210
211     int getState() {
212         return state;
213     }
214 }
215
Popular Tags