1 17 18 package org.apache.geronimo.security.jacc; 19 20 import java.security.Permission ; 21 import java.security.PermissionCollection ; 22 import java.security.Permissions ; 23 import java.security.Principal ; 24 import java.security.ProtectionDomain ; 25 import java.util.Enumeration ; 26 import java.util.HashMap ; 27 import java.util.HashSet ; 28 import java.util.Iterator ; 29 import java.util.Map ; 30 31 import javax.security.jacc.PolicyContextException ; 32 33 34 37 public class PolicyConfigurationGeneric implements GeronimoPolicyConfiguration { 38 final static int OPEN = 1; 39 final static int IN_SERVICE = 2; 40 final static int DELETED = 3; 41 42 private final String contextID; 43 private int state; 44 private final HashMap rolePermissionsMap = new HashMap (); 45 private final HashMap principalRoleMapping = new HashMap (); 46 private Permissions unchecked = null; 47 private Permissions excluded = null; 48 49 private final HashMap principalPermissionsMap = new HashMap (); 50 51 PolicyConfigurationGeneric(String contextID) { 52 this.contextID = contextID; 53 this.state = OPEN; 54 } 55 56 public String getContextID() throws PolicyContextException { 57 return contextID; 58 } 59 60 public boolean implies(ProtectionDomain domain, Permission permission) { 61 62 if (excluded != null && excluded.implies(permission)) return false; 63 64 if (unchecked != null && unchecked.implies(permission)) return true; 65 66 Principal [] principals = domain.getPrincipals(); 67 if (principals.length == 0) return false; 68 69 for (int i = 0; i < principals.length; i++) { 70 Principal principal = principals[i]; 71 72 Permissions permissions = (Permissions ) principalPermissionsMap.get(principal); 73 74 if (permissions != null && permissions.implies(permission)) return true; 75 } 76 77 return false; 78 } 79 80 public void setPrincipalRoleMapping(Map principalRoleMap) throws PolicyContextException { 81 principalRoleMapping.clear(); 82 principalRoleMapping.putAll(principalRoleMap); 83 } 84 85 public void addToRole(String roleName, PermissionCollection permissions) throws PolicyContextException { 86 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 87 88 Enumeration e = permissions.elements(); 89 while (e.hasMoreElements()) { 90 addToRole(roleName, (Permission ) e.nextElement()); 91 } 92 } 93 94 public void addToRole(String roleName, Permission permission) throws PolicyContextException { 95 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 96 97 Permissions permissions = (Permissions ) rolePermissionsMap.get(roleName); 98 if (permissions == null) { 99 permissions = new Permissions (); 100 rolePermissionsMap.put(roleName, permissions); 101 } 102 permissions.add(permission); 103 } 104 105 public void addToUncheckedPolicy(PermissionCollection permissions) throws PolicyContextException { 106 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 107 108 Enumeration e = permissions.elements(); 109 while (e.hasMoreElements()) { 110 addToUncheckedPolicy((Permission ) e.nextElement()); 111 } 112 } 113 114 public void addToUncheckedPolicy(Permission permission) throws PolicyContextException { 115 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 116 117 if (unchecked == null) unchecked = new Permissions (); 118 119 unchecked.add(permission); 120 } 121 122 public void addToExcludedPolicy(PermissionCollection permissions) throws PolicyContextException { 123 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 124 125 Enumeration e = permissions.elements(); 126 while (e.hasMoreElements()) { 127 addToExcludedPolicy((Permission ) e.nextElement()); 128 } 129 } 130 131 public void addToExcludedPolicy(Permission permission) throws PolicyContextException { 132 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 133 134 if (excluded == null) excluded = new Permissions (); 135 136 excluded.add(permission); 137 } 138 139 public void removeRole(String roleName) throws PolicyContextException { 140 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 141 142 rolePermissionsMap.remove(roleName); 143 } 144 145 public void removeUncheckedPolicy() throws PolicyContextException { 146 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 147 148 unchecked = null; 149 } 150 151 public void removeExcludedPolicy() throws PolicyContextException { 152 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 153 154 excluded = null; 155 } 156 157 public void linkConfiguration(javax.security.jacc.PolicyConfiguration link) throws PolicyContextException { 158 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 159 } 160 161 public void delete() throws PolicyContextException { 162 state = DELETED; 163 } 164 165 public void commit() throws PolicyContextException { 166 if (state != OPEN) throw new UnsupportedOperationException ("Not in an open state"); 167 168 for (Iterator principalEntries = principalRoleMapping.entrySet().iterator(); principalEntries.hasNext(); ) { 169 Map.Entry principalEntry = (Map.Entry ) principalEntries.next(); 170 Principal principal = (Principal ) principalEntry.getKey(); 171 Permissions principalPermissions = (Permissions ) principalPermissionsMap.get(principal); 172 173 if (principalPermissions == null) { 174 principalPermissions = new Permissions (); 175 principalPermissionsMap.put(principal, principalPermissions); 176 } 177 178 HashSet roleSet = (HashSet ) principalEntry.getValue(); 179 for (Iterator roles = roleSet.iterator(); roles.hasNext(); ) { 180 Permissions permissions = (Permissions ) rolePermissionsMap.get(roles.next()); 181 if (permissions == null) continue; 182 for (Enumeration rolePermissions = permissions.elements(); rolePermissions.hasMoreElements(); ) { 183 principalPermissions.add((Permission ) rolePermissions.nextElement()); 184 } 185 } 186 187 } 188 state = IN_SERVICE; 189 } 190 191 public boolean inService() throws PolicyContextException { 192 return (state == IN_SERVICE); 193 } 194 195 public void open(boolean remove) { 201 if (remove) { 202 rolePermissionsMap.clear(); 203 principalRoleMapping.clear(); 204 unchecked = null; 205 excluded = null; 206 principalPermissionsMap.clear(); 207 } 208 state = OPEN; 209 } 210 211 int getState() { 212 return state; 213 } 214 } 215 | Popular Tags |