SecurityManager


1   /*
2    * Copyright 2003,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.xerces.util;
18  
19  /**
20   * This class is a container for parser settings that relate to 
21   * security, or more specifically, it is intended to be used to prevent denial-of-service 
22   * attacks from being launched against a system running Xerces.  
23   * Any component that is aware of a denial-of-service attack that can arise
24   * from its processing of a certain kind of document may query its Component Manager
25   * for the property (http://apache.org/xml/properties/security-manager) 
26   * whose value will be an instance of this class.  
27   * If no value has been set for the property, the component should proceed in the "usual" (spec-compliant)
28   * manner.  If a value has been set, then it must be the case that the component in
29   * question needs to know what method of this class to query.  This class
30   * will provide defaults for all known security issues, but will also provide
31   * setters so that those values can be tailored by applications that care.
32   *
33   * @author  Neil Graham, IBM
34   *
35   * @version $Id: SecurityManager.java,v 1.5 2004/03/23 01:23:41 mrglavas Exp $
36   */
37  public final class SecurityManager {
38  
39      //
40      // Constants
41      //
42  
43      /** Default value for entity expansion limit. **/
44      private final static int DEFAULT_ENTITY_EXPANSION_LIMIT = 100000;
45      
46      /** Default value of number of nodes created. **/
47      private final static int DEFAULT_MAX_OCCUR_NODE_LIMIT = 3000;
48  
49      //
50      // Data
51      //
52  
53      /** Entity expansion limit. **/
54      private int entityExpansionLimit;
55      
56      /** W3C XML Schema maxOccurs limit. **/
57      private int maxOccurLimit;
58  
59      /**
60       * Default constructor.  Establishes default values 
61       * for known security vulnerabilities.
62       */  
63      public SecurityManager() {
64          entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
65          maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ;
66      }
67  
68      /**
69       * <p>Sets the number of entity expansions that the
70       * parser should permit in a document.</p>
71       *
72       * @param limit the number of entity expansions
73       * permitted in a document
74       */
75      public void setEntityExpansionLimit(int limit) {
76          entityExpansionLimit = limit;
77      }
78  
79      /**
80       * <p>Returns the number of entity expansions 
81       * that the parser permits in a document.</p>
82       *
83       * @return the number of entity expansions
84       * permitted in a document
85       */
86      public int getEntityExpansionLimit() {
87          return entityExpansionLimit;
88      }
89      
90      /**
91       * <p>Sets the limit of the number of content model nodes 
92       * that may be created when building a grammar for a W3C 
93       * XML Schema that contains maxOccurs attributes with values
94       * other than "unbounded".</p>
95       *
96       * @param limit the maximum value for maxOccurs other
97       * than "unbounded"
98       */
99      public void setMaxOccurNodeLimit(int limit){
100         maxOccurLimit = limit;
101     }
102     
103     /**
104      * <p>Returns the limit of the number of content model nodes 
105      * that may be created when building a grammar for a W3C 
106      * XML Schema that contains maxOccurs attributes with values
107      * other than "unbounded".</p>
108      *
109      * @return the maximum value for maxOccurs other
110      * than "unbounded"
111      */ 
112     public int getMaxOccurNodeLimit(){
113         return maxOccurLimit;    
114     }
115     
116 } // class SecurityManager
117 
118
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags