Java > Open Source Codes > org > objectweb > easybeans > security > jacc > provider > JPolicyConfiguration


1 /**
2  * EasyBeans
3  * Copyright (C) 2006 Bull S.A.S.
4  * Contact: easybeans@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: JPolicyConfiguration.java 1121 2006-09-27 08:51:06Z benoitf $
23  * --------------------------------------------------------------------------
24  */
25
26 package org.objectweb.easybeans.security.jacc.provider;
27
28 import java.security.Permission ;
29 import java.security.PermissionCollection ;
30 import java.security.Permissions ;
31 import java.security.Principal ;
32 import java.security.SecurityPermission ;
33 import java.util.Enumeration ;
34 import java.util.HashMap ;
35 import java.util.Map ;
36
37 import javax.security.jacc.PolicyConfiguration ;
38 import javax.security.jacc.PolicyContextException ;
39
40 import org.objectweb.easybeans.log.JLog;
41 import org.objectweb.easybeans.log.JLogFactory;
42
43 /**
44  * Defines the PolicyConfiguration implementation class of JACC.
45  * @author Florent Benoit
46  */
47 public class JPolicyConfiguration implements PolicyConfiguration {
48
49     /**
50      * Available states.
51      */
52     private enum State {
53         /**
54          * Open state for the Policy Context Life Cycle Section 3.1.1.1.
55          */
56         OPEN,
57
58         /**
59          * inService state for the Policy Context Life Cycle Section 3.1.1.1.
60          */
61         IN_SERVICE,
62
63         /**
64          * Deleted state for the Policy Context Life Cycle Section 3.1.1.1.
65          */
66         DELETED
67     }
68
69     /**
70      * Current state.
71      */
72     private State state;
73
74     /**
75      * ContextID string which differentiate all instances.
76      */
77     private String contextID = null;
78
79     /**
80      * Logger.
81      */
82     private static JLog logger = JLogFactory.getLog(JPolicyConfiguration.class);
83
84     /**
85      * Excluded permissions.
86      */
87     private PermissionCollection excludedPermissions = null;
88
89     /**
90      * Unchecked permissions.
91      */
92     private PermissionCollection uncheckedPermissions = null;
93
94     /**
95      * Role permissions.
96      */
97     private Map <String , PermissionCollection > rolePermissions = null;
98
99     /**
100      * Constructor of a new PolicyConfiguration object.
101      * @param contextID Identifier of this PolicyConfiguration object
102      */
103     public JPolicyConfiguration(final String contextID) {
104         this.contextID = contextID;
105
106         // initial state is open
107 resetState();
108
109         // init permissions
110 excludedPermissions = new Permissions ();
111         uncheckedPermissions = new Permissions ();
112         rolePermissions = new HashMap <String , PermissionCollection >();
113     }
114
115     /**
116      * Used to add a single excluded policy statement to this
117      * PolicyConfiguration.
118      * @param permission the permission to be added to the excluded policy
119      * statements.
120      * @throws SecurityException if called by an AccessControlContext that has
121      * not been granted the "setPolicy" SecurityPermission.
122      * @throws UnsupportedOperationException if the state of the policy context
123      * whose interface is this PolicyConfiguration Object is "deleted"
124      * or "inService" when this method is called.
125      * @throws PolicyContextException if the implementation throws a checked
126      * exception that has not been accounted for by the
127      * addToExcludedPolicy method signature. The exception thrown by the
128      * implementation class will be encapsulated (during construction)
129      * in the thrown PolicyContextException.
130      */
131     public void addToExcludedPolicy(final Permission permission) throws PolicyContextException , SecurityException ,
132             UnsupportedOperationException {
133
134         logger.debug("Adding permission ''{0}'' as excluded policy.", permission);
135
136         // Section 3.3 - Check permissions
137 checkSetPolicy();
138
139         // Open state required
140 checkCurrentStateIsInState(State.OPEN);
141
142         // Add permission
143 if (permission != null) {
144             excludedPermissions.add(permission);
145         }
146
147     }
148
149     /**
150      * Used to add excluded policy statements to this PolicyConfiguration.
151      * @param permissions the collection of permissions to be added to the
152      * excluded policy statements. The collection may be either a
153      * homogenous or heterogenous collection.
154      * @throws SecurityException if called by an AccessControlContext that has
155      * not been granted the "setPolicy" SecurityPermission.
156      * @throws UnsupportedOperationException if the state of the policy context
157      * whose interface is this PolicyConfiguration Object is "deleted"
158      * or "inService" when this method is called.
159      * @throws PolicyContextException if the implementation throws a checked
160      * exception that has not been accounted for by the
161      * addToExcludedPolicy method signature. The exception thrown by the
162      * implementation class will be encapsulated (during construction)
163      * in the thrown PolicyContextException.
164      */
165     public void addToExcludedPolicy(final PermissionCollection permissions) throws PolicyContextException , SecurityException ,
166             UnsupportedOperationException {
167
168         logger.debug("Adding permissions ''{0}'' as excluded policy.", permissions);
169
170         // Section 3.3 - Check permissions
171 checkSetPolicy();
172
173         // Open state required
174 checkCurrentStateIsInState(State.OPEN);
175
176         // Add permissions
177 if (permissions != null) {
178             for (Enumeration e = permissions.elements(); e.hasMoreElements();) {
179                 excludedPermissions.add((Permission ) e.nextElement());
180             }
181         }
182
183     }
184
185     /**
186      * Used to add a single permission to a named role in this
187      * PolicyConfiguration.
188      * @param roleName the name of the Role to which the permission is to be
189      * added.
190      * @param permission the permission to be added to the role.
191      * @throws SecurityException if called by an AccessControlContext that has
192      * not been granted the "setPolicy" SecurityPermission.
193      * @throws UnsupportedOperationException if the state of the policy context
194      * whose interface is this PolicyConfiguration Object is "deleted"
195      * or "inService" when this method is called.
196      * @throws PolicyContextException - if the implementation throws a checked
197      * exception that has not been accounted for by the addToRole method
198      * signature. The exception thrown by the implementation class will
199      * be encapsulated (during construction) in the thrown
200      * PolicyContextException.
201      */
202     public void addToRole(final String roleName, final Permission permission) throws PolicyContextException , SecurityException ,
203             UnsupportedOperationException {
204
205         logger.debug("Adding permission ''{0}'' to role ''{1}''.", permission, roleName);
206
207         // Section 3.3 - Check permissions
208 checkSetPolicy();
209
210         // Open state required
211 checkCurrentStateIsInState(State.OPEN);
212
213         // Fail if roleName is null
214 if (roleName == null) {
215             throw new PolicyContextException (logger.getI18n().getMessage("JPolicyConfiguration.addToRole"));
216         }
217
218         // Break if permission is null
219 if (permission == null) {
220             return;
221         }
222         PermissionCollection permissionsOfRole = rolePermissions.get(roleName);
223
224         // create permission object if no previous permission for the given role
225 if (permissionsOfRole == null) {
226             permissionsOfRole = new Permissions ();
227         }
228         permissionsOfRole.add(permission);
229
230         // add to the list
231 rolePermissions.put(roleName, permissionsOfRole);
232
233     }
234
235     /**
236      * Used to add permissions to a named role in this PolicyConfiguration.
237      * @param roleName the name of the Role to which the permissions are to be
238      * added.
239      * @param permissions the collection of permissions to be added to the role.
240      * The collection may be either a homogenous or heterogenous
241      * collection.
242      * @throws SecurityException if called by an AccessControlContext that has
243      * not been granted the "setPolicy" SecurityPermission.
244      * @throws UnsupportedOperationException if the state of the policy context
245      * whose interface is this PolicyConfiguration Object is "deleted"
246      * or inService" when this method is called.
247      * @throws PolicyContextException - if the implementation throws a checked
248      * exception that has not been accounted for by the addToRole method
249      * signature. The exception thrown by the implementation class will
250      * be encapsulated (during construction) in the thrown
251      * PolicyContextException.
252      */
253     public void addToRole(final String roleName, final PermissionCollection permissions) throws PolicyContextException ,
254             SecurityException , UnsupportedOperationException {
255
256         logger.debug("Adding permissions ''{0}'' to role ''{1}''.", permissions, roleName);
257
258         // Section 3.3 - Check permissions
259 checkSetPolicy();
260
261         // Open state required
262 checkCurrentStateIsInState(State.OPEN);
263
264         // Fail if roleName is null
265 if (roleName == null) {
266             throw new PolicyContextException (logger.getI18n().getMessage("JPolicyConfiguration.addToRole"));
267         }
268
269         // Break if permission is null
270 if (permissions == null) {
271             return;
272         }
273         PermissionCollection permissionsOfRole = rolePermissions.get(roleName);
274
275         // create permission object if no previous permission for the given role
276 if (permissionsOfRole == null) {
277             permissionsOfRole = new Permissions ();
278         }
279
280         for (Enumeration e = permissions.elements(); e.hasMoreElements();) {
281             permissionsOfRole.add((Permission ) e.nextElement());
282         }
283
284         // add to the list
285 rolePermissions.put(roleName, permissionsOfRole);
286
287     }
288
289     /**
290      * Used to add a single unchecked policy statement to this
291      * PolicyConfiguration.
292      * @param permission the permission to be added to the unchecked policy
293      * statements.
294      * @throws SecurityException if called by an AccessControlContext that has
295      * not been granted the "setPolicy" SecurityPermission.
296      * @throws UnsupportedOperationException if the state of the policy context
297      * whose interface is this PolicyConfiguration Object is "deleted"
298      * or "inService" when this method is called.
299      * @throws PolicyContextException if the implementation throws a checked
300      * exception that has not been accounted for by the
301      * addToUncheckedPolicy method signature. The exception thrown by
302      * the implementation class will be encapsulated (during
303      * construction) in the thrown PolicyContextException.
304      */
305     public void addToUncheckedPolicy(final Permission permission) throws PolicyContextException , SecurityException ,
306             UnsupportedOperationException {
307
308         logger.debug("Adding permission ''{0}'' as unchecked policy.", permission);
309
310         // Section 3.3 - Check permissions
311 checkSetPolicy();
312
313         // Open state required
314 checkCurrentStateIsInState(State.OPEN);
315
316         // Add permission
317 if (permission != null) {
318             uncheckedPermissions.add(permission);
319         }
320
321     }
322
323     /**
324      * Used to add unchecked policy statements to this PolicyConfiguration.
325      * @param permissions the collection of permissions to be added as unchecked
326      * policy statements. The collection may be either a homogenous or
327      * heterogenous collection.
328      * @throws SecurityException if called by an AccessControlContext that has
329      * not been granted the "setPolicy" SecurityPermission.
330      * @throws UnsupportedOperationException if the state of the policy context
331      * whose interface is this PolicyConfiguration Object is "deleted"
332      * or "inService" when this method is called.
333      * @throws PolicyContextException if the implementation throws a checked
334      * exception that has not been accounted for by the
335      * addToUncheckedPolicy method signature. The exception thrown by
336      * the implementation class will be encapsulated (during
337      * construction) in the thrown PolicyContextException.
338      */
339     public void addToUncheckedPolicy(final PermissionCollection permissions) throws PolicyContextException , SecurityException ,
340             UnsupportedOperationException {
341
342         logger.debug("Adding permissions ''{0}'' as unchecked policy.", permissions);
343
344         // Section 3.3 - Check permissions
345 checkSetPolicy();
346
347         // Open state required
348 checkCurrentStateIsInState(State.OPEN);
349
350         // Add permissions
351 if (permissions != null) {
352             for (Enumeration e = permissions.elements(); e.hasMoreElements();) {
353                 uncheckedPermissions.add((Permission ) e.nextElement());
354             }
355         }
356
357     }
358
359     /**
360      * This method is used to set to "inService" the state of the policy context
361      * whose interface is this PolicyConfiguration Object. Only those policy
362      * contexts whose state is "inService" will be included in the policy
363      * contexts processed by the Policy.refresh method. A policy context whose
364      * state is "inService" may be returned to the "open" state by calling the
365      * getPolicyConfiguration method of the PolicyConfiguration factory with the
366      * policy context identifier of the policy context. When the state of a
367      * policy context is "inService", calling any method other than commit,
368      * delete, getContextID, or inService on its PolicyConfiguration Object will
369      * cause an UnsupportedOperationException to be thrown.
370      * @throws SecurityException if called by an AccessControlContext that has
371      * not been granted the "setPolicy" SecurityPermission.
372      * @throws UnsupportedOperationException if the state of the policy context
373      * whose interface is this PolicyConfiguration Object is "deleted"
374      * when this method is called.
375      * @throws PolicyContextException if the implementation throws a checked
376      * exception that has not been accounted for by the commit method
377      * signature. The exception thrown by the implementation class will
378      * be encapsulated (during construction) in the thrown
379      * PolicyContextException.
380      */
381     public void commit() throws PolicyContextException , SecurityException , UnsupportedOperationException {
382
383         // Section 3.3 - Check permissions
384 checkSetPolicy();
385
386         // Deleted state refused
387 checkCurrentStateNotInState(State.DELETED);
388
389         // Now state is in service
390 state = State.IN_SERVICE;
391
392         // add the configuration of this object
393 JPolicyConfigurationKeeper.addConfiguration(this);
394     }
395
396     /**
397      * Causes all policy statements to be deleted from this PolicyConfiguration
398      * and sets its internal state such that calling any method, other than
399      * delete, getContextID, or inService on the PolicyConfiguration will be
400      * rejected and cause an UnsupportedOperationException to be thrown. This
401      * operation has no affect on any linked PolicyConfigurations other than
402      * removing any links involving the deleted PolicyConfiguration.
403      * @throws SecurityException if called by an AccessControlContext that has
404      * not been granted the "setPolicy" SecurityPermission.
405      * @throws PolicyContextException if the implementation throws a checked
406      * exception that has not been accounted for by the delete method
407      * signature. The exception thrown by the implementation class will
408      * be encapsulated (during construction) in the thrown
409      * PolicyContextException.
410      */
411     public void delete() throws PolicyContextException , SecurityException {
412
413         // Section 3.3 - Check permissions
414 checkSetPolicy();
415
416         // all policy statements are deleted
417 excludedPermissions = new Permissions ();
418         uncheckedPermissions = new Permissions ();
419         rolePermissions = new HashMap <String , PermissionCollection >();
420
421         // change state to DELETED
422 state = State.DELETED;
423
424         // remove the configuration of this object
425 JPolicyConfigurationKeeper.removeConfiguration(this);
426
427     }
428
429     /**
430      * This method returns this object's policy context identifier.
431      * @return this object's policy context identifier.
432      * @throws SecurityException if called by an AccessControlContext that has
433      * not been granted the "setPolicy" SecurityPermission.
434      * @throws PolicyContextException if the implementation throws a checked
435      * exception that has not been accounted for by the getContextID
436      * method signature. The exception thrown by the implementation
437      * class will be encapsulated (during construction) in the thrown
438      * PolicyContextException.
439      */
440     public String getContextID() throws PolicyContextException , SecurityException {
441
442         // Section 3.3 - Check permissions
443 checkSetPolicy();
444
445         return contextID;
446     }
447
448     /**
449      * This method is used to determine if the policy context whose interface is
450      * this PolicyConfiguration Object is in the "inService" state.
451      * @return true if the state of the associated policy context is
452      * "inService"; false otherwise.
453      * @throws SecurityException if called by an AccessControlContext that has
454      * not been granted the "setPolicy" SecurityPermission.
455      * @throws PolicyContextException if the implementation throws a checked
456      * exception that has not been accounted for by the inService method
457      * signature. The exception thrown by the implementation class will
458      * be encapsulated (during construction) in the thrown
459      * PolicyContextException.
460      */
461     public boolean inService() throws PolicyContextException , SecurityException {
462
463         // Section 3.3 - Check permissions
464 checkSetPolicy();
465
466         return (state == State.IN_SERVICE);
467     }
468
469     /**
470      * Creates a relationship between this configuration and another such that
471      * they share the same principal-to-role mappings. PolicyConfigurations are
472      * linked to apply a common principal-to-role mapping to multiple seperately
473      * manageable PolicyConfigurations, as is required when an application is
474      * composed of multiple modules. Note that the policy statements which
475      * comprise a role, or comprise the excluded or unchecked policy collections
476      * in a PolicyConfiguration are unaffected by the configuration being linked
477      * to another.
478      * @param link a reference to a different PolicyConfiguration than this
479      * PolicyConfiguration. The relationship formed by this method is
480      * symetric, transitive and idempotent. If the argument
481      * PolicyConfiguration does not have a different Policy context
482      * identifier than this PolicyConfiguration no relationship is
483      * formed, and an exception, as described below, is thrown.
484      * @throws SecurityException if called by an AccessControlContext that has
485      * not been granted the "setPolicy" SecurityPermission.
486      * @throws UnsupportedOperationException if the state of the policy context
487      * whose interface is this PolicyConfiguration Object is "deleted"
488      * or "inService" when this method is called.
489      * @throws IllegalArgumentException if called with an argument
490      * PolicyConfiguration whose Policy context is equivalent to that of
491      * this PolicyConfiguration.
492      * @throws PolicyContextException if the implementation throws a checked
493      * exception that has not been accounted for by the
494      * linkConfiguration method signature. The exception thrown by the
495      * implementation class will be encapsulated (during construction)
496      * in the thrown PolicyContextException.
497      */
498     public void linkConfiguration(final PolicyConfiguration link) throws IllegalArgumentException , PolicyContextException ,
499             SecurityException , UnsupportedOperationException {
500
501         // Section 3.3 - Check permissions
502 checkSetPolicy();
503
504         // Open state required
505 checkCurrentStateIsInState(State.OPEN);
506
507         // Equivalent to this PolicyConfiguration object ?
508 if (this.equals(link)) {
509             throw new IllegalArgumentException (logger.getI18n().getMessage("JPolicyConfiguration.linkConfiguration.equivalent",
510                     this, link));
511         }
512
513         // TODO : link objects together.
514
515     }
516
517     /**
518      * Used to remove any excluded policy statements from this
519      * PolicyConfiguration.
520      * @throws SecurityException if called by an AccessControlContext that has
521      * not been granted the "setPolicy" SecurityPermission.
522      * @throws UnsupportedOperationException if the state of the policy context
523      * whose interface is this PolicyConfiguration Object is "deleted"
524      * or "inService" when this method is called.
525      * @throws PolicyContextException if the implementation throws a checked
526      * exception that has not been accounted for by the
527      * removeExcludedPolicy method signature. The exception thrown by
528      * the implementation class will be encapsulated (during
529      * construction) in the thrown PolicyContextException.
530      */
531     public void removeExcludedPolicy() throws PolicyContextException , SecurityException , UnsupportedOperationException {
532
533         // Section 3.3 - Check permissions
534 checkSetPolicy();
535
536         // Open state required
537 checkCurrentStateIsInState(State.OPEN);
538
539         // reinit
540 excludedPermissions = new Permissions ();
541     }
542
543     /**
544      * Used to remove a role and all its permissions from this
545      * PolicyConfiguration.
546      * @param roleName the name of the Role to remove from this
547      * PolicyConfiguration.
548      * @throws SecurityException if called by an AccessControlContext that has
549      * not been granted the "setPolicy" SecurityPermission.
550      * @throws UnsupportedOperationException if the state of the policy context
551      * whose interface is this PolicyConfiguration Object is "deleted"
552      * or "inService" when this method is called.
553      * @throws PolicyContextException if the implementation throws a checked
554      * exception that has not been accounted for by the removeRole
555      * method signature. The exception thrown by the implementation
556      * class will be encapsulated (during construction) in the thrown
557      * PolicyContextException.
558      */
559     public void removeRole(final String roleName)
560         throws PolicyContextException , SecurityException , UnsupportedOperationException {
561
562         // Section 3.3 - Check permissions
563 checkSetPolicy();
564
565         // Open state required
566 checkCurrentStateIsInState(State.OPEN);
567
568         // Remove role permissions
569 rolePermissions.remove(roleName);
570     }
571
572     /**
573      * Used to remove any unchecked policy statements from this
574      * PolicyConfiguration.
575      * @throws SecurityException if called by an AccessControlContext that has
576      * not been granted the "setPolicy" SecurityPermission.
577      * @throws UnsupportedOperationException if the state of the policy context
578      * whose interface is this PolicyConfiguration Object is "deleted"
579      * or "inService" when this method is called.
580      * @throws PolicyContextException if the implementation throws a checked
581      * exception that has not been accounted for by the
582      * removeUncheckedPolicy method signature. The exception thrown by
583      * the implementation class will be encapsulated (during
584      * construction) in the thrown PolicyContextException.
585      */
586     public void removeUncheckedPolicy() throws PolicyContextException , SecurityException , UnsupportedOperationException {
587
588         // Section 3.3 - Check permissions
589 checkSetPolicy();
590
591         // Open state required
592 checkCurrentStateIsInState(State.OPEN);
593
594         // Remove unckecked policy
595 uncheckedPermissions = new Permissions ();
596     }
597
598     /**
599      * Check if the current state is not the given state. Authorized states are
600      * described in javadoc of PolicyConfiguration class
601      * @param s given state
602      * @throws UnsupportedOperationException if the state is not the given state
603      */
604     private void checkCurrentStateNotInState(final State s) throws UnsupportedOperationException {
605         if (this.state == s) {
606             String err = logger.getI18n().getMessage("JPolicyConfiguration.checkCurrentStateNotInState.notValidState", s, state);
607             throw new UnsupportedOperationException (err);
608         }
609     }
610
611     /**
612      * Check if the current state is in the given state. Authorized states are
613      * described in javadoc of PolicyConfiguration class
614      * @param s given state
615      * @throws UnsupportedOperationException if the state is not in a valid
616      * state
617      */
618     private void checkCurrentStateIsInState(final State s) throws UnsupportedOperationException {
619         if (this.state != s) {
620             String err = logger.getI18n().getMessage("JPolicyConfiguration.checkCurrentStateNotInState.notValidState", state, s);
621             throw new UnsupportedOperationException (err);
622         }
623     }
624
625     /**
626      * Method which check setPolicy access. Section 3.3 : all public methods
627      * must throw a SecurityException when called by an AccessControlContext
628      * that has not been granted the "setPolicy" SecurityPermission
629      * @throws SecurityException when called by an AccessControlContext that has
630      * not been granted the "setPolicy" SecurityPermission.
631      */
632     private void checkSetPolicy() throws SecurityException {
633         SecurityManager securityManager = System.getSecurityManager();
634         if (securityManager != null) {
635             securityManager.checkPermission(new SecurityPermission ("setPolicy"));
636         }
637     }
638
639     /**
640      * Indicates whether some other object is "equal to" this one.
641      * @param obj the reference object with which to compare.
642      * @return true if this object is the same as the obj argument; false
643      * otherwise.
644      */
645     @Override
646     public boolean equals(final Object obj) {
647         if (!(obj instanceof PolicyConfiguration )) {
648             logger.error("JPolicyConfiguration.equals.notInstanceOf");
649             return false;
650         }
651         // Compare
652 try {
653             return (this.contextID == ((PolicyConfiguration ) obj).getContextID());
654         } catch (PolicyContextException pce) {
655             logger.error("JPolicyConfiguration.equals.canNotCheck", pce);
656             return false;
657         }
658
659     }
660
661     /**
662      * Gets a hash code value for the object.
663      * @return a hash code value for this object.
664      */
665     @Override
666     public int hashCode() {
667         return contextID.hashCode();
668     }
669
670     /**
671      * Reset to OPEN state (Used by PolicyConfigurationFactory).
672      */
673     protected void resetState() {
674         this.state = State.OPEN;
675     }
676
677     /**
678      * Gets the excluded permission.
679      * @return the excluded permission
680      */
681     public PermissionCollection getExcludedPermissions() {
682         // Works only if state is in service
683 if (state != State.IN_SERVICE) {
684             return new Permissions ();
685         }
686         return excludedPermissions;
687     }
688
689     /**
690      * Gets the excluded permission.
691      * @return the excluded permission
692      */
693     public PermissionCollection getUncheckedPermissions() {
694         // Works only if state is in service
695 if (state != State.IN_SERVICE) {
696             return new Permissions ();
697         }
698         return uncheckedPermissions;
699     }
700
701     /**
702      * Gets the permissions for a given principal.
703      * @param principal given principal
704      * @return the permissions for a given principal
705      */
706     public PermissionCollection getPermissionsForPrincipal(final Principal principal) {
707
708         logger.debug("principal = ''{0}''", principal);
709
710         // Works only if state is in service and if principal is not null
711 if (principal == null || state != State.IN_SERVICE) {
712             return new Permissions ();
713         }
714
715         PermissionCollection permissionsOfRole = rolePermissions.get(principal.getName());
716
717         logger.debug("Permissions found = ''{0}''", permissionsOfRole);
718
719         // create empty permission object if no previous permission for the
720 // given role
721 if (permissionsOfRole == null) {
722             permissionsOfRole = new Permissions ();
723         }
724
725         return permissionsOfRole;
726     }
727
728 }
729

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags