1 25 26 package org.objectweb.easybeans.security.jacc.provider; 27 28 import java.security.Permission ; 29 import java.security.PermissionCollection ; 30 import java.security.Permissions ; 31 import java.security.Principal ; 32 import java.security.SecurityPermission ; 33 import java.util.Enumeration ; 34 import java.util.HashMap ; 35 import java.util.Map ; 36 37 import javax.security.jacc.PolicyConfiguration ; 38 import javax.security.jacc.PolicyContextException ; 39 40 import org.objectweb.easybeans.log.JLog; 41 import org.objectweb.easybeans.log.JLogFactory; 42 43 47 public class JPolicyConfiguration implements PolicyConfiguration { 48 49 52 private enum State { 53 56 OPEN, 57 58 61 IN_SERVICE, 62 63 66 DELETED 67 } 68 69 72 private State state; 73 74 77 private String contextID = null; 78 79 82 private static JLog logger = JLogFactory.getLog(JPolicyConfiguration.class); 83 84 87 private PermissionCollection excludedPermissions = null; 88 89 92 private PermissionCollection uncheckedPermissions = null; 93 94 97 private Map <String , PermissionCollection > rolePermissions = null; 98 99 103 public JPolicyConfiguration(final String contextID) { 104 this.contextID = contextID; 105 106 resetState(); 108 109 excludedPermissions = new Permissions (); 111 uncheckedPermissions = new Permissions (); 112 rolePermissions = new HashMap <String , PermissionCollection >(); 113 } 114 115 131 public void addToExcludedPolicy(final Permission permission) throws PolicyContextException , SecurityException , 132 UnsupportedOperationException { 133 134 logger.debug("Adding permission ''{0}'' as excluded policy.", permission); 135 136 checkSetPolicy(); 138 139 checkCurrentStateIsInState(State.OPEN); 141 142 if (permission != null) { 144 excludedPermissions.add(permission); 145 } 146 147 } 148 149 165 public void addToExcludedPolicy(final PermissionCollection permissions) throws PolicyContextException , SecurityException , 166 UnsupportedOperationException { 167 168 logger.debug("Adding permissions ''{0}'' as excluded policy.", permissions); 169 170 checkSetPolicy(); 172 173 checkCurrentStateIsInState(State.OPEN); 175 176 if (permissions != null) { 178 for (Enumeration e = permissions.elements(); e.hasMoreElements();) { 179 excludedPermissions.add((Permission ) e.nextElement()); 180 } 181 } 182 183 } 184 185 202 public void addToRole(final String roleName, final Permission permission) throws PolicyContextException , SecurityException , 203 UnsupportedOperationException { 204 205 logger.debug("Adding permission ''{0}'' to role ''{1}''.", permission, roleName); 206 207 checkSetPolicy(); 209 210 checkCurrentStateIsInState(State.OPEN); 212 213 if (roleName == null) { 215 throw new PolicyContextException (logger.getI18n().getMessage("JPolicyConfiguration.addToRole")); 216 } 217 218 if (permission == null) { 220 return; 221 } 222 PermissionCollection permissionsOfRole = rolePermissions.get(roleName); 223 224 if (permissionsOfRole == null) { 226 permissionsOfRole = new Permissions (); 227 } 228 permissionsOfRole.add(permission); 229 230 rolePermissions.put(roleName, permissionsOfRole); 232 233 } 234 235 253 public void addToRole(final String roleName, final PermissionCollection permissions) throws PolicyContextException , 254 SecurityException , UnsupportedOperationException { 255 256 logger.debug("Adding permissions ''{0}'' to role ''{1}''.", permissions, roleName); 257 258 checkSetPolicy(); 260 261 checkCurrentStateIsInState(State.OPEN); 263 264 if (roleName == null) { 266 throw new PolicyContextException (logger.getI18n().getMessage("JPolicyConfiguration.addToRole")); 267 } 268 269 if (permissions == null) { 271 return; 272 } 273 PermissionCollection permissionsOfRole = rolePermissions.get(roleName); 274 275 if (permissionsOfRole == null) { 277 permissionsOfRole = new Permissions (); 278 } 279 280 for (Enumeration e = permissions.elements(); e.hasMoreElements();) { 281 permissionsOfRole.add((Permission ) e.nextElement()); 282 } 283 284 rolePermissions.put(roleName, permissionsOfRole); 286 287 } 288 289 305 public void addToUncheckedPolicy(final Permission permission) throws PolicyContextException , SecurityException , 306 UnsupportedOperationException { 307 308 logger.debug("Adding permission ''{0}'' as unchecked policy.", permission); 309 310 checkSetPolicy(); 312 313 checkCurrentStateIsInState(State.OPEN); 315 316 if (permission != null) { 318 uncheckedPermissions.add(permission); 319 } 320 321 } 322 323 339 public void addToUncheckedPolicy(final PermissionCollection permissions) throws PolicyContextException , SecurityException , 340 UnsupportedOperationException { 341 342 logger.debug("Adding permissions ''{0}'' as unchecked policy.", permissions); 343 344 checkSetPolicy(); 346 347 checkCurrentStateIsInState(State.OPEN); 349 350 if (permissions != null) { 352 for (Enumeration e = permissions.elements(); e.hasMoreElements();) { 353 uncheckedPermissions.add((Permission ) e.nextElement()); 354 } 355 } 356 357 } 358 359 381 public void commit() throws PolicyContextException , SecurityException , UnsupportedOperationException { 382 383 checkSetPolicy(); 385 386 checkCurrentStateNotInState(State.DELETED); 388 389 state = State.IN_SERVICE; 391 392 JPolicyConfigurationKeeper.addConfiguration(this); 394 } 395 396 411 public void delete() throws PolicyContextException , SecurityException { 412 413 checkSetPolicy(); 415 416 excludedPermissions = new Permissions (); 418 uncheckedPermissions = new Permissions (); 419 rolePermissions = new HashMap <String , PermissionCollection >(); 420 421 state = State.DELETED; 423 424 JPolicyConfigurationKeeper.removeConfiguration(this); 426 427 } 428 429 440 public String getContextID() throws PolicyContextException , SecurityException { 441 442 checkSetPolicy(); 444 445 return contextID; 446 } 447 448 461 public boolean inService() throws PolicyContextException , SecurityException { 462 463 checkSetPolicy(); 465 466 return (state == State.IN_SERVICE); 467 } 468 469 498 public void linkConfiguration(final PolicyConfiguration link) throws IllegalArgumentException , PolicyContextException , 499 SecurityException , UnsupportedOperationException { 500 501 checkSetPolicy(); 503 504 checkCurrentStateIsInState(State.OPEN); 506 507 if (this.equals(link)) { 509 throw new IllegalArgumentException (logger.getI18n().getMessage("JPolicyConfiguration.linkConfiguration.equivalent", 510 this, link)); 511 } 512 513 515 } 516 517 531 public void removeExcludedPolicy() throws PolicyContextException , SecurityException , UnsupportedOperationException { 532 533 checkSetPolicy(); 535 536 checkCurrentStateIsInState(State.OPEN); 538 539 excludedPermissions = new Permissions (); 541 } 542 543 559 public void removeRole(final String roleName) 560 throws PolicyContextException , SecurityException , UnsupportedOperationException { 561 562 checkSetPolicy(); 564 565 checkCurrentStateIsInState(State.OPEN); 567 568 rolePermissions.remove(roleName); 570 } 571 572 586 public void removeUncheckedPolicy() throws PolicyContextException , SecurityException , UnsupportedOperationException { 587 588 checkSetPolicy(); 590 591 checkCurrentStateIsInState(State.OPEN); 593 594 uncheckedPermissions = new Permissions (); 596 } 597 598 604 private void checkCurrentStateNotInState(final State s) throws UnsupportedOperationException { 605 if (this.state == s) { 606 String err = logger.getI18n().getMessage("JPolicyConfiguration.checkCurrentStateNotInState.notValidState", s, state); 607 throw new UnsupportedOperationException (err); 608 } 609 } 610 611 618 private void checkCurrentStateIsInState(final State s) throws UnsupportedOperationException { 619 if (this.state != s) { 620 String err = logger.getI18n().getMessage("JPolicyConfiguration.checkCurrentStateNotInState.notValidState", state, s); 621 throw new UnsupportedOperationException (err); 622 } 623 } 624 625 632 private void checkSetPolicy() throws SecurityException { 633 SecurityManager securityManager = System.getSecurityManager(); 634 if (securityManager != null) { 635 securityManager.checkPermission(new SecurityPermission ("setPolicy")); 636 } 637 } 638 639 645 @Override 646 public boolean equals(final Object obj) { 647 if (!(obj instanceof PolicyConfiguration )) { 648 logger.error("JPolicyConfiguration.equals.notInstanceOf"); 649 return false; 650 } 651 try { 653 return (this.contextID == ((PolicyConfiguration ) obj).getContextID()); 654 } catch (PolicyContextException pce) { 655 logger.error("JPolicyConfiguration.equals.canNotCheck", pce); 656 return false; 657 } 658 659 } 660 661 665 @Override 666 public int hashCode() { 667 return contextID.hashCode(); 668 } 669 670 673 protected void resetState() { 674 this.state = State.OPEN; 675 } 676 677 681 public PermissionCollection getExcludedPermissions() { 682 if (state != State.IN_SERVICE) { 684 return new Permissions (); 685 } 686 return excludedPermissions; 687 } 688 689 693 public PermissionCollection getUncheckedPermissions() { 694 if (state != State.IN_SERVICE) { 696 return new Permissions (); 697 } 698 return uncheckedPermissions; 699 } 700 701 706 public PermissionCollection getPermissionsForPrincipal(final Principal principal) { 707 708 logger.debug("principal = ''{0}''", principal); 709 710 if (principal == null || state != State.IN_SERVICE) { 712 return new Permissions (); 713 } 714 715 PermissionCollection permissionsOfRole = rolePermissions.get(principal.getName()); 716 717 logger.debug("Permissions found = ''{0}''", permissionsOfRole); 718 719 if (permissionsOfRole == null) { 722 permissionsOfRole = new Permissions (); 723 } 724 725 return permissionsOfRole; 726 } 727 728 } 729 | Popular Tags |