|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.freshcookies.security.policy.LocalPolicy
public class LocalPolicy
Security policy class that implements a subset of
Policy
methods, using a standard Java 2 security policy
file as input. This class is ideally suited for "local authorization" cases
where consultation of a global JVM policy is not necessary or desired, but
where polices are expressed in the standard policy file grammar. This class
differs from standard Policy implementations in that it does not extend the
Policy superclass, and it implements only two of its methods:
implies(ProtectionDomain, Permission)
and refresh()
.
Because LocalPolicy does not extend Policy, it cannot be installed as a
system-wide security policy (which is probably a good thing, because it is
not optimized as expertly as Sun's standard PolicyFile implementation).
The constructor of this class accepts a File
from which the
policy is parsed and read using the PolicyReader
class. The policy is
static and is derived only from the content of the file. If the
policy file changes in the file system, callers may reload it by calling
refresh()
.
This class is not thread-safe. It requires the same permissions to run as the
underlying PolicyReader used to parse the policy file. (See
PolicyReader
for more details.
PolicyReader
Nested Class Summary | |
---|---|
static class |
LocalPolicy.AnyPrincipal
Principal class that represents a non-class-specific Principal in a policy file grant block. |
static class |
LocalPolicy.LocalProtectionDomain
Lightweight re-implementation of ProtectionDomain
that does not allow subsequent modifications to Permissions. |
Constructor Summary | |
---|---|
LocalPolicy(java.io.File file)
Constructs a new instance of a LocalPolicy object, whose policy rules are parsed from a supplied File using the standard Java platform encoding. |
|
LocalPolicy(java.io.File file,
java.lang.String encoding)
Constructs a new instance of a LocalPolicy object, whose policy rules are parsed from a supplied File using the standard Java platform encoding. |
Method Summary | |
---|---|
boolean |
implies(java.security.ProtectionDomain domain,
java.security.Permission permission)
Returns true if the security policy grants a particular
Permission to a ProtectionDomain whose code source, certificates and
classloader match the one supplied as a parameter. |
void |
refresh()
Reloads the policy from the filesystem. |
protected boolean |
samePrincipals(java.security.Principal[] p1,
java.security.Principal[] p2)
Determines whether two Principal arrays contain the same items, which may appear in any order |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public LocalPolicy(java.io.File file)
file
- the file supplying the security policypublic LocalPolicy(java.io.File file, java.lang.String encoding)
file
- the file supplying the security policyencoding
- the charset name, such as UTF-8
or
ISO-8859-1
Method Detail |
---|
public boolean implies(java.security.ProtectionDomain domain, java.security.Permission permission)
true
if the security policy grants a particular
Permission to a ProtectionDomain whose code source, certificates and
classloader match the one supplied as a parameter. This method contains
the exact same method signature as
Policy.implies(ProtectionDomain, Permission)
but
differs in a key respect: Permissions for the supplied ProtectionDomain
are looked up based on its CodeSource, ClassLoader and Principals, rather
than looking for one that is logically equal to it.
domain
- the protection domainpermission
- the permission to check for
true
if the permission was granted,
false
if not
java.lang.IllegalStateException
- if the policy needed refreshing but could not be refreshedpublic void refresh() throws PolicyException
Reloads the policy from the filesystem. This method contains the exact
same method signature as Policy.refresh()
and is
functionally equivalent. If the policy does not parse correctly, it will
print any errors to standard out and throw an IllegalStateException. This
method does not itself require security permissions to run, although the
underlying PolicyReader used to parse the policy file does. (See
PolicyReader.read()
for more details.
PolicyException
- if the policy could not be refreshed or parsedprotected boolean samePrincipals(java.security.Principal[] p1, java.security.Principal[] p2)
p1
- the first arrayp2
- the second array
true
if every item in the first array is
equal
to one other item in the second array;
false
otherwise
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |