org.freshcookies.security.policy
Class Canonicalizer

java.lang.Object
  extended by org.freshcookies.security.policy.Canonicalizer

public class Canonicalizer
extends java.lang.Object

Utility class that canonicalizes Permissions and file paths. Canonicalizer will initialize a list of property substitutions that can be used when constructing file paths. This class can optionally dump a list of system properties (and their file path equivalents) to disk.


Field Summary
static java.lang.String NO_CODESOURCE
          Static String that means "no codesource."
 
Constructor Summary
Canonicalizer()
          Constructs a new Canonicalizer instance.
 
Method Summary
 java.security.CodeSource canonicalize(java.security.CodeSource codeSource, java.util.Properties properties)
          Canonicalizes a CodeSource.
 java.security.Permission canonicalize(java.security.Permission permission)
           Normalizes permissions by changing permission targets to canonical forms.
static java.lang.String format(java.security.CodeSource codeSource)
          Formats a CodeSource for use with a policy file.
static java.lang.String format(java.security.Permission permission)
          Formats a CachedPermission for use in a policy file or log file.
static java.lang.String format(java.security.Principal principal)
          Formats a CachedPrincipal for use with a policy file.
static java.lang.String format(java.security.Principal[] principals)
          Formats an array of Principals; the array may be null.
static java.lang.String format(java.security.Principal[] principals, boolean forPolicy)
          Formats an array of CachedPrincipals, optionally with line delimeters suitable for a policy file.
static java.util.Properties getPathSubstitutions()
          Returns a Map of key/value pairs that correspond the subset of System properties that correspond to valid file paths.
 java.security.CodeSource propertize(java.security.CodeSource codeSource, java.util.Properties properties)
          Formats a CodeSource, substituting properties into the CodeSource or path, as needed.
 java.security.Permission propertize(java.security.Permission perm, java.util.Properties properties)
          Substitutes properties into a given FilePermission's URL or path, as needed.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

NO_CODESOURCE

public static final java.lang.String NO_CODESOURCE
Static String that means "no codesource."

See Also:
Constant Field Values
Constructor Detail

Canonicalizer

public Canonicalizer()
Constructs a new Canonicalizer instance.

Method Detail

propertize

public final java.security.CodeSource propertize(java.security.CodeSource codeSource,
                                                 java.util.Properties properties)
Formats a CodeSource, substituting properties into the CodeSource or path, as needed.

Parameters:
codeSource - the code source
properties - a Properties map containing key-value pairs of property names and associated file paths
Returns:
a revised CodeSource, with system properties substitutions as needed, or the same CodeSource if no properties match

propertize

public final java.security.Permission propertize(java.security.Permission perm,
                                                 java.util.Properties properties)
Substitutes properties into a given FilePermission's URL or path, as needed.

Parameters:
perm - the permission
properties - a Properties map containg key-value pairs of property names and associated file paths
Returns:
a String representing the FilePermission's URL or file path, with system properties substitutions as needed

format

public static final java.lang.String format(java.security.CodeSource codeSource)
Formats a CodeSource for use with a policy file. The format is identical to that used in policy files. If the URL of the codesource ends with a file separator (/ or \), a "-" will be appended. The formatter will insert system properties (such as ${user.home}) as needed.

Parameters:
codeSource - the code source
Returns:
the code source, formatted nicely as a string

format

public static final java.lang.String format(java.security.Principal[] principals)
Formats an array of Principals; the array may be null.

Parameters:
principals - the array of Principals to formatted
Returns:
a single String, with each Principal separated by a single space

format

public static final java.lang.String format(java.security.Principal[] principals,
                                            boolean forPolicy)
Formats an array of CachedPrincipals, optionally with line delimeters suitable for a policy file. The array may be null.

Parameters:
principals - the array of CachedPrincipals to formatted
forPolicy - true if the string should be formatted for a policy file, with indents and a linebreak after each principal
Returns:
a single String, with each Principal separated by a single space

getPathSubstitutions

public static final java.util.Properties getPathSubstitutions()
Returns a Map of key/value pairs that correspond the subset of System properties that correspond to valid file paths.

Returns:
the map

format

public static final java.lang.String format(java.security.Principal principal)
Formats a CachedPrincipal for use with a policy file. The string returned is the principal class, plus a space, followed by the principal's getName() value in quotes.

Parameters:
principal - the Principal to format
Returns:
a nicely-formatted string representing the Principal

format

public static final java.lang.String format(java.security.Permission permission)
Formats a CachedPermission for use in a policy file or log file. The format is identical to that used in policy files.

Parameters:
permission - the Permission to format
Returns:
a nicely-formatted string representing the Permission

canonicalize

public final java.security.CodeSource canonicalize(java.security.CodeSource codeSource,
                                                   java.util.Properties properties)
                                            throws java.io.IOException
Canonicalizes a CodeSource. If the CodeSource URL is for a file, and the path contains a property substitution (prefixed by ${ and ending in }), the canonicalizer will attempt to substitute in the correct path name by consulting the supplied properties map.

Parameters:
codeSource - the CodeSource
properties - the properties to use for expansion, where the the path names are keys, and property names are values
Returns:
the CodeSource with its file path
Throws:
java.io.IOException

canonicalize

public final java.security.Permission canonicalize(java.security.Permission permission)

Normalizes permissions by changing permission targets to canonical forms. For example:

All other permission types are returned unchanged.

Parameters:
permission - the permission to canonicalize
Returns:
the canonicalized permission
Throws:
java.net.UnknownHostException