private boolean fileChanged(boolean granted) { String name = getPolicyFileName(granted); File f = new File(name); return _fileChanged(granted,f); }
/** * checks if PolicyContex is in agrument state. * Detects implicpit state changes resulting from * distribution of policy files by synchronization * system. * @param stateValue state the context is tested for * @return true if in state. */ private boolean stateIs(int stateValue) { boolean inState = _stateIs(stateValue); if (stateValue == INSERVICE_STATE && !inState) { if (fileArrived(true) || fileArrived(false)) { if (logger.isLoggable(Level.FINE)){ logger.fine("JACC Policy Provider: file arrived transition to inService: " + " state: " + (this.state == OPEN_STATE ? "open " : "deleted ") + CONTEXT_ID); } // initialize(!open,!remove,fromFile) initialize(false,false,true); } inState = _stateIs(INSERVICE_STATE); } return inState; }
throws PolicyContextException{ assertStateIsOpen(); checkSetPolicyPermission(); this.getExcludedPermissions().add(permission); writeOnCommit = true;
/** * Used to remove any excluded policy statements from this * PolicyConfiguration. * * @throws java.lang.SecurityException * if called by an AccessControlContext that has not been * granted the "setPolicy" SecurityPermission. * * @throws java.lang.UnsupportedOperationException * if the state of the policy context whose interface is this * PolicyConfiguration Object is "deleted" or "inService" when this * method is called. * * @throws javax.security.jacc.PolicyContextException * if the implementation throws a checked exception that has not been * accounted for by the removeExcludedPolicy method signature. * The exception thrown * by the implementation class will be encapsulated (during construction) * in the thrown PolicyContextException. */ public void removeExcludedPolicy() throws PolicyContextException{ assertStateIsOpen(); checkSetPolicyPermission(); if (excludedPermissions != null) { excludedPermissions = null; writeOnCommit = true; } }
/** * Causes all policy statements to be deleted from this PolicyConfiguration * and sets its internal state such that calling any method, other than * delete, getContextID, or inService on the PolicyConfiguration will * be rejected and cause an UnsupportedOperationException to be thrown. * <P> * This operation has no affect on any linked PolicyConfigurations * other than removing any links involving the deleted PolicyConfiguration. * * @throws java.lang.SecurityException * if called by an AccessControlContext that has not been * granted the "setPolicy" SecurityPermission. * * @throws javax.security.jacc.PolicyContextException * if the implementation throws a checked exception that has not been * accounted for by the delete method signature. The exception thrown * by the implementation class will be encapsulated (during construction) * in the thrown PolicyContextException. */ public void delete() throws PolicyContextException { checkSetPolicyPermission(); synchronized(refreshLock) { try { removePolicy(); } finally { setState(DELETED_STATE); } } }
protected void refresh(boolean force){ if (stateIs(INSERVICE_STATE) && (wasRefreshed == false || force || filesChanged())) { while (true) { urlKey = PROVIDER_URL+(++i); value = getSecurityProperty(urlKey); if (value == null || value.equals("")) { break; setSecurityProperty(urlKey, policyUrlValue); if (fileChanged(false)) { excludedPermissions = loadExcludedPolicy(); captureFileTime(true); policy = getNewPolicy(); } else { policy.refresh(); setSecurityProperty(urlKey, "");
protected void initialize(boolean open, boolean remove, boolean fromFile) { synchronized(refreshLock) { String name = getPolicyFileName(true); if (open || remove) { setState(OPEN_STATE); } else { setState(INSERVICE_STATE); removePolicy(); uncheckedPermissions = null; rolePermissionsTable = null; excludedPermissions = loadExcludedPolicy(); initLinkTable(); captureFileTime(true); writeOnCommit = false;
protected void refresh(boolean force){ if (stateIs(INSERVICE_STATE) && (wasRefreshed == false || force || filesChanged())) { java.security.Security.setProperty(urlKey,policyUrlValue); if (fileChanged(false)) { excludedPermissions = loadExcludedPolicy(); captureFileTime(true); policy = getNewPolicy(); } else { policy.refresh();
throws PolicyContextException{ assertStateIsOpen(); checkSetPolicyPermission(); this.getUncheckedPermissions().add(permission); writeOnCommit = true;
throws PolicyContextException { assertStateIsOpen(); checkSetPolicyPermission(); this.getRolePermissions(roleName).add(permission); writeOnCommit = true;
createPolicyContextDirectory(); removePolicyFile(granted); String name = getPolicyFileName(granted); OutputStreamWriter writer = null; try { try { writer.close(); captureFileTime(granted); } catch (Exception e) { String defMsg="Unable to close Policy file: "+name;
if(stateIs(DELETED_STATE)){ String defMsg="Cannot perform Operation on a deleted PolicyConfiguration"; String msg=localStrings.getLocalString("pc.invalid_op_for_state_delete",defMsg); checkSetPolicyPermission(); if (stateIs(OPEN_STATE)) { generatePermissions(); setState(INSERVICE_STATE);
assertStateIsOpen(); checkSetPolicyPermission(); updateLinkTable(linkId);
private Permissions loadExcludedPolicy() { Permissions result = null; String name = getPolicyFileName(false); FileReader reader = null; PolicyParser parser = new PolicyParser(false); try { captureFileTime(false); reader = new FileReader(name); parser.read(reader); PermissionEntry entry = (PermissionEntry) perms.nextElement(); Permission p = loadPermission(entry.permission,entry.name,entry.action); if (result == null) { result = new Permissions();
boolean withPrincipals = false; String roleName = (String) roleIt.next(); Permissions rolePerms = getRolePermissions(roleName); Subject rolePrincipals = (Subject) roleToSubjectMap.get(roleName); if (rolePrincipals != null) { PrincipalEntry prinEntry = new PrincipalEntry(prin.getClass().getName(), escapeName(prin.getName())); GrantEntry grant = new GrantEntry(); grant.principals.add(prinEntry); writeOnCommit = createPolicyFile(true,parser,writeOnCommit); writeOnCommit = createPolicyFile(false,excludedParser,writeOnCommit);
/** * This method is used to determine if the policy context whose interface is * this PolicyConfiguration Object is in the "inService" state. * * @return true if the state of the associated policy context is * "inService"; false otherwise. * * @throws java.lang.SecurityException * if called by an AccessControlContext that has not been * granted the "setPolicy" SecurityPermission. * * @throws javax.security.jacc.PolicyContextException * if the implementation throws a checked exception that has not been * accounted for by the inService method signature. The exception thrown * by the implementation class will be encapsulated (during construction) * in the thrown PolicyContextException. */ public boolean inService() throws PolicyContextException{ checkSetPolicyPermission(); boolean rvalue = stateIs(INSERVICE_STATE); if (logger.isLoggable(Level.FINE)) { logger.fine("JACC Policy Provider: inService: " + (rvalue ? "true " : "false ") + CONTEXT_ID); } return rvalue; }
pci = getPolicyConfigurationImplFromDirectory(contextId,true,remove); if (pci == null) { pci = new PolicyConfigurationImpl(contextId, this); putPolicyConfigurationImpl(contextId,pci); pci.initialize(true,remove,false);
private PolicyConfigurationImpl getPolicyConfigurationImplFromDirectory(String contextId, boolean open, boolean remove) { PolicyConfigurationImpl pci = null; File f = new File(getContextDirectoryName(contextId)); if (f.exists()) { pci = new PolicyConfigurationImpl(f, open, remove, this); if (pci != null) { putPolicyConfigurationImpl(contextId, pci); } } return pci; }
/** * This method returns this object's policy context identifier. * @return this object's policy context identifier. * * @throws java.lang.SecurityException * if called by an AccessControlContext that has not been * granted the "setPolicy" SecurityPermission. * * @throws javax.security.jacc.PolicyContextException * if the implementation throws a checked exception that has not been * accounted for by the getContextID method signature. The exception thrown * by the implementation class will be encapsulated (during construction) * in the thrown PolicyContextException. */ public String getContextID() throws PolicyContextException { checkSetPolicyPermission(); return this.CONTEXT_ID; }
protected void initialize(boolean open, boolean remove, boolean fromFile) { synchronized(refreshLock) { String name = getPolicyFileName(true); if (open || remove) { setState(OPEN_STATE); } else { setState(INSERVICE_STATE); removePolicy(); uncheckedPermissions = null; rolePermissionsTable = null; excludedPermissions = loadExcludedPolicy(); initLinkTable(); captureFileTime(true); writeOnCommit = false;