Refine search
String binaryPath = (new URL(Shaj.class.getProtectionDomain() .getCodeSource().getLocation(), ".")).openConnection() .getPermission().getName(); binaryPath = (new File(binaryPath)).getCanonicalPath();
private void handlePermissionCheckEvent(SecurityPermissionCheckEvent event, StringBuilder stringBuilder) { handleDefiniteOutcomeEvent(event, stringBuilder); Permission permission = event.getPermission(); stringBuilder.append(",permission=[type=").append(permission.getClass().getName()); stringBuilder.append(",actions=").append(permission.getActions()); stringBuilder.append(",name=").append(permission.getName()).append(']'); }
/** * Indicates whether the argument permission is implied by the permissions * contained in the receiver. * * @return boolean <code>true</code> if the argument permission is implied * by the permissions in the receiver, and <code>false</code> if * it is not. * @param permission * java.security.Permission the permission to check */ public boolean implies(Permission permission) { for (Enumeration elements = elements(); elements.hasMoreElements();) { if (((Permission)elements.nextElement()).implies(permission)) { return true; } } return false; } }
public boolean implies(final Permission permission) { if (permission == null || getSourcePermission().getClass() != permission.getClass()) { return false; } final Permission all = this.all; if (all != null) { return all.implies(permission); } final Permission ourPermission = byName.get(permission.getName()); return ourPermission != null && ourPermission.implies(permission); } }
private static boolean grantedIsExcluded(Permission granted, Permissions excluded) { boolean isExcluded = false; if (excluded != null) { if (!excluded.implies(granted)) { Enumeration e = excluded.elements(); while (!isExcluded && e.hasMoreElements()) { Permission excludedPerm = (Permission) e.nextElement(); if (granted.implies(excludedPerm)) { isExcluded = true; } } } else { isExcluded = true; } } if (logger.isLoggable(Level.FINEST)){ if (isExcluded) { logger.finest("JACC Policy Provider: permission is excluded: "+granted); } } return isExcluded; }
/** * Removes permissions from <code>toBeChecked</code> that are implied by * <code>permission</code>. * * @param toBeChecked the permissions that are to be checked and possibly culled * @param permission the permission that is to be used for culling * @return the culled set of permissions that are not implied by <code>permission</code> */ private Permissions cullPermissions(Permissions toBeChecked, Permission permission) { Permissions result = new Permissions(); for (Enumeration e = toBeChecked.elements(); e.hasMoreElements();) { Permission test = (Permission) e.nextElement(); if (!permission.implies(test)) { result.add(test); } } return result; } }
private void doPermDump(PermissionCollection pc, String string) { Enumeration<Permission> en = pc.elements(); while (en.hasMoreElements()) { Permission p = en.nextElement(); logger.info(string + "===>P:" + p.getClass() + " N:" + p.getName() + " A:" + p.getActions()); } }
file =new File(url.toURI()); assertValidPath(file.toString()); if (!url.toString().startsWith("file:")) throw new IllegalArgumentException("!file:"); String file_url="file:"+URIUtil.encodePath(url.toString().substring(5)); URI uri = new URI(file_url); if (uri.getAuthority()==null) URLConnection connection=url.openConnection(); Permission perm = connection.getPermission(); file = new File(perm==null?url.getFile():perm.getName());
/** * Returns an File representing the given resource or NULL if this * is not possible. */ public File getFile() throws IOException { // Try the permission hack if (checkConnection()) { Permission perm = _connection.getPermission(); if (perm instanceof java.io.FilePermission) return new File(perm.getName()); } // Try the URL file arg try {return new File(_url.getFile());} catch(Exception e) {Log.ignore(e);} // Don't know the file return null; }
_file =new File(new URI(url.toString())); String file_url="file:"+URIUtil.encodePath(url.toString().substring(5)); URI uri = new URI(file_url); if (uri.getAuthority()==null) _file = new File(uri); else _file = new File("//"+uri.getAuthority()+URIUtil.decodePath(url.getFile())); _file = new File(perm==null?url.getFile():perm.getName());
static Permissions addToRoleMap(HashMap<String, Permissions> map, String roleName, Permission p) { Permissions collection = map.get(roleName); if (collection == null) { collection = new Permissions(); map.put(roleName,collection); } collection.add(p); if (logger.isLoggable(Level.FINE)){ logger.log(Level.FINE,"JACC: constraint capture: adding methods to role: "+ roleName+" methods: " + p.getActions()); } return collection; }
@Override public void checkPermission(Permission perm) { // Disallowing access to System#getenv means that our // ReadOnlySystemAttributesMap will come into play. if ("getenv.*".equals(perm.getName())) { throw new AccessControlException("Accessing the system environment is disallowed"); } } };
public boolean implies(final Permission permission) { for (Permission test : permissionsRef.get()) { if (test.implies(permission)) { return true; } } return false; }
/** * The central point in checking permissions. * Overridden from java.lang.SecurityManager * * @param perm The permission requested. */ @Override public void checkPermission(final java.security.Permission perm) { if (active) { if (delegateToOldSM && !perm.getName().equals("exitVM")) { boolean permOK = false; if (granted.implies(perm)) { permOK = true; } checkRevoked(perm); /* if the permission was not explicitly granted or revoked the original security manager will do its work */ if (!permOK && origSm != null) { origSm.checkPermission(perm); } } else { if (!granted.implies(perm)) { throw new SecurityException("Permission " + perm + " was not granted."); } checkRevoked(perm); } } }
/** * Returns the String representation of the action list. * * @return Action list of this permission instance. It is always * "privatearea". * @see java.security.Permission#getActions() */ public String getActions() { return delegate.getActions(); }
/** * Returns a new PermissionCollection object for storing * DeploymentAdminPermission objects. * * @return The new PermissionCollection. * @see java.security.Permission#newPermissionCollection() */ public PermissionCollection newPermissionCollection() { return delegate.newPermissionCollection(); }
private void logDefaultPermissions(Set<Permission> permissions) { if (log.isDebugEnabled()) { if (permissions.isEmpty()) { log.debug( "Granting no sandbox permissions by default for Limbus plugins. Edit classpath file {} to change this.", SANDBOX_DEFAULT_PERMISSIONS); } else { log.debug( "Granting the following permissions by default for Limbus plugins. Edit classpath file {} to change this.", SANDBOX_DEFAULT_PERMISSIONS); for (Permission p : permissions) { log.debug("- Granting permission: {}", p.toString()); } } } }
/** * Checks two DeploymentAdminPermission objects for equality. Two permission * objects are equal if: * <p> * * <ul> * <li>their target filters are semantically equal and</li> * <li>their actions are the same</li> * </ul> * * @param obj The reference object with which to compare. * @return true if the two objects are equal. * @see java.lang.Object#equals(java.lang.Object) */ public boolean equals(Object obj) { if (obj == this) return true; if (!(obj instanceof DeploymentAdminPermission)) return false; DeploymentAdminPermission dap = (DeploymentAdminPermission) obj; return delegate.equals(dap.delegate); }
private static boolean grantedIsExcluded(Permission granted, Permissions excluded) { boolean isExcluded = false; if (excluded != null) { if (!excluded.implies(granted)) { Enumeration e = excluded.elements(); while (!isExcluded && e.hasMoreElements()) { Permission excludedPerm = (Permission) e.nextElement(); if (granted.implies(excludedPerm)) { isExcluded = true; } } } else { isExcluded = true; } } if (logger.isLoggable(Level.FINEST)){ if (isExcluded) { logger.finest("JACC Policy Provider: permission is excluded: "+granted); } } return isExcluded; }