Frames | No Frames |
1: /* ProtectionDomain.java -- A security domain 2: Copyright (C) 1998, 2003, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: package java.security; 39: 40: import gnu.classpath.SystemProperties; 41: 42: import gnu.java.lang.CPStringBuilder; 43: 44: /** 45: * This class represents a group of classes, along with their granted 46: * permissions. The classes are identified by a {@link CodeSource}. Thus, any 47: * class loaded from the specified {@link CodeSource} is treated as part of 48: * this domain. The set of permissions is represented by an instance of 49: * {@link PermissionCollection}. 50: * 51: * <p>Every class in the system will belong to one and only one 52: * <code>ProtectionDomain</code>.</p> 53: * 54: * @author Aaron M. Renn (arenn@urbanophile.com) 55: * @version 0.0 56: */ 57: public class ProtectionDomain 58: { 59: /** This is the <code>CodeSource</code> for this protection domain. */ 60: private CodeSource code_source; 61: 62: /** This is the set of permissions granted to this domain. */ 63: private PermissionCollection perms; 64: 65: /** The {@link ClassLoader} associated with this domain. */ 66: private ClassLoader classloader; 67: 68: /** The array of Principals associated with this domain.. */ 69: private Principal[] principals; 70: 71: /** Post 1.4 the policy may be refreshed! use false for pre 1.4. */ 72: private boolean staticBinding; 73: 74: /** 75: * Initializes a new instance of <code>ProtectionDomain</code> representing 76: * the specified {@link CodeSource} and set of permissions. No permissions 77: * can be added later to the {@link PermissionCollection} and this contructor 78: * will call the <code>setReadOnly</code> method on the specified set of 79: * permissions. 80: * 81: * @param codesource 82: * The {@link CodeSource} for this domain. 83: * @param permissions 84: * The set of permissions for this domain. 85: * @see PermissionCollection#setReadOnly() 86: */ 87: public ProtectionDomain(CodeSource codesource, PermissionCollection permissions) 88: { 89: this(codesource, permissions, null, null, true); 90: } 91: 92: /** 93: * This method initializes a new instance of <code>ProtectionDomain</code> 94: * given its {@link CodeSource}, granted permissions, associated 95: * {@link ClassLoader} and {@link Principal}s. 96: * 97: * <p>Similar to the previous constructor, if the designated set of 98: * permissions is not <code>null</code>, the <code>setReadOnly</code> method 99: * is called on that set.</p> 100: * 101: * @param codesource 102: * The {@link CodeSource} for this domain. 103: * @param permissions 104: * The permission set for this domain. 105: * @param classloader 106: * the ClassLoader associated with this domain. 107: * @param principals 108: * the array of {@link Principal}s associated with this domain. 109: * @since 1.4 110: * @see PermissionCollection#setReadOnly() 111: */ 112: public ProtectionDomain(CodeSource codesource, 113: PermissionCollection permissions, 114: ClassLoader classloader, Principal[] principals) 115: { 116: this(codesource, permissions, classloader, principals, false); 117: } 118: 119: private ProtectionDomain(CodeSource codesource, 120: PermissionCollection permissions, 121: ClassLoader classloader, Principal[] principals, 122: boolean staticBinding) 123: { 124: super(); 125: 126: code_source = codesource; 127: if (permissions != null) 128: { 129: perms = permissions; 130: perms.setReadOnly(); 131: } 132: 133: this.classloader = classloader; 134: this.principals = 135: (principals != null ? (Principal[]) principals.clone() : new Principal[0]); 136: this.staticBinding = staticBinding; 137: } 138: 139: /** 140: * Returns the {@link CodeSource} of this domain. 141: * 142: * @return the {@link CodeSource} of this domain. 143: * @since 1.2 144: */ 145: public final CodeSource getCodeSource() 146: { 147: return code_source; 148: } 149: 150: /** 151: * Returns the {@link ClassLoader} of this domain. 152: * 153: * @return the {@link ClassLoader} of this domain. 154: * @since 1.4 155: */ 156: public final ClassLoader getClassLoader() 157: { 158: return this.classloader; 159: } 160: 161: /** 162: * Returns a clone of the {@link Principal}s of this domain. 163: * 164: * @return a clone of the {@link Principal}s of this domain. 165: * @since 1.4 166: */ 167: public final Principal[] getPrincipals() 168: { 169: return (Principal[]) principals.clone(); 170: } 171: 172: /** 173: * Returns the {@link PermissionCollection} of this domain. 174: * 175: * @return The {@link PermissionCollection} of this domain. 176: */ 177: public final PermissionCollection getPermissions() 178: { 179: return perms; 180: } 181: 182: /** 183: * Tests whether or not the specified {@link Permission} is implied by the 184: * set of permissions granted to this domain. 185: * 186: * @param permission 187: * the {@link Permission} to test. 188: * @return <code>true</code> if the specified {@link Permission} is implied 189: * for this domain, <code>false</code> otherwise. 190: */ 191: public boolean implies(Permission permission) 192: { 193: if (staticBinding) 194: return (perms == null ? false : perms.implies(permission)); 195: // Else dynamically bound. Do we have it? 196: // NOTE: this will force loading of Policy.currentPolicy 197: return Policy.getCurrentPolicy().implies(this, permission); 198: } 199: 200: /** 201: * Returns a string representation of this object. It will include the 202: * {@link CodeSource} and set of permissions associated with this domain. 203: * 204: * @return A string representation of this object. 205: */ 206: public String toString() 207: { 208: String linesep = SystemProperties.getProperty("line.separator"); 209: CPStringBuilder sb = new CPStringBuilder("ProtectionDomain (").append(linesep); 210: 211: if (code_source == null) 212: sb.append("CodeSource:null"); 213: else 214: sb.append(code_source); 215: 216: sb.append(linesep); 217: if (classloader == null) 218: sb.append("ClassLoader:null"); 219: else 220: sb.append(classloader); 221: 222: sb.append(linesep); 223: sb.append("Principals:"); 224: if (principals != null && principals.length > 0) 225: { 226: sb.append("["); 227: Principal pal; 228: for (int i = 0; i < principals.length; i++) 229: { 230: pal = principals[i]; 231: sb.append("'").append(pal.getName()) 232: .append("' of type ").append(pal.getClass().getName()); 233: if (i < principals.length-1) 234: sb.append(", "); 235: } 236: sb.append("]"); 237: } 238: else 239: sb.append("none"); 240: 241: sb.append(linesep); 242: if (!staticBinding) // include all but dont force loading Policy.currentPolicy 243: if (Policy.isLoaded()) 244: sb.append(Policy.getCurrentPolicy().getPermissions(this)); 245: else // fallback on this one's permissions 246: sb.append(perms); 247: else 248: sb.append(perms); 249: 250: return sb.append(linesep).append(")").append(linesep).toString(); 251: } 252: }