001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017
018 package org.apache.geronimo.security.jacc;
019
020 import java.security.CodeSource;
021 import java.security.Permission;
022 import java.security.PermissionCollection;
023 import java.security.Policy;
024 import java.security.ProtectionDomain;
025 import javax.security.jacc.PolicyContext;
026 import javax.security.jacc.PolicyContextException;
027
028
029 /**
030 * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
031 */
032 public class GeronimoPolicy extends Policy {
033 private final Policy root;
034 private GeronimoPolicyConfigurationFactory factory;
035 private boolean loaded;
036
037 public GeronimoPolicy() {
038 String provider = System.getProperty("org.apache.geronimo.jacc.policy.provider");
039
040 if (provider == null) {
041 root = Policy.getPolicy();
042 } else {
043 try {
044 Object obj = Class.forName(provider).newInstance();
045 if (obj instanceof Policy) {
046 root = (Policy) obj;
047 } else {
048 throw new RuntimeException(provider + "is not a type of java.security.Policy");
049 }
050 } catch (InstantiationException e) {
051 throw new RuntimeException("Unable to create an instance of " + provider, e);
052 } catch (IllegalAccessException e) {
053 throw new RuntimeException("Unable to create an instance of " + provider, e);
054 } catch (ClassNotFoundException e) {
055 throw new RuntimeException("Unable to create an instance of " + provider, e);
056 }
057 }
058 root.refresh();
059 }
060
061 public PermissionCollection getPermissions(CodeSource codesource) {
062
063 if (root != null) return root.getPermissions(codesource);
064
065 return null;
066 }
067
068 public void refresh() {
069 }
070
071 public boolean implies(ProtectionDomain domain, Permission permission) {
072
073 if (!loaded) {
074 factory = GeronimoPolicyConfigurationFactory.getSingleton();
075 loaded = true;
076 }
077
078 if (factory != null) {
079 String contextID = PolicyContext.getContextID();
080 if (contextID != null) {
081 try {
082 GeronimoPolicyConfiguration configuration = factory.getGeronimoPolicyConfiguration(contextID);
083
084 if (configuration.inService()) {
085 if (configuration.implies(domain, permission)) return true;
086 } else {
087 return false;
088 }
089 } catch (PolicyContextException e) {
090 }
091 }
092 }
093 if (root != null) return root.implies(domain, permission);
094
095 return false;
096 }
097 }