001 /** 002 * 003 * Copyright 2003-2005 The Apache Software Foundation 004 * 005 * Licensed under the Apache License, Version 2.0 (the "License"); 006 * you may not use this file except in compliance with the License. 007 * You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 018 package org.apache.geronimo.security.jacc; 019 020 import java.security.CodeSource; 021 import java.security.Permission; 022 import java.security.PermissionCollection; 023 import java.security.Policy; 024 import java.security.ProtectionDomain; 025 import javax.security.jacc.PolicyContext; 026 import javax.security.jacc.PolicyContextException; 027 028 029 /** 030 * @version $Rev: 355877 $ $Date: 2005-12-10 18:48:27 -0800 (Sat, 10 Dec 2005) $ 031 */ 032 public class GeronimoPolicy extends Policy { 033 private final Policy root; 034 private GeronimoPolicyConfigurationFactory factory; 035 private boolean loaded; 036 037 public GeronimoPolicy() { 038 String provider = System.getProperty("org.apache.geronimo.jacc.policy.provider"); 039 040 if (provider == null) { 041 root = Policy.getPolicy(); 042 } else { 043 try { 044 Object obj = Class.forName(provider).newInstance(); 045 if (obj instanceof Policy) { 046 root = (Policy) obj; 047 } else { 048 throw new RuntimeException(provider + "is not a type of java.security.Policy"); 049 } 050 } catch (InstantiationException e) { 051 throw new RuntimeException("Unable to create an instance of " + provider, e); 052 } catch (IllegalAccessException e) { 053 throw new RuntimeException("Unable to create an instance of " + provider, e); 054 } catch (ClassNotFoundException e) { 055 throw new RuntimeException("Unable to create an instance of " + provider, e); 056 } 057 } 058 root.refresh(); 059 } 060 061 public PermissionCollection getPermissions(CodeSource codesource) { 062 063 if (root != null) return root.getPermissions(codesource); 064 065 return null; 066 } 067 068 public void refresh() { 069 } 070 071 public boolean implies(ProtectionDomain domain, Permission permission) { 072 073 if (!loaded) { 074 factory = GeronimoPolicyConfigurationFactory.getSingleton(); 075 loaded = true; 076 } 077 078 if (factory != null) { 079 String contextID = PolicyContext.getContextID(); 080 if (contextID != null) { 081 try { 082 GeronimoPolicyConfiguration configuration = factory.getGeronimoPolicyConfiguration(contextID); 083 084 if (configuration.inService()) { 085 if (configuration.implies(domain, permission)) return true; 086 } else { 087 return false; 088 } 089 } catch (PolicyContextException e) { 090 } 091 } 092 } 093 if (root != null) return root.implies(domain, permission); 094 095 return false; 096 } 097 }