public class PolicyFileProvider
extends org.apache.river.api.security.AbstractPolicy
UmbrellaGrantPermission
s as shorthand notation for
GrantPermission
s covering all permissions authorized to given
protection domains.Policy.Parameters
ALL_PERMISSION, comparator, umbrella
UNSUPPORTED_EMPTY_COLLECTION
Constructor and Description |
---|
PolicyFileProvider()
Deprecated.
DynamicPolicyProvider now supports Umbrella grants directly.
|
PolicyFileProvider(String policyFile)
Creates a
PolicyFileProvider whose starting set of
permission mappings is the same as those that would result from
constructing a new instance of the J2SE default security policy provider
with the java.security.policy system property set to the
value of policyFile , except that
UmbrellaGrantPermission s are expanded into
GrantPermission s as described in the documentation for
UmbrellaGrantPermission . |
Modifier and Type | Method and Description |
---|---|
PermissionCollection |
getPermissions(CodeSource source)
Behaves as specified by
Policy.getPermissions(CodeSource) . |
PermissionCollection |
getPermissions(ProtectionDomain domain)
Behaves as specified by
Policy.getPermissions(ProtectionDomain) . |
boolean |
implies(ProtectionDomain domain,
Permission permission)
Behaves as specified by
Policy.implies(java.security.ProtectionDomain, java.security.Permission) . |
void |
refresh()
Refreshes the policy configuration by calling
refresh on
the base policy. |
checkCallerHasGrants, checkNullElements, convert, expandUmbrella, extractGrantFromPolicy, processGrants
getInstance, getInstance, getInstance, getParameters, getPolicy, getProvider, getType, setPolicy
@Deprecated public PolicyFileProvider() throws PolicyInitializationException
PolicyFileProvider
whose starting set of
permission mappings is the same as those that would result from
constructing a new instance of the J2SE default security policy provider
with the current java.security.policy
system property
setting (if any), except that UmbrellaGrantPermission
s are
expanded into GrantPermission
s as described in the
documentation for UmbrellaGrantPermission
.
The constructed PolicyFileProvider
contains an instance of
the J2SE default security policy provider, which is created as follows:
if the
net.jini.security.policy.PolicyFileProvider.basePolicyClass
security property is set, then its value is interpreted as the class
name of the base (underlying) J2SE default policy provider; otherwise,
an implementation-specific default class name is used. The base policy
is then instantiated using the no-arg public constructor of the named
class. If the base policy class is not found or is not instantiable via
a public no-arg constructor, or if invocation of its constructor fails,
then a PolicyInitializationException
is thrown.
Note that this constructor requires the appropriate
"getProperty"
SecurityPermission
to
read the
net.jini.security.policy.PolicyFileProvider.basePolicyClass
security property, and may require "accessClassInPackage.*"
RuntimePermission
s, depending on the package of the base policy
class.
PolicyInitializationException
- if unable to construct the base
policySecurityException
- if there is a security manager and the
calling context does not have adequate permissions to read the
net.jini.security.policy.PolicyFileProvider.basePolicyClass
security property, or if the calling context does not have
adequate permissions to access the base policy classpublic PolicyFileProvider(String policyFile) throws PolicyInitializationException
PolicyFileProvider
whose starting set of
permission mappings is the same as those that would result from
constructing a new instance of the J2SE default security policy provider
with the java.security.policy
system property set to the
value of policyFile
, except that
UmbrellaGrantPermission
s are expanded into
GrantPermission
s as described in the documentation for
UmbrellaGrantPermission
.
The constructed PolicyFileProvider
contains an instance of
the J2SE default security policy provider, which is created as described
in the documentation for PolicyFileProvider()
. Before
instantiating the base (underlying) J2SE default policy provider, this
constructor sets the java.security.policy
system property
to the value of policyFile
; after instantiation of the base
policy instance has completed (normally or otherwise), the
java.security.policy
system property is reset to its prior
value. Internal synchronization ensures that concurrent calls to this
constructor and/or the refresh()
method of this class (which may
also modify java.security.policy
) will not interfere with
the java.security.policy
values set and restored by each.
No synchronization is done with any other accesses or modifications to
java.security.policy
.
Note that this constructor requires PropertyPermission
to read and write the java.security.policy
system property,
SecurityPermission
to read the
net.jini.security.policy.PolicyFileProvider.basePolicyClass
security property, and may require "accessClassInPackage.*"
RuntimePermission
s, depending on the package of the base policy
class.
policyFile
- URL string specifying location of the policy file to
useNullPointerException
- if policyFile
is
null
PolicyInitializationException
- if unable to construct the base
policySecurityException
- if there is a security manager and the
calling context does not have adequate permissions to read and
write the java.security.policy
system property, to
read the
net.jini.security.policy.PolicyFileProvider.basePolicyClass
security property, or to access the base policy classpublic PermissionCollection getPermissions(CodeSource source)
Policy.getPermissions(CodeSource)
.getPermissions
in class Policy
public PermissionCollection getPermissions(ProtectionDomain domain)
Policy.getPermissions(ProtectionDomain)
.getPermissions
in class Policy
public boolean implies(ProtectionDomain domain, Permission permission)
Policy.implies(java.security.ProtectionDomain, java.security.Permission)
.public void refresh()
refresh
on
the base policy. If this PolicyFileProvider
instance was
constructed with an explicit policy file value, then the
java.security.policy
system property is set to that value
prior to invoking refresh
on the base policy; once the base
policy refresh
call has completed, the
java.security.policy
system property is reset to its prior
value. Internal synchronization ensures that concurrent invocations of
this method and/or the PolicyFileProvider(String)
constructor
(which also modifies java.security.policy
) will not
interfere with the java.security.policy
values set and
restored by each. No synchronization is done with any other accesses
or modifications to java.security.policy
.