You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by dl...@apache.org on 2006/01/30 02:38:26 UTC
svn commit: r373412 - in
/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl:
AuthorizationProviderImpl.java JaasPolicyCoordinator.java
Author: dlestrat
Date: Sun Jan 29 17:38:22 2006
New Revision: 373412
URL: http://svn.apache.org/viewcvs?rev=373412&view=rev
Log:
https://issues.apache.org/jira/browse/JS2-444#action_12364417
Added:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/JaasPolicyCoordinator.java
Modified:
portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthorizationProviderImpl.java
Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthorizationProviderImpl.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthorizationProviderImpl.java?rev=373412&r1=373411&r2=373412&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthorizationProviderImpl.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/AuthorizationProviderImpl.java Sun Jan 29 17:38:22 2006
@@ -15,13 +15,10 @@
package org.apache.jetspeed.security.impl;
import java.security.Policy;
+import java.util.Collections;
import java.util.List;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.security.AuthorizationProvider;
-import org.apache.jetspeed.security.PolicyWrapper;
-import org.apache.jetspeed.security.SecurityPolicies;
/**
* @see org.apache.jetspeed.security.AuthorizationProvider
@@ -30,8 +27,6 @@
public class AuthorizationProviderImpl implements AuthorizationProvider
{
- private static final Log log = LogFactory.getLog(AuthorizationProviderImpl.class);
-
/**
* <p>
* Constructor for adding another policy to be enforced. This constructor makes the assumption
@@ -43,35 +38,8 @@
*/
public AuthorizationProviderImpl(Policy policy, boolean useDefaultPolicy)
{
- List securityPolicies = SecurityPolicies.getInstance().getPolicies();
- // Add the default policy to the list of SecurityPolicies.
Policy defaultPolicy = Policy.getPolicy();
- if (!securityPolicies.contains(defaultPolicy))
- {
- if (log.isDebugEnabled())
- {
- log.debug("Adding default policy to security policies: " + defaultPolicy.getClass().getName());
- }
- PolicyWrapper defaultPolicyWrap = new PolicyWrapper(defaultPolicy, useDefaultPolicy, true);
- SecurityPolicies.getInstance().addPolicy(defaultPolicyWrap);
- }
-
- if (!securityPolicies.contains(policy))
- {
- if (log.isDebugEnabled())
- {
- log.debug("Adding custom policy to security policies: " + policy.getClass().getName());
- }
- PolicyWrapper policyWrap = new PolicyWrapper(policy, true, false);
- SecurityPolicies.getInstance().addPolicy(policyWrap);
- }
-
- // Use the primary policy.
- if (log.isDebugEnabled())
- {
- log.debug("Setting current policy: " + policy.getClass().getName());
- }
- Policy.setPolicy(policy);
+ Policy.setPolicy(new JaasPolicyCoordinator(defaultPolicy, policy));
Policy.getPolicy().refresh();
}
@@ -80,7 +48,7 @@
*/
public List getPolicies()
{
- return SecurityPolicies.getInstance().getPolicies();
+ return Collections.EMPTY_LIST;
}
/**
@@ -88,18 +56,6 @@
*/
public void useDefaultPolicy(boolean whetherToUseDefaultPolicy)
{
- List wrappedPolicies = SecurityPolicies.getInstance().getWrappedPolicies();
- if (whetherToUseDefaultPolicy)
- {
- for (int i = 0; i < wrappedPolicies.size(); i++)
- {
- PolicyWrapper currWrappedPolicy = (PolicyWrapper) wrappedPolicies.get(i);
- if (currWrappedPolicy.isDefaultPolicy())
- {
- currWrappedPolicy.setUseAsPolicy(true);
- }
- }
- }
}
}
Added: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/JaasPolicyCoordinator.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/JaasPolicyCoordinator.java?rev=373412&view=auto
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/JaasPolicyCoordinator.java (added)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/impl/JaasPolicyCoordinator.java Sun Jan 29 17:38:22 2006
@@ -0,0 +1,80 @@
+/* Copyright 2004 Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.jetspeed.security.impl;
+
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Policy;
+import java.security.ProtectionDomain;
+
+/**
+ * <p>
+ * Provide coordination between the default policy and Jetspeed custom policy.
+ * </p>
+ */
+public class JaasPolicyCoordinator extends Policy
+{
+ private final Policy defaultPolicy;
+
+ private final Policy j2Policy;
+
+ /**
+ * <p>
+ * Constructor for coordinating the policies.
+ * </p>
+ *
+ * @param defaultPolicy The default policy.
+ * @param j2Policy Jetspeed policy.
+ */
+ public JaasPolicyCoordinator(Policy defaultPolicy, Policy j2Policy)
+ {
+ this.defaultPolicy = defaultPolicy;
+ this.j2Policy = j2Policy;
+ }
+
+ /**
+ * @see java.security.Policy#getPermissions(java.security.CodeSource)
+ */
+ public PermissionCollection getPermissions(CodeSource codeSource)
+ {
+ return defaultPolicy.getPermissions(codeSource);
+ }
+
+ /**
+ * @see java.security.Policy#refresh()
+ */
+ public void refresh()
+ {
+ defaultPolicy.refresh();
+ j2Policy.refresh();
+ }
+
+ /**
+ * @see java.security.Policy#implies(java.security.ProtectionDomain, java.security.Permission)
+ */
+ public boolean implies(ProtectionDomain domain, Permission permission)
+ {
+ if (permission.getClass().getName().startsWith("java"))
+ {
+ return defaultPolicy.implies(domain, permission);
+ }
+ else
+ {
+ return j2Policy.implies(domain, permission);
+ }
+ }
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org