You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@river.apache.org by pe...@apache.org on 2012/10/07 08:50:41 UTC
svn commit: r1395235 - in
/river/jtsk/trunk/src/org/apache/river/api/security: CodeSourceGrant.java
CodeSourceSetGrant.java DelegatePermission.java PermissionGrantBuilder.java
PermissionGrantBuilderImp.java package.html
Author: peter_firmstone
Date: Sun Oct 7 06:50:40 2012
New Revision: 1395235
URL: http://svn.apache.org/viewvc?rev=1395235&view=rev
Log:
Remove unnecessary new classes prior to release and perform some minor refactoring
Removed:
river/jtsk/trunk/src/org/apache/river/api/security/CodeSourceGrant.java
river/jtsk/trunk/src/org/apache/river/api/security/CodeSourceSetGrant.java
Modified:
river/jtsk/trunk/src/org/apache/river/api/security/DelegatePermission.java
river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilder.java
river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilderImp.java
river/jtsk/trunk/src/org/apache/river/api/security/package.html
Modified: river/jtsk/trunk/src/org/apache/river/api/security/DelegatePermission.java
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/DelegatePermission.java?rev=1395235&r1=1395234&r2=1395235&view=diff
==============================================================================
--- river/jtsk/trunk/src/org/apache/river/api/security/DelegatePermission.java (original)
+++ river/jtsk/trunk/src/org/apache/river/api/security/DelegatePermission.java Sun Oct 7 06:50:40 2012
@@ -31,7 +31,6 @@ import java.util.Enumeration;
import java.util.TreeSet;
import java.util.Set;
import java.util.concurrent.ConcurrentMap;
-import java.util.concurrent.ConcurrentSkipListMap;
import au.net.zeus.collection.RC;
import au.net.zeus.collection.Ref;
import au.net.zeus.collection.Referrer;
@@ -40,7 +39,6 @@ import java.io.StringReader;
import java.lang.reflect.Constructor;
import java.lang.reflect.Modifier;
import java.security.UnresolvedPermission;
-import java.util.concurrent.ConcurrentHashMap;
import org.apache.river.api.security.DefaultPolicyScanner.PermissionEntry;
import org.cliffc.high_scale_lib.NonBlockingHashMap;
@@ -66,13 +64,13 @@ import org.cliffc.high_scale_lib.NonBloc
*
* Security Delegates enable sensitive objects to be used by code that isn't
* fully trusted you may want to monitor, such as a
- * file write that is limited by the number of bytes written, or a Permission
- * to write a file, that we might decide to retract or revoke if a user
- * does something we don't like, such as exceed a pre set limit or behave
+ * file write that is limited by the number of bytes written, or Permission
+ * to write a file you later decide to retract or revoke if a user
+ * does something he or she shouldn't, such as exceed a pre set limit or behave
* in a manner we would like to avoid, such as hogging network bandwidth.
*
- * If the SecurityManager installed doesn't implement DelegateSecurityManager,
- * the DelegatePermission Guard's will be disabled. This allows delegate's
+ * The SecurityManager installed must implement DelegateSecurityManager,
+ * otherwise DelegatePermission Guard's will be disabled. This allows delegates
* to be included in code, the decision to utilise delegate functionality may
* delayed until runtime or deployment.
*
@@ -89,8 +87,8 @@ import org.cliffc.high_scale_lib.NonBloc
*
* PermissionCollection's are used mostly read only.
*
- * Serialization has been implemented so the implementation is not
- * tied to the serialized form, instead serialization proxy's are used.
+ * Serialization has been designed so the implementation is not
+ * tied to serialized form, by utilising a serialization proxy.
*
* The candidate permission name (also referred to as the "target name") of each
* <code>DelegatePermission</code> instance carries a string representation of the
Modified: river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilder.java
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilder.java?rev=1395235&r1=1395234&r2=1395235&view=diff
==============================================================================
--- river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilder.java (original)
+++ river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilder.java Sun Oct 7 06:50:40 2012
@@ -21,7 +21,6 @@ package org.apache.river.api.security;
import java.lang.ref.WeakReference;
import java.net.URI;
import java.net.URISyntaxException;
-import java.security.CodeSource;
import java.security.Permission;
import java.security.Principal;
import java.security.ProtectionDomain;
@@ -50,20 +49,7 @@ public abstract class PermissionGrantBui
* the ClassLoader
*/
public static final int CLASSLOADER = 0;
- /**
- * The PermissionGrant generated will apply to all classes loaded from
- * the CodeSource. This has been provided for strict compatibility
- * with the standard Java Policy, where a DNS lookup may be performed
- * to determine if CodeSource.implies(CodeSource). In addition, to
- * resolve a File URL, it will require disk access.
- *
- * This is very bad for Policy performance, it's use is discouraged,
- * so much so, it may removed.
- *
- * @deprecated use URI instead.
- */
- @Deprecated
- public static final int CODESOURCE = 1;
+
/**
* The PermissionGrant generated will apply to all classes belonging to
* the ProtectionDomain. This is actually a simplification for the
@@ -75,20 +61,20 @@ public abstract class PermissionGrantBui
* @see java.security.DomainCombiner
* @see javax.security.auth.SubjectDomainCombiner
*/
- public static final int PROTECTIONDOMAIN = 2;
+ public static final int PROTECTIONDOMAIN = 1;
/**
* The PermissionGrant generated will apply to all classes loaded from
* CodeSource's that have at a minimum the defined array Certificate[]
*
*/
- public static final int CODESOURCE_CERTS = 3;
+ public static final int CODESOURCE_CERTS = 2;
/**
* The PermissionGrant generated will apply to the Subject that has
* all the principals provided.
*
* @see Subject
*/
- public static final int PRINCIPAL = 4;
+ public static final int PRINCIPAL = 3;
/**
* The PermissionGrant generated will apply to the ProtectionDomain or
@@ -101,7 +87,7 @@ public abstract class PermissionGrantBui
* could allow an attacker to use DNS Cache poisoning to escalate
* Permission, by imitating a URL with greater privileges.
*/
- public static final int URI = 5;
+ public static final int URI = 4;
public static PermissionGrantBuilder newBuilder(){
return new PermissionGrantBuilderImp();
@@ -122,16 +108,6 @@ public abstract class PermissionGrantBui
* @throws IllegalStateException
*/
public abstract PermissionGrantBuilder context(int context) throws IllegalStateException;
- /**
- * Sets the CodeSource that will receive the PermissionGrant
- * @param cs
- * @return PermissionGrantBuilder
- * @deprecated use uri instead.
- */
- @Deprecated
- public abstract PermissionGrantBuilder codeSource(CodeSource cs);
-
- public abstract PermissionGrantBuilder multipleCodeSources();
public abstract PermissionGrantBuilder uri(URI uri);
/**
Modified: river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilderImp.java
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilderImp.java?rev=1395235&r1=1395234&r2=1395235&view=diff
==============================================================================
--- river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilderImp.java (original)
+++ river/jtsk/trunk/src/org/apache/river/api/security/PermissionGrantBuilderImp.java Sun Oct 7 06:50:40 2012
@@ -56,17 +56,13 @@ class PermissionGrantBuilderImp extends
// Serial Form
private URI[] uri;
- private CodeSource cs;
- private CodeSource[] csources;
private Certificate[] certs;
private Principal[] principals;
private Permission[] permissions;
private int context;
- private boolean hasMultipleCodeSources;
private boolean hasDomain;
// Transient Fields
- private transient Collection<CodeSource> multipleCodeSources;
private transient Collection<URI> uris;
private transient WeakReference<ProtectionDomain> domain;
@@ -82,16 +78,12 @@ class PermissionGrantBuilderImp extends
public final PermissionGrantBuilder reset() {
uri = null;
if (uris != null) uris.clear();
- cs = null;
certs = null;
domain = null;
hasDomain = false;
principals = null;
permissions = null;
context = -1;
- multipleCodeSources = null;
- csources = null;
- hasMultipleCodeSources = false;
return this;
}
@@ -99,8 +91,8 @@ class PermissionGrantBuilderImp extends
if (context < 0) {
throw new IllegalStateException("context must be >= 0");
}
- if (context > 5) {
- throw new IllegalStateException("context must be <= 5");
+ if (context > 4) {
+ throw new IllegalStateException("context must be <= 4");
}
this.context = context;
return this;
@@ -113,25 +105,6 @@ class PermissionGrantBuilderImp extends
return this;
}
- public PermissionGrantBuilder codeSource(CodeSource cs) {
- if (hasMultipleCodeSources){
- multipleCodeSources.add(cs);
- } else {
- this.cs = cs;
- }
- return this;
- }
-
- @Override
- public PermissionGrantBuilder multipleCodeSources() {
- hasMultipleCodeSources = true;
- multipleCodeSources = new HashSet<CodeSource>();
- csources = null;
- cs = null;
- return this;
- }
-
-
public PermissionGrantBuilder clazz(Class cl) {
if (cl != null) {
ProtectionDomain pd = cl.getProtectionDomain();
@@ -175,13 +148,6 @@ class PermissionGrantBuilderImp extends
if (uris != null && !uris.isEmpty() ) uri = uris.toArray(new URI[uris.size()]);
if (uri == null ) uri = new URI[0];
return new URIGrant(uri, certs, principals, permissions);
- case CODESOURCE:
- if (hasMultipleCodeSources) {
- if (multipleCodeSources != null) csources =
- multipleCodeSources.toArray(new CodeSource[multipleCodeSources.size()]);
- return new CodeSourceSetGrant(csources, principals, permissions);
- }
- return new CodeSourceGrant(cs, principals, permissions);
case CODESOURCE_CERTS:
return new CertificateGrant(certs, principals, permissions);
case PROTECTIONDOMAIN: //Dynamic grant
@@ -207,11 +173,6 @@ class PermissionGrantBuilderImp extends
}
private void writeObject(ObjectOutputStream out) throws IOException{
- if (hasMultipleCodeSources) {
- if (csources == null && multipleCodeSources != null) csources =
- multipleCodeSources.toArray(new CodeSource[multipleCodeSources.size()]);
- cs = null;
- }
if (uris != null && !uris.isEmpty()) uri = uris.toArray(new URI[uris.size()]);
out.defaultWriteObject();
}
Modified: river/jtsk/trunk/src/org/apache/river/api/security/package.html
URL: http://svn.apache.org/viewvc/river/jtsk/trunk/src/org/apache/river/api/security/package.html?rev=1395235&r1=1395234&r2=1395235&view=diff
==============================================================================
--- river/jtsk/trunk/src/org/apache/river/api/security/package.html (original)
+++ river/jtsk/trunk/src/org/apache/river/api/security/package.html Sun Oct 7 06:50:40 2012
@@ -24,11 +24,11 @@
</head>
<body bgcolor="white"
<p>
-This package contains a scalable cache based security manager that parallelises
-domain security checks. Also included is a concurrent
+This package contains a scalable cache based security manager that performs
+concurrent domain security checks. Also included is a concurrent
policy file provider to replace Java's standard offering, this policy provider
is in theory much faster after policy file parsing is complete, it uses an immutable data
-structure that supports highly scalable concurrent access and does not require
+structure that supports highly scalable concurrent access, does not require
further disk access and minimises network and DNS requirements.
</p><p>
Disk access of policy files is performed serially.