You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@river.apache.org by pe...@apache.org on 2010/05/26 13:15:06 UTC
svn commit: r948395 - in /incubator/river/jtsk/trunk/src: com/sun/jini/tool/
net/jini/security/policy/ org/apache/river/imp/security/policy/cdc/
org/apache/river/imp/security/policy/concurrent/
Author: peter_firmstone
Date: Wed May 26 11:15:06 2010
New Revision: 948395
URL: http://svn.apache.org/viewvc?rev=948395&view=rev
Log:
River-340 Additional Grants
Modified:
incubator/river/jtsk/trunk/src/com/sun/jini/tool/DebugDynamicPolicyProvider.java
incubator/river/jtsk/trunk/src/net/jini/security/policy/DynamicPolicyProvider.java
incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/cdc/DynamicPolicyProviderImpl.java
incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/concurrent/DynamicConcurrentPolicyProvider.java
Modified: incubator/river/jtsk/trunk/src/com/sun/jini/tool/DebugDynamicPolicyProvider.java
URL: http://svn.apache.org/viewvc/incubator/river/jtsk/trunk/src/com/sun/jini/tool/DebugDynamicPolicyProvider.java?rev=948395&r1=948394&r2=948395&view=diff
==============================================================================
--- incubator/river/jtsk/trunk/src/com/sun/jini/tool/DebugDynamicPolicyProvider.java (original)
+++ incubator/river/jtsk/trunk/src/com/sun/jini/tool/DebugDynamicPolicyProvider.java Wed May 26 11:15:06 2010
@@ -43,15 +43,15 @@ import net.jini.security.policy.PolicyIn
/**
* Defines a {@link DynamicPolicy} that logs information about missing
* permissions, and optionally grants all permissions, which is <b>FOR
- * DEBUGGING ONLY</b>. Do not use this security policy provider to grantCodeSource
+ * DEBUGGING ONLY</b>. Do not use this security policy provider to grant
* all permissions in a production environment. <p>
*
* This class is intended to simplify the process of deciding what security
- * permissions to grantCodeSource to run an application. While it is generally
- * acceptable to grantCodeSource all permissions to local, trusted code, downloaded
+ * permissions to grant to run an application. While it is generally
+ * acceptable to grant all permissions to local, trusted code, downloaded
* code should typically be granted the least permission possible. <p>
*
- * The usual approach to choosing which permissions to grantCodeSource is to start by
+ * The usual approach to choosing which permissions to grant is to start by
* running the application with a security policy file that grants all
* permissions to local, trusted code. When the application fails with an
* exception message that identifies a missing permission, add that
@@ -170,7 +170,7 @@ public class DebugDynamicPolicyProvider
private static final Logger logger =
Logger.getLogger("net.jini.security.policy");
- /* If true, always grantCodeSource permission */
+ /* If true, always grant permission */
private static boolean grantAll =
((Boolean) AccessController.doPrivileged(
new PrivilegedAction() {
Modified: incubator/river/jtsk/trunk/src/net/jini/security/policy/DynamicPolicyProvider.java
URL: http://svn.apache.org/viewvc/incubator/river/jtsk/trunk/src/net/jini/security/policy/DynamicPolicyProvider.java?rev=948395&r1=948394&r2=948395&view=diff
==============================================================================
--- incubator/river/jtsk/trunk/src/net/jini/security/policy/DynamicPolicyProvider.java (original)
+++ incubator/river/jtsk/trunk/src/net/jini/security/policy/DynamicPolicyProvider.java Wed May 26 11:15:06 2010
@@ -68,7 +68,7 @@ public class DynamicPolicyProvider exten
private static final Logger logger =
Logger.getLogger("net.jini.security.policy");
// Debugging can be done with an SPI implementation
-// /* If true, always grantCodeSource permission */
+// /* If true, always grant permission */
// @SuppressWarnings("unchecked")
// private static volatile boolean grantAll =
// ((Boolean) AccessController.doPrivileged(
Modified: incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/cdc/DynamicPolicyProviderImpl.java
URL: http://svn.apache.org/viewvc/incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/cdc/DynamicPolicyProviderImpl.java?rev=948395&r1=948394&r2=948395&view=diff
==============================================================================
--- incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/cdc/DynamicPolicyProviderImpl.java (original)
+++ incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/cdc/DynamicPolicyProviderImpl.java Wed May 26 11:15:06 2010
@@ -50,7 +50,7 @@ import org.apache.river.imp.security.pol
/**
* Security policy provider that supports dynamic granting of permissions at
- * run-time. This provider is designed as a wrapper to layer dynamic grantCodeSource
+ * run-time. This provider is designed as a wrapper to layer dynamic grant
* functionality on top of an underlying policy provider. If the underlying
* provider does not implement the {@link DynamicPolicy} interface, then its
* permission mappings are assumed to change only when its {@link
@@ -171,7 +171,7 @@ public class DynamicPolicyProviderImpl e
return true;
}
- // documentation inherited from DynamicPolicy.grantCodeSource
+ // documentation inherited from DynamicPolicy.grant
public void grant(Class cl,
Principal[] principals,
Permission[] permissions)
Modified: incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/concurrent/DynamicConcurrentPolicyProvider.java
URL: http://svn.apache.org/viewvc/incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/concurrent/DynamicConcurrentPolicyProvider.java?rev=948395&r1=948394&r2=948395&view=diff
==============================================================================
--- incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/concurrent/DynamicConcurrentPolicyProvider.java (original)
+++ incubator/river/jtsk/trunk/src/org/apache/river/imp/security/policy/concurrent/DynamicConcurrentPolicyProvider.java Wed May 26 11:15:06 2010
@@ -79,12 +79,12 @@ import org.apache.river.imp.util.Concurr
* <p>
* It is thus reccommeded that Static policy files only be used for files
* where the level of trust is relatively static. This is the only implementation
- * where a dyanamic grantCodeSource can be removed. In the case of Proxy trust, a proxy
+ * where a dyanamic grant can be removed. In the case of Proxy trust, a proxy
* is no longer trusted when it has lost contact with it's Principal (server)
* because the server cannot be asked if it trusts it's proxy and the proxy
* cannot be given a thread of control to find it's server because it has
* already attained too many Permissions. In this new implementation it should
- * be possible to revoke AllPermission and grantCodeSource Permissions dynamically as
+ * be possible to revoke AllPermission and grant Permissions dynamically as
* trust is gained.</p>
* <p>
* This may cause some undesireable side effects in existing programs.
@@ -237,7 +237,7 @@ public class DynamicConcurrentPolicyProv
// and remove all grants that may be granted by other means.
// such as ProtectionDomain or Principals alone.
// When we have Certificates we might want to check that
- // too because otherwise we might remove a grantCodeSource that doesn't
+ // too because otherwise we might remove a grant that doesn't
// imply or apply.
if ( ge.impliesPrincipals(loader == null ? null : principals)
&& ge.impliesClassLoader(loader)) {
@@ -371,7 +371,7 @@ public class DynamicConcurrentPolicyProv
}
/**
- * Calling refresh doesn't remove any dynamic grantCodeSource's, it only clears
+ * Calling refresh doesn't remove any dynamic grant's, it only clears
* the cache and refreshes the underlying Policy, it also removes any
* grants for ProtectionDomains that no longer exist.
*/
@@ -461,7 +461,7 @@ public class DynamicConcurrentPolicyProv
// and remove all grants that may be granted by other means.
// such as ProtectionDomain or Principals alone.
// When we have Certificates we might want to check that
- // too because otherwise we might remove a grantCodeSource that doesn't
+ // too because otherwise we might remove a grant that doesn't
// imply or apply.
if ( ge.impliesPrincipals(loader == null ? null : principals)
&& ge.impliesClassLoader(loader)) {