protected PermissionCollection getPermissions(CodeSource codeSource) { PermissionCollection perms; try { try { perms = super.getPermissions(codeSource); } catch (SecurityException e) { // We lied about our CodeSource and that makes URLClassLoader unhappy. perms = new Permissions(); } ProtectionDomain myDomain = AccessController.doPrivileged(new PrivilegedAction<ProtectionDomain>() { public ProtectionDomain run() { return getClass().getProtectionDomain(); } }); PermissionCollection myPerms = myDomain.getPermissions(); if (myPerms != null) { for (Enumeration<Permission> elements = myPerms.elements(); elements.hasMoreElements();) { perms.add(elements.nextElement()); } } } catch (Throwable e) { // We lied about our CodeSource and that makes URLClassLoader unhappy. perms = new Permissions(); } perms.setReadOnly(); return perms; }
public PermissionCollection getPermissions(CodeSource codesource) { Permissions p = new Permissions(); p.add(new AllPermission()); // enable everything return p; } public void refresh() {
/** * The central point in checking permissions. * Overridden from java.lang.SecurityManager * * @param perm The permission requested. */ @Override public void checkPermission(final java.security.Permission perm) { if (active) { if (delegateToOldSM && !perm.getName().equals("exitVM")) { boolean permOK = false; if (granted.implies(perm)) { permOK = true; } checkRevoked(perm); /* if the permission was not explicitly granted or revoked the original security manager will do its work */ if (!permOK && origSm != null) { origSm.checkPermission(perm); } } else { if (!granted.implies(perm)) { throw new SecurityException("Permission " + perm + " was not granted."); } checkRevoked(perm); } } }
/** * Get a read-only collection of the given permissions. * * @param permissions the permissions to assign * @return the read-only collection */ public static PermissionCollection readOnlyCollectionOf(Permission... permissions) { final int length = permissions.length; if (length == 0) { return EMPTY_PERMISSION_COLLECTION; } else { Permissions collection = new Permissions(); addAll(collection, Arrays.asList(permissions)); collection.setReadOnly(); return collection; } } }
@Override public void addToRole(String roleName, Permission permission) throws PolicyContextException { checkNotNullParam("roleName", roleName); checkNotNullParam("permission", permission); synchronized (this) { // prevents state change while adding checkIfInOpenState(); this.rolePermissions.computeIfAbsent(roleName, s -> new Permissions()).add(permission); } }
private static PermissionCollection copyPermissions(PermissionCollection permissionCollection) { final Permissions permissions = new Permissions(); final Enumeration<Permission> elements = permissionCollection.elements(); while (elements.hasMoreElements()) { permissions.add(elements.nextElement()); } permissions.setReadOnly(); return permissions; }
@Override public String toString() { List<Permission> ps = new ArrayList<Permission>(); for (Enumeration<Permission> e = perms.elements(); e.hasMoreElements();) { ps.add(e.nextElement()); } return "AdjustablePolicy with permissions " + ps; } }
private ProtectionDomain create(ProtectionDomain domain) { if (domain.implies(ACCESS_DECLARED_MEMBERS_PERMISSION)) { return domain; } PermissionCollection permissions = domain.getPermissions(); PermissionCollection proxyPermissions = new Permissions(); if (permissions != null) { Enumeration<Permission> permissionElements = permissions.elements(); while (permissionElements.hasMoreElements()) { proxyPermissions.add(permissionElements.nextElement()); } } proxyPermissions.add(ACCESS_DECLARED_MEMBERS_PERMISSION); return new ProtectionDomain(domain.getCodeSource(), proxyPermissions); }
private static boolean grantedIsExcluded(Permission granted, Permissions excluded) { boolean isExcluded = false; if (excluded != null) { if (!excluded.implies(granted)) { Enumeration e = excluded.elements(); while (!isExcluded && e.hasMoreElements()) { Permission excludedPerm = (Permission) e.nextElement(); if (granted.implies(excludedPerm)) { isExcluded = true; } } } else { isExcluded = true; } } if (logger.isLoggable(Level.FINEST)){ if (isExcluded) { logger.finest("JACC Policy Provider: permission is excluded: "+granted); } } return isExcluded; }
/** * @param permissions * @return */ public static int getPermissionsSize(final Permissions permissions) { int size = 0; final Enumeration<Permission> p = permissions.elements(); while (p.hasMoreElements()) { size++; } return size; }
private PermissionCollection copyOf(final PermissionCollection in) { PermissionCollection out = new Permissions(); synchronized (in) { for (Enumeration<Permission> el = in.elements() ; el.hasMoreElements() ;) { out.add((Permission)el.nextElement()); } } return out; }
/** * Removes permissions from <code>toBeChecked</code> that are implied by * <code>permission</code>. * * @param toBeChecked the permissions that are to be checked and possibly culled * @param permission the permission that is to be used for culling * @return the culled set of permissions that are not implied by <code>permission</code> */ private Permissions cullPermissions(Permissions toBeChecked, Permission permission) { Permissions result = new Permissions(); for (Enumeration e = toBeChecked.elements(); e.hasMoreElements();) { Permission test = (Permission) e.nextElement(); if (!permission.implies(test)) { result.add(test); } } return result; } }
private static Permissions createPermissions(List<Permission> permissionsList, List<InjectedValue<Permissions>> permissionSetInjectors) throws StartException { Permissions allPermissions = createPermissions(permissionsList); for (InjectedValue<Permissions> permissionSetInjector : permissionSetInjectors) { Permissions permissionSet = permissionSetInjector.getValue(); Enumeration<java.security.Permission> permissions = permissionSet.elements(); while (permissions.hasMoreElements()) { allPermissions.add(permissions.nextElement()); } } return allPermissions; }
/** * @see java.security.Policy#getPermissions(java.security.ProtectionDomain) */ public PermissionCollection getPermissions(ProtectionDomain domain) { PermissionCollection otherPerms = new Permissions(); if (null != domain) { otherPerms = getPermissions(domain.getCodeSource()); } return otherPerms; }
protected PermissionCollection createPermissions(CodeSource cs, InputOutput io) { PermissionCollection allPerms = new Permissions(); allPerms.add(new AllPermission()); allPerms.setReadOnly(); return allPerms; }
beanFactory.setSecurityContextProvider(null); Permissions perms = new Permissions(); perms.add(new AuthPermission("getSubject")); ProtectionDomain pd = new ProtectionDomain(null, perms);
@Override public PermissionCollection getPermissions(ProtectionDomain domain) { PermissionCollection result = new Permissions(); result.add(new AllPermission()); return result; } });
static Permissions addToRoleMap(HashMap<String, Permissions> map, String roleName, Permission p) { Permissions collection = map.get(roleName); if (collection == null) { collection = new Permissions(); map.put(roleName,collection); } collection.add(p); if (logger.isLoggable(Level.FINE)){ logger.log(Level.FINE,"JACC: constraint capture: adding methods to role: "+ roleName+" methods: " + p.getActions()); } return collection; }
private static final AccessControlContext allowedPermissionsAcc; static { // initialization of the allowed permissions PermissionCollection allowedPermissions = new Permissions(); allowedPermissions.add(new RuntimePermission("accessDeclaredMembers")); // ... <many more permissions here> ... allowedPermissionsAcc = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, allowedPermissions)}); }
/** * Returns the {@code PermissionCollection} for the specified {@code * CodeSource}. * * @param codesource * the code source. * @return the {@code PermissionCollection} for the specified {@code * CodeSource}. */ protected PermissionCollection getPermissions(CodeSource codesource) { // Do nothing by default, ProtectionDomain will take care about // permissions in dynamic return new Permissions(); }