Search in sources :

Example 21 with PermissionCollection

use of java.security.PermissionCollection in project stanbol by apache.

the class UserAwarePolicy method getPermissions.

@Override
public PermissionCollection getPermissions(final ProtectionDomain domain) {
    PermissionCollection result;
    Principal[] principals = domain.getPrincipals();
    if (principals.length > 0) {
        final Principal user = domain.getPrincipals()[0];
        result = cache.getCachedUserPermissions(user);
        if (result != null) {
            return result;
        } else {
            result = getUserPermissionsFromSystemGraph(user);
            cache.cacheUserPermissions(user, result);
        }
    } else {
        result = originalPolicy.getPermissions(domain);
    }
    return result;
}
Also used : PermissionCollection(java.security.PermissionCollection) Principal(java.security.Principal)

Example 22 with PermissionCollection

use of java.security.PermissionCollection in project tomcat by apache.

the class WebappClassLoaderBase method getPermissions.

/**
     * Get the Permissions for a CodeSource.  If this instance
     * of WebappClassLoaderBase is for a web application context,
     * add read FilePermission for the appropriate resources.
     *
     * @param codeSource where the code was loaded from
     * @return PermissionCollection for CodeSource
     */
@Override
protected PermissionCollection getPermissions(CodeSource codeSource) {
    String codeUrl = codeSource.getLocation().toString();
    PermissionCollection pc;
    if ((pc = loaderPC.get(codeUrl)) == null) {
        pc = super.getPermissions(codeSource);
        if (pc != null) {
            Iterator<Permission> perms = permissionList.iterator();
            while (perms.hasNext()) {
                Permission p = perms.next();
                pc.add(p);
            }
            loaderPC.put(codeUrl, pc);
        }
    }
    return (pc);
}
Also used : PermissionCollection(java.security.PermissionCollection) FilePermission(java.io.FilePermission) Permission(java.security.Permission)

Example 23 with PermissionCollection

use of java.security.PermissionCollection in project tomcat by apache.

the class WebappClassLoaderBase method check.

@Override
public boolean check(Permission permission) {
    if (!Globals.IS_SECURITY_ENABLED) {
        return true;
    }
    Policy currentPolicy = Policy.getPolicy();
    if (currentPolicy != null) {
        URL contextRootUrl = resources.getResource("/").getCodeBase();
        CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null);
        PermissionCollection pc = currentPolicy.getPermissions(cs);
        if (pc.implies(permission)) {
            return true;
        }
    }
    return false;
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) CodeSource(java.security.CodeSource) URL(java.net.URL) Certificate(java.security.cert.Certificate)

Example 24 with PermissionCollection

use of java.security.PermissionCollection in project jetty.project by eclipse.

the class WebAppClassLoader method getPermissions.

/* ------------------------------------------------------------ */
@Override
public PermissionCollection getPermissions(CodeSource cs) {
    PermissionCollection permissions = _context.getPermissions();
    PermissionCollection pc = (permissions == null) ? super.getPermissions(cs) : permissions;
    return pc;
}
Also used : PermissionCollection(java.security.PermissionCollection)

Example 25 with PermissionCollection

use of java.security.PermissionCollection in project elasticsearch by elastic.

the class PluginSecurity method readPolicy.

/**
     * Reads plugin policy, prints/confirms exceptions
     */
static void readPolicy(Path file, Terminal terminal, Environment environment, boolean batch) throws IOException {
    PermissionCollection permissions = parsePermissions(terminal, file, environment.tmpFile());
    List<Permission> requested = Collections.list(permissions.elements());
    if (requested.isEmpty()) {
        terminal.println(Verbosity.VERBOSE, "plugin has a policy file with no additional permissions");
        return;
    }
    // sort permissions in a reasonable order
    Collections.sort(requested, new Comparator<Permission>() {

        @Override
        public int compare(Permission o1, Permission o2) {
            int cmp = o1.getClass().getName().compareTo(o2.getClass().getName());
            if (cmp == 0) {
                String name1 = o1.getName();
                String name2 = o2.getName();
                if (name1 == null) {
                    name1 = "";
                }
                if (name2 == null) {
                    name2 = "";
                }
                cmp = name1.compareTo(name2);
                if (cmp == 0) {
                    String actions1 = o1.getActions();
                    String actions2 = o2.getActions();
                    if (actions1 == null) {
                        actions1 = "";
                    }
                    if (actions2 == null) {
                        actions2 = "";
                    }
                    cmp = actions1.compareTo(actions2);
                }
            }
            return cmp;
        }
    });
    terminal.println(Verbosity.NORMAL, "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
    terminal.println(Verbosity.NORMAL, "@     WARNING: plugin requires additional permissions     @");
    terminal.println(Verbosity.NORMAL, "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
    // print all permissions:
    for (Permission permission : requested) {
        terminal.println(Verbosity.NORMAL, "* " + formatPermission(permission));
    }
    terminal.println(Verbosity.NORMAL, "See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html");
    terminal.println(Verbosity.NORMAL, "for descriptions of what these permissions allow and the associated risks.");
    if (!batch) {
        terminal.println(Verbosity.NORMAL, "");
        String text = terminal.readText("Continue with installation? [y/N]");
        if (!text.equalsIgnoreCase("y")) {
            throw new RuntimeException("installation aborted by user");
        }
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) UnresolvedPermission(java.security.UnresolvedPermission) Permission(java.security.Permission)

Aggregations

PermissionCollection (java.security.PermissionCollection)45 Permissions (java.security.Permissions)16 Permission (java.security.Permission)14 FilePermission (java.io.FilePermission)11 ProtectionDomain (java.security.ProtectionDomain)11 CodeSource (java.security.CodeSource)9 Policy (java.security.Policy)9 AllPermission (java.security.AllPermission)6 IOException (java.io.IOException)5 SocketPermission (java.net.SocketPermission)5 URL (java.net.URL)5 File (java.io.File)4 Path (java.nio.file.Path)4 AccessControlContext (java.security.AccessControlContext)4 Principal (java.security.Principal)3 ArrayList (java.util.ArrayList)3 Enumeration (java.util.Enumeration)3 Test (org.junit.Test)3 UnresolvedPermission (java.security.UnresolvedPermission)2 Certificate (java.security.cert.Certificate)2