001 /*
002 * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved.
003 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004 *
005 * This code is free software; you can redistribute it and/or modify it
006 * under the terms of the GNU General Public License version 2 only, as
007 * published by the Free Software Foundation. Sun designates this
008 * particular file as subject to the "Classpath" exception as provided
009 * by Sun in the LICENSE file that accompanied this code.
010 *
011 * This code is distributed in the hope that it will be useful, but WITHOUT
012 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014 * version 2 for more details (a copy is included in the LICENSE file that
015 * accompanied this code).
016 *
017 * You should have received a copy of the GNU General Public License version
018 * 2 along with this work; if not, write to the Free Software Foundation,
019 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020 *
021 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022 * CA 95054 USA or visit www.sun.com if you need additional information or
023 * have any questions.
024 */
025
026 package java.security;
027
028 /**
029 * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
030 * for the <code>Policy</code> class.
031 * All the abstract methods in this class must be implemented by each
032 * service provider who wishes to supply a Policy implementation.
033 *
034 * <p> Subclass implementations of this abstract class must provide
035 * a public constructor that takes a <code>Policy.Parameters</code>
036 * object as an input parameter. This constructor also must throw
037 * an IllegalArgumentException if it does not understand the
038 * <code>Policy.Parameters</code> input.
039 *
040 * @version 1.8, 05/05/07
041 *
042 * @since 1.6
043 */
044
045 public abstract class PolicySpi {
046
047 /**
048 * Check whether the policy has granted a Permission to a ProtectionDomain.
049 *
050 * @param domain the ProtectionDomain to check.
051 *
052 * @param permission check whether this permission is granted to the
053 * specified domain.
054 *
055 * @return boolean true if the permission is granted to the domain.
056 */
057 protected abstract boolean engineImplies(ProtectionDomain domain,
058 Permission permission);
059
060 /**
061 * Refreshes/reloads the policy configuration. The behavior of this method
062 * depends on the implementation. For example, calling <code>refresh</code>
063 * on a file-based policy will cause the file to be re-read.
064 *
065 * <p> The default implementation of this method does nothing.
066 * This method should be overridden if a refresh operation is supported
067 * by the policy implementation.
068 */
069 protected void engineRefresh() {
070 }
071
072 /**
073 * Return a PermissionCollection object containing the set of
074 * permissions granted to the specified CodeSource.
075 *
076 * <p> The default implementation of this method returns
077 * Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be
078 * overridden if the policy implementation can return a set of
079 * permissions granted to a CodeSource.
080 *
081 * @param codesource the CodeSource to which the returned
082 * PermissionCollection has been granted.
083 *
084 * @return a set of permissions granted to the specified CodeSource.
085 * If this operation is supported, the returned
086 * set of permissions must be a new mutable instance
087 * and it must support heterogeneous Permission types.
088 * If this operation is not supported,
089 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
090 */
091 protected PermissionCollection engineGetPermissions(
092 CodeSource codesource) {
093 return Policy.UNSUPPORTED_EMPTY_COLLECTION;
094 }
095
096 /**
097 * Return a PermissionCollection object containing the set of
098 * permissions granted to the specified ProtectionDomain.
099 *
100 * <p> The default implementation of this method returns
101 * Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be
102 * overridden if the policy implementation can return a set of
103 * permissions granted to a ProtectionDomain.
104 *
105 * @param domain the ProtectionDomain to which the returned
106 * PermissionCollection has been granted.
107 *
108 * @return a set of permissions granted to the specified ProtectionDomain.
109 * If this operation is supported, the returned
110 * set of permissions must be a new mutable instance
111 * and it must support heterogeneous Permission types.
112 * If this operation is not supported,
113 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
114 */
115 protected PermissionCollection engineGetPermissions(
116 ProtectionDomain domain) {
117 return Policy.UNSUPPORTED_EMPTY_COLLECTION;
118 }
119 }
|