001: /**
002: * JOnAS: Java(TM) Open Application Server
003: * Copyright (C) 2004 Bull S.A.
004: * Contact: jonas-team@objectweb.org
005: *
006: * This library is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU Lesser General Public
008: * License as published by the Free Software Foundation; either
009: * version 2.1 of the License, or any later version.
010: *
011: * This library is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this library; if not, write to the Free Software
018: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
019: * USA
020: *
021: * Initial developer: Florent BENOIT
022: * --------------------------------------------------------------------------
023: * $Id: JPolicyConfigurationFactory.java 4578 2004-04-09 09:58:27Z benoitf $
024: * --------------------------------------------------------------------------
025: */package org.objectweb.jonas_lib.security.jacc;
026:
027: import java.security.SecurityPermission;
028: import java.util.HashMap;
029: import java.util.Map;
030:
031: import javax.security.jacc.PolicyConfiguration;
032: import javax.security.jacc.PolicyConfigurationFactory;
033: import javax.security.jacc.PolicyContextException;
034:
035: import org.objectweb.util.monolog.api.BasicLevel;
036: import org.objectweb.util.monolog.api.Logger;
037:
038: import org.objectweb.jonas_lib.I18n;
039:
040: import org.objectweb.common.TraceCore;
041:
042: /**
043: * Defines the PolicyConfigurationFactory implementation class of JACC
044: * @author Florent Benoit
045: */
046: public class JPolicyConfigurationFactory extends
047: PolicyConfigurationFactory {
048:
049: /**
050: * Name of the Factory
051: */
052: public static final String FACTORY_NAME = "org.objectweb.jonas_lib.security.jacc.JPolicyConfigurationFactory";
053:
054: /**
055: * I18n
056: */
057: private static I18n i18n = I18n
058: .getInstance(JPolicyConfigurationFactory.class);
059:
060: /**
061: * List of PolicyConfiguration objects
062: * Manage all configurations available
063: */
064: private Map policyConfigurations = null;
065:
066: /**
067: * Logger
068: */
069: private static Logger logger = null;
070:
071: /**
072: * Constructor
073: */
074: public JPolicyConfigurationFactory() {
075: policyConfigurations = new HashMap();
076: logger = TraceCore.sec;
077:
078: }
079:
080: /**
081: * This method is used to obtain an instance of the provider specific
082: * class that implements the PolicyConfiguration interface that corresponds
083: * to the identified policy context within the provider.
084: * @param contextID A String identifying the policy context whose
085: * PolicyConfiguration interface is to be returned. The value passed
086: * to this parameter must not be null.
087: * @param remove A boolean value that establishes whether or not the policy
088: * statements of an existing policy context are to be removed before
089: * its PolicyConfiguration object is returned. If the value passed to
090: * this parameter is true, the policy statements of an existing
091: * policy context will be removed. If the value is false,
092: * they will not be removed.
093: * @return an Object that implements the PolicyConfiguration Interface
094: * matched to the Policy provider and corresponding to the
095: * identified policy context.
096: * @throws SecurityException when called by an AccessControlContext that
097: * has not been granted the "setPolicy" SecurityPermission.
098: * @throws PolicyContextException if the implementation throws a checked
099: * exception that has not been accounted for by the
100: * getPolicyConfiguration method signature. The exception thrown
101: * by the implementation class will be encapsulated
102: * (during construction) in the thrown PolicyContextException.
103: */
104: public PolicyConfiguration getPolicyConfiguration(String contextID,
105: boolean remove) throws PolicyContextException,
106: SecurityException {
107:
108: // Section 3.3 - Check permissions
109: checkSetPolicy();
110:
111: // Get in cache
112: PolicyConfiguration policyConfiguration = getInternalPolicyConfiguration(contextID);
113:
114: // Is there an existing configuration ?
115: if (policyConfiguration != null) {
116: // Need to be removed ?
117: if (remove) {
118: // Delete permissions
119: policyConfiguration.delete();
120: ((JPolicyConfiguration) policyConfiguration)
121: .resetState();
122: }
123: // return cache
124: return policyConfiguration;
125: } else { //No previous PolicyConfiguration for the specific contextID
126: // need to build a new PolicyConfiguration
127: policyConfiguration = new JPolicyConfiguration(contextID);
128: }
129:
130: // Add in cache and return it.
131: policyConfigurations.put(contextID, policyConfiguration);
132:
133: return policyConfiguration;
134:
135: }
136:
137: /**
138: * This method is used to check if there the PolicyConfiguration is in cache
139: * and return it if it is in the cache.
140: * @param contextID A String identifying the policy context whose
141: * PolicyConfiguration interface is to be returned. The value passed
142: * to this parameter must not be null.
143: * @return an Object that implements the PolicyConfiguration Interface
144: * matched to the Policy provider and corresponding to the
145: * identified policy context.
146: */
147: private synchronized PolicyConfiguration getInternalPolicyConfiguration(
148: String contextID) {
149: // Get in cache
150: return (PolicyConfiguration) policyConfigurations
151: .get(contextID);
152: }
153:
154: /**
155: * This method determines if the identified policy context exists
156: * with state "inService" in the Policy provider associated with
157: * the factory.
158: * @param contextID A string identifying a policy context
159: * @return true if the identified policy context exists within
160: * the provider and its state is "inService", false otherwise.
161: * @throws SecurityException when called by an AccessControlContext
162: * that has not been granted the "setPolicy" SecurityPermission.
163: * @throws PolicyContextException if the implementation throws a checked
164: * exception that has not been accounted for by the inService
165: * method signature. The exception thrown by the implementation
166: * class will be encapsulated (during construction) in the thrown
167: * PolicyContextException.
168: */
169: public boolean inService(String contextID)
170: throws PolicyContextException, SecurityException {
171:
172: if (logger.isLoggable(BasicLevel.DEBUG)) {
173: logger.log(BasicLevel.DEBUG, "Check setpolicy...");
174: }
175:
176: // Section 3.3 - Check permissions
177: checkSetPolicy();
178:
179: if (logger.isLoggable(BasicLevel.DEBUG)) {
180: logger.log(BasicLevel.DEBUG, "Context exist ?");
181: }
182:
183: // Context exists ?
184: if (policyConfigurations.containsKey(contextID)) {
185: if (logger.isLoggable(BasicLevel.DEBUG)) {
186: logger.log(BasicLevel.DEBUG, "Look internal config...");
187: }
188: return getInternalPolicyConfiguration(contextID)
189: .inService();
190: } else {
191: // false otherwise (see javaDoc)
192: if (logger.isLoggable(BasicLevel.DEBUG)) {
193: logger.log(BasicLevel.DEBUG,
194: "Policy configuration not found, return false");
195: }
196: return false;
197: }
198: }
199:
200: /**
201: * Method which check setPolicy access
202: * Section 3.3 : getPolicyConfiguration and inService must throw a
203: * SecurityException when called by an AccessControlContext that has
204: * not been granted the "setPolicy" SecurityPermission
205: * @throws SecurityException when called by an AccessControlContext that
206: * has not been granted the "setPolicy" SecurityPermission.
207: */
208: private void checkSetPolicy() throws SecurityException {
209: SecurityManager securityManager = System.getSecurityManager();
210: if (securityManager != null) {
211: securityManager.checkPermission(new SecurityPermission(
212: "setPolicy"));
213: }
214: }
215:
216: }
|