Class GlobalPolicyUtil
- java.lang.Object
-
- com.sun.enterprise.security.permissionsxml.GlobalPolicyUtil
-
public class GlobalPolicyUtil extends Object
Utility class to load the EE permissions, EE restrictions, and check restrictions for a given permission set
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classGlobalPolicyUtil.PolicyType
-
Field Summary
Fields Modifier and Type Field Description static StringCLIENT_TYPE_CODESOURCECode source URL representing App client typeprotected static StringdomainCfgFolderstatic StringEAR_CLASS_LOADERstatic StringEAR_TYPE_CODESOURCECode source URL representing Ear typestatic StringEE_GRANT_FILEThis is the file storing the default permissions granted to each component typestatic StringEE_RESTRICTED_FILEThis is the file storing the restricted permissions for each component type; Any permissions declared in this list can not be used by the applicationstatic StringEJB_TYPE_CODESOURCECode source URL representing Ejb typestatic StringRAR_TYPE_CODESOURCECode source URL representing Rar typestatic StringSERVER_ALLOWED_FILEThis is the file storing the allowed permissions for each component type A permission listed in this file may not be used but the application, but any application declared permission must exist in this list;protected static StringSYS_PROP_JAVA_SEC_POLICYstatic StringWEB_TYPE_CODESOURCECode source URL representing Web type
-
Constructor Summary
Constructors Constructor Description GlobalPolicyUtil()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static voidcheckRestriction(CommponentType type, PermissionCollection declaredPC)static voidcheckRestriction(PermissionCollection declaredPC, PermissionCollection restrictedPC)Checks a permissions set against a restriction setstatic voidcheckRestrictionOfComponentType(PermissionCollection declaredPC, CommponentType type)Check a permission set against a restriction of a component typestatic voidcheckRestrictionOfEar(PermissionCollection declaredPC)static CommponentTypeconvertComponentType(String type)static PermissionCollectiongetCompRestrictedPerms(CommponentType type)Get the restricted permission set of a specified component type on the serverstatic PermissionCollectiongetCompRestrictedPerms(String type)static PermissionCollectiongetDeclaredPermissions(CommponentType type, DeploymentContext context)Get the application or module packaged permissionsstatic PermissionCollectiongetEECompGrantededPerms(CommponentType type)Get the default granted permissions of a specified component typestatic PermissionCollectiongetEECompGrantededPerms(String type)Get the default granted permissions of a specified component type
-
-
-
Field Detail
-
EE_GRANT_FILE
public static final String EE_GRANT_FILE
This is the file storing the default permissions granted to each component type- See Also:
- Constant Field Values
-
EE_RESTRICTED_FILE
public static final String EE_RESTRICTED_FILE
This is the file storing the restricted permissions for each component type; Any permissions declared in this list can not be used by the application- See Also:
- Constant Field Values
-
SERVER_ALLOWED_FILE
public static final String SERVER_ALLOWED_FILE
This is the file storing the allowed permissions for each component type A permission listed in this file may not be used but the application, but any application declared permission must exist in this list;- See Also:
- Constant Field Values
-
SYS_PROP_JAVA_SEC_POLICY
protected static final String SYS_PROP_JAVA_SEC_POLICY
- See Also:
- Constant Field Values
-
EJB_TYPE_CODESOURCE
public static final String EJB_TYPE_CODESOURCE
Code source URL representing Ejb type- See Also:
- Constant Field Values
-
WEB_TYPE_CODESOURCE
public static final String WEB_TYPE_CODESOURCE
Code source URL representing Web type- See Also:
- Constant Field Values
-
RAR_TYPE_CODESOURCE
public static final String RAR_TYPE_CODESOURCE
Code source URL representing Rar type- See Also:
- Constant Field Values
-
CLIENT_TYPE_CODESOURCE
public static final String CLIENT_TYPE_CODESOURCE
Code source URL representing App client type- See Also:
- Constant Field Values
-
EAR_TYPE_CODESOURCE
public static final String EAR_TYPE_CODESOURCE
Code source URL representing Ear type- See Also:
- Constant Field Values
-
EAR_CLASS_LOADER
public static final String EAR_CLASS_LOADER
- See Also:
- Constant Field Values
-
domainCfgFolder
protected static final String domainCfgFolder
-
-
Method Detail
-
convertComponentType
public static CommponentType convertComponentType(String type)
-
getDeclaredPermissions
public static PermissionCollection getDeclaredPermissions(CommponentType type, DeploymentContext context) throws SecurityException
Get the application or module packaged permissions- Parameters:
type- the type of the module, this is used to check the configured restriction for the typecontext- the deployment context- Returns:
- the module or app declared permissions
- Throws:
SecurityException- if permissions.xml has syntax failure, or failed for restriction check
-
getEECompGrantededPerms
public static PermissionCollection getEECompGrantededPerms(String type)
Get the default granted permissions of a specified component type- Parameters:
type- Java EE component type such as ejb, war, rar, car, ear- Returns:
-
getEECompGrantededPerms
public static PermissionCollection getEECompGrantededPerms(CommponentType type)
Get the default granted permissions of a specified component type- Parameters:
type- Java EE component type- Returns:
- the permission set granted to the specified component
-
getCompRestrictedPerms
public static PermissionCollection getCompRestrictedPerms(String type)
-
getCompRestrictedPerms
public static PermissionCollection getCompRestrictedPerms(CommponentType type)
Get the restricted permission set of a specified component type on the server- Parameters:
type- Java EE component type- Returns:
- the restricted permission set of the specified component type on the server
-
checkRestriction
public static void checkRestriction(CommponentType type, PermissionCollection declaredPC) throws SecurityException
- Throws:
SecurityException
-
checkRestriction
public static void checkRestriction(PermissionCollection declaredPC, PermissionCollection restrictedPC) throws SecurityException
Checks a permissions set against a restriction set- Parameters:
declaredPC-restrictedPC-- Throws:
SecurityException- is thrown if violation detected
-
checkRestrictionOfComponentType
public static void checkRestrictionOfComponentType(PermissionCollection declaredPC, CommponentType type) throws SecurityException
Check a permission set against a restriction of a component type- Parameters:
declaredPC-type-- Throws:
SecurityException
-
checkRestrictionOfEar
public static void checkRestrictionOfEar(PermissionCollection declaredPC) throws SecurityException
- Throws:
SecurityException
-
-