Class GlobalPolicyUtil
- java.lang.Object
-
- com.sun.enterprise.security.permissionsxml.GlobalPolicyUtil
-
public class GlobalPolicyUtil extends Object
Utility class to load the EE permissions, EE restrictions, and check restrictions for a given permission set
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
GlobalPolicyUtil.PolicyType
-
Field Summary
Fields Modifier and Type Field Description static String
CLIENT_TYPE_CODESOURCE
Code source URL representing App client typeprotected static String
domainCfgFolder
static String
EAR_CLASS_LOADER
static String
EAR_TYPE_CODESOURCE
Code source URL representing Ear typestatic String
EE_GRANT_FILE
This is the file storing the default permissions granted to each component typestatic String
EE_RESTRICTED_FILE
This is the file storing the restricted permissions for each component type; Any permissions declared in this list can not be used by the applicationstatic String
EJB_TYPE_CODESOURCE
Code source URL representing Ejb typestatic String
RAR_TYPE_CODESOURCE
Code source URL representing Rar typestatic String
SERVER_ALLOWED_FILE
This is the file storing the allowed permissions for each component type A permission listed in this file may not be used but the application, but any application declared permission must exist in this list;protected static String
SYS_PROP_JAVA_SEC_POLICY
static String
WEB_TYPE_CODESOURCE
Code source URL representing Web type
-
Constructor Summary
Constructors Constructor Description GlobalPolicyUtil()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static void
checkRestriction(CommponentType type, PermissionCollection declaredPC)
static void
checkRestriction(PermissionCollection declaredPC, PermissionCollection restrictedPC)
Checks a permissions set against a restriction setstatic void
checkRestrictionOfComponentType(PermissionCollection declaredPC, CommponentType type)
Check a permission set against a restriction of a component typestatic void
checkRestrictionOfEar(PermissionCollection declaredPC)
static CommponentType
convertComponentType(String type)
static PermissionCollection
getCompRestrictedPerms(CommponentType type)
Get the restricted permission set of a specified component type on the serverstatic PermissionCollection
getCompRestrictedPerms(String type)
static PermissionCollection
getDeclaredPermissions(CommponentType type, DeploymentContext context)
Get the application or module packaged permissionsstatic PermissionCollection
getEECompGrantededPerms(CommponentType type)
Get the default granted permissions of a specified component typestatic PermissionCollection
getEECompGrantededPerms(String type)
Get the default granted permissions of a specified component type
-
-
-
Field Detail
-
EE_GRANT_FILE
public static final String EE_GRANT_FILE
This is the file storing the default permissions granted to each component type- See Also:
- Constant Field Values
-
EE_RESTRICTED_FILE
public static final String EE_RESTRICTED_FILE
This is the file storing the restricted permissions for each component type; Any permissions declared in this list can not be used by the application- See Also:
- Constant Field Values
-
SERVER_ALLOWED_FILE
public static final String SERVER_ALLOWED_FILE
This is the file storing the allowed permissions for each component type A permission listed in this file may not be used but the application, but any application declared permission must exist in this list;- See Also:
- Constant Field Values
-
SYS_PROP_JAVA_SEC_POLICY
protected static final String SYS_PROP_JAVA_SEC_POLICY
- See Also:
- Constant Field Values
-
EJB_TYPE_CODESOURCE
public static final String EJB_TYPE_CODESOURCE
Code source URL representing Ejb type- See Also:
- Constant Field Values
-
WEB_TYPE_CODESOURCE
public static final String WEB_TYPE_CODESOURCE
Code source URL representing Web type- See Also:
- Constant Field Values
-
RAR_TYPE_CODESOURCE
public static final String RAR_TYPE_CODESOURCE
Code source URL representing Rar type- See Also:
- Constant Field Values
-
CLIENT_TYPE_CODESOURCE
public static final String CLIENT_TYPE_CODESOURCE
Code source URL representing App client type- See Also:
- Constant Field Values
-
EAR_TYPE_CODESOURCE
public static final String EAR_TYPE_CODESOURCE
Code source URL representing Ear type- See Also:
- Constant Field Values
-
EAR_CLASS_LOADER
public static final String EAR_CLASS_LOADER
- See Also:
- Constant Field Values
-
domainCfgFolder
protected static final String domainCfgFolder
-
-
Method Detail
-
convertComponentType
public static CommponentType convertComponentType(String type)
-
getDeclaredPermissions
public static PermissionCollection getDeclaredPermissions(CommponentType type, DeploymentContext context) throws SecurityException
Get the application or module packaged permissions- Parameters:
type
- the type of the module, this is used to check the configured restriction for the typecontext
- the deployment context- Returns:
- the module or app declared permissions
- Throws:
SecurityException
- if permissions.xml has syntax failure, or failed for restriction check
-
getEECompGrantededPerms
public static PermissionCollection getEECompGrantededPerms(String type)
Get the default granted permissions of a specified component type- Parameters:
type
- Java EE component type such as ejb, war, rar, car, ear- Returns:
-
getEECompGrantededPerms
public static PermissionCollection getEECompGrantededPerms(CommponentType type)
Get the default granted permissions of a specified component type- Parameters:
type
- Java EE component type- Returns:
- the permission set granted to the specified component
-
getCompRestrictedPerms
public static PermissionCollection getCompRestrictedPerms(String type)
-
getCompRestrictedPerms
public static PermissionCollection getCompRestrictedPerms(CommponentType type)
Get the restricted permission set of a specified component type on the server- Parameters:
type
- Java EE component type- Returns:
- the restricted permission set of the specified component type on the server
-
checkRestriction
public static void checkRestriction(CommponentType type, PermissionCollection declaredPC) throws SecurityException
- Throws:
SecurityException
-
checkRestriction
public static void checkRestriction(PermissionCollection declaredPC, PermissionCollection restrictedPC) throws SecurityException
Checks a permissions set against a restriction set- Parameters:
declaredPC
-restrictedPC
-- Throws:
SecurityException
- is thrown if violation detected
-
checkRestrictionOfComponentType
public static void checkRestrictionOfComponentType(PermissionCollection declaredPC, CommponentType type) throws SecurityException
Check a permission set against a restriction of a component type- Parameters:
declaredPC
-type
-- Throws:
SecurityException
-
checkRestrictionOfEar
public static void checkRestrictionOfEar(PermissionCollection declaredPC) throws SecurityException
- Throws:
SecurityException
-
-