diff options
| author | Omair Majid <[email protected]> | 2011-01-04 15:12:40 -0500 |
|---|---|---|
| committer | Omair Majid <[email protected]> | 2011-01-04 15:12:40 -0500 |
| commit | 6144e5cba6ef2e89096e6a74b74dd0d5ebf996b1 (patch) | |
| tree | a0c4f7a837ca8c64e1e89c0b95d09956a8caf025 /netx/net/sourceforge/jnlp/SecurityDesc.java | |
| parent | 0cc285288f1f96cafd7dc069ed040337c4a25f58 (diff) | |
allow custom permissions instead of all permissions for trusted code
2011-01-04 Omair Majid <[email protected]>
* netx/net/sourceforge/jnlp/SecurityDesc.java: Add
customTrustedPolicy.
(SecurityDesc): Initialize customTrustedPolicy.
(getCustomTrustedPolicy): New method. Get custom policy file from
configuration and use it to initialize a custom configuration.
(getPermissions): If trusted application and customTrustedPolicy is
not null, delegate to otherwise return AllPermissions.
* netx/net/sourceforge/jnlp/config/Defaults.java
(getDefaults): Use constant for property.
* netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java:
Add new constant KEY_SECURITY_TRUSTED_POLICY.
* netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java
(installEnvironment): Pass cs as a parameter to
SecurityDesc.getPermissions.
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
(getPermissions): Likewise.
Diffstat (limited to 'netx/net/sourceforge/jnlp/SecurityDesc.java')
| -rw-r--r-- | netx/net/sourceforge/jnlp/SecurityDesc.java | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/netx/net/sourceforge/jnlp/SecurityDesc.java b/netx/net/sourceforge/jnlp/SecurityDesc.java index 7613017..ee5ea5f 100644 --- a/netx/net/sourceforge/jnlp/SecurityDesc.java +++ b/netx/net/sourceforge/jnlp/SecurityDesc.java @@ -58,6 +58,8 @@ public class SecurityDesc { /** the JNLP file */ private JNLPFile file; + private final Policy customTrustedPolicy; + // We go by the rules here: // http://java.sun.com/docs/books/tutorial/deployment/doingMoreWithRIA/properties.html @@ -151,6 +153,33 @@ public class SecurityDesc { String key = DeploymentConfiguration.KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING; grantAwtPermissions = Boolean.valueOf(JNLPRuntime.getConfiguration().getProperty(key)); + + customTrustedPolicy = getCustomTrustedPolicy(); + } + + /** + * Returns a Policy object that represents a custom policy to use instead + * of granting {@link AllPermission} to a {@link CodeSource} + * + * @return a {@link Policy} object to delegate to. May be null, which + * indicates that no policy exists and AllPermissions should be granted + * instead. + */ + private Policy getCustomTrustedPolicy() { + String key = DeploymentConfiguration.KEY_SECURITY_TRUSTED_POLICY; + String policyLocation = JNLPRuntime.getConfiguration().getProperty(key); + + Policy policy = null; + if (policyLocation != null) { + try { + URI policyUri = new URI("file://" + policyLocation); + policy = Policy.getInstance("JavaPolicy", new URIParameter(policyUri)); + } catch (Exception e) { + e.printStackTrace(); + } + } + // return the appropriate policy, or null + return policy; } /** @@ -164,15 +193,21 @@ public class SecurityDesc { /** * Returns a PermissionCollection containing the basic * permissions granted depending on the security type. + * + * @param cs the CodeSource to get permissions for */ - public PermissionCollection getPermissions() { + public PermissionCollection getPermissions(CodeSource cs) { PermissionCollection permissions = getSandBoxPermissions(); // discard sandbox, give all if (type == ALL_PERMISSIONS) { permissions = new Permissions(); - permissions.add(new AllPermission()); - return permissions; + if (customTrustedPolicy == null) { + permissions.add(new AllPermission()); + return permissions; + } else { + return customTrustedPolicy.getPermissions(cs); + } } // add j2ee to sandbox if needed |