diff options
| author | Omair Majid <[email protected]> | 2010-10-22 10:44:12 -0400 |
|---|---|---|
| committer | Omair Majid <[email protected]> | 2010-10-22 10:44:12 -0400 |
| commit | 12747b34f31cfb98c057f45e8aeb1711ea7341c8 (patch) | |
| tree | 45b4d70163f9f19f014017bf33d0adaf725e03a6 /netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | |
| parent | 61aeaaf89164aa93280527c7eb80cf4c1432fbee (diff) | |
show security dialogs using the main AppContext
2010-10-22 Omair Majid <[email protected]>
* netx/net/sourceforge/jnlp/NetxPanel.java
(runLoader): Do not initialize JNLPRuntime here.
(createAppletThreads): Initialize JNLPRuntim here.
* netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java:
Switch from SecurityWarningDialog.AccessType to
SecurityWarning.AccessType.
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
(getInstance(JNLPFile,UpdatePolicy)): Switch to SecurityWarning.
(initializeResources): Likewise.
(checkTrustWithUser): Likewise.
* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java:
Add securityDialogMesasgeHandler.
(initialize): Set System look and feel. Start security thread.
(startSecurityThread): New method. Starts a thread to show security
dialogs.
(getSecurityDialogHandler): Returns the securityDialogMessageHandler.
* netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java:
Switch from SecurityWarningDialog.AccessType to
SecurityWarning.AccessType.
(checkAwtEventQueueAccess): New method. Skeleton code for allowing
EventQueue acccess to applets.
* netx/net/sourceforge/jnlp/security/AccessWarningPane.java:
Switch from SecurityWarningDialog.AccessType to
SecurityWarning.AccessType.
* netx/net/sourceforge/jnlp/security/CertWarningPane.java:
Likewise.
* netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java:
Move DialogType and AccessType to SecurityWarning.
(SecurityWarningDialog(DialogType,AccessType,JNLPFile,CertVerifier,
X509Certificate,Object[])): New method. The catch-all construction.
(SecurityWarningDialog(DialogType,AccessType,JNLPFile): Delegate to
the new constructor.
(SecurityWarningDialog(DialogType,AccessType,JNLPFile,CertVerifier)):
Likewise.
(SecurityWarningDialog(DialogType,AccessType,CertVerifier)): Likewise.
(SecurityWarningDialog(DialogType,AccessType,JNLPFile,Object[])):
Likewise.
(SecurityWarningDialog(DialogType,X509Certificate)): Likewise.
(showAccessWarningDialog(AccessType,JNLPFile)): Move to SecurityWarning
class.
(showAccessWarningDialog(AccessType,JNLPFile,Object[])): Likewise.
(showNotAllSignedWarningDialog(JNLPFile)): Likewise.
(showCertWarningDialog(AccessType,JNLPFile,CertVerifier)): Likewise.
(showAppletWarning): Likewise.
(initDialog): Make dialog non modal and remove window closing listener.
(getValue): Make public.
(dispose): New method. Notify listeners.
(notifySelectionMade): New method. Notify listeners that user has made
a decision.
(addActionListener): New method. Add a listener to be notified when
user makes a decision about this security warning.
* netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java:
Switch from SecurityWarningDialog.AccessType to
SecurityWarning.AccessType.
* netx/net/sourceforge/jnlp/services/ServiceUtil.java: Likewise.
* netx/net/sourceforge/jnlp/services/XClipboardService.java: Likewise.
* netx/net/sourceforge/jnlp/services/XExtendedService.java: Likewise.
* netx/net/sourceforge/jnlp/services/XFileOpenService.java: Likewise.
* netx/net/sourceforge/jnlp/services/XFileSaveService.java: Likewise.
* netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java:
New class.
* netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java:
New class.
(run): New method. Runs the security message loop.
(handleMessage): New method. Handles a SecurityDialogMessage to show a
security warning.
(postMessage): New method. Posts a message to sthe security message
queue.
* netx/net/sourceforge/jnlp/security/SecurityWarning.java: New class.
Move AccessType and DialogType from SecurityWarningDialog to here.
(showAccessWarningDialog): Moved from SecurityWarningDialog to here.
(showAccessWarningDialog): Moved from SecurityWarningDialog to here.
Modified to post messages to the security queue instead of showing a
SecurityWarningDialog directly.
(showNotAllSignedWarningDialog): Likewise.
(showCertWarningDialog): Likewise.
(showAppletWarning): Likewise.
(getUserReponse): New method. Posts a message to the security thread and
blocks until it gets a response from the user.
Diffstat (limited to 'netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java')
| -rw-r--r-- | netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java index 44cf24e..a6f6304 100644 --- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java @@ -25,9 +25,11 @@ import java.util.*; import java.util.List; import java.security.*; import javax.jnlp.*; +import javax.swing.UIManager; import net.sourceforge.jnlp.*; import net.sourceforge.jnlp.cache.*; +import net.sourceforge.jnlp.security.SecurityDialogMessageHandler; import net.sourceforge.jnlp.services.*; import net.sourceforge.jnlp.util.*; @@ -63,6 +65,9 @@ public class JNLPRuntime { /** the security policy */ private static JNLPPolicy policy; + /** handles all security message to show appropriate security dialogs */ + private static SecurityDialogMessageHandler securityDialogMessageHandler; + /** the base dir for cache, etc */ private static File baseDir; @@ -165,6 +170,8 @@ public class JNLPRuntime { * security manager and security policy, initializing the JNLP * standard services, etc.<p> * + * This method should be called from the main AppContext/Thread. <p> + * * This method cannot be called more than once. Once * initialized, methods that alter the runtime can only be * called by the exit class.<p> @@ -206,15 +213,40 @@ public class JNLPRuntime { policy = new JNLPPolicy(); security = new JNLPSecurityManager(); // side effect: create JWindow + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + // ignore it + } + if (securityEnabled) { Policy.setPolicy(policy); // do first b/c our SM blocks setPolicy System.setSecurityManager(security); } + securityDialogMessageHandler = startSecurityThreads(); + initialized = true; } /** + * This must NOT be called form the application ThreadGroup. An application + * can inject events into its {@link EventQueue} and bypass the security + * dialogs. + * + * @return a {@link SecurityDialogMessageHandler} that can be used to post + * security messages + */ + private static SecurityDialogMessageHandler startSecurityThreads() { + ThreadGroup securityThreadGroup = new ThreadGroup("NetxSecurityThreadGroup"); + SecurityDialogMessageHandler runner = new SecurityDialogMessageHandler(); + Thread securityThread = new Thread(securityThreadGroup, runner, "NetxSecurityThread"); + securityThread.setDaemon(true); + securityThread.start(); + return runner; + } + + /** * Returns true if a webstart application has been initialized, and false * for a plugin applet. */ @@ -321,6 +353,19 @@ public class JNLPRuntime { } /** + * + * @return the {@link SecurityDialogMessageHandler} that should be used to + * post security dialog messages + */ + public static SecurityDialogMessageHandler getSecurityDialogHandler() { + SecurityManager sm = System.getSecurityManager(); + if (sm != null) { + sm.checkPermission(new AllPermission()); + } + return securityDialogMessageHandler; + } + + /** * Returns the system default base dir for or if not set, * prompts the user for the location. * |