diff options
| author | Omair Majid <omajid@redhat.com> | 2010-11-18 11:55:26 -0500 |
|---|---|---|
| committer | Omair Majid <omajid@redhat.com> | 2010-11-18 11:55:26 -0500 |
| commit | b949b7d40c7d5bb1146551fae563b1b4ac398812 (patch) | |
| tree | 3e5323e6322a30ccd77cc1713eeec2b9a011fad4 /netx/net/sourceforge/jnlp/security/SecurityWarning.java | |
| parent | 3f351c0718209878b0a3d880d9757ddca90e447e (diff) | |
add configuration support for user prompts and other access control options
2010-11-18 Omair Majid <omajid@redhat.com>
* netx/net/sourceforge/jnlp/SecurityDesc.java: Remove window banner
permissions from sandboxPermissions and j2eePermissions.
(getSandBoxPermissions): Dynamically add window banner permissions
if allowed by configuration.
* netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java:
Add KEY_SECURITY_PROMPT_USER,
KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING,
KEY_SECURITY_PROMPT_USER_FOR_JNLP, and
KEY_SECURITY_INSTALL_AUTHENTICATOR.
(loadDefaultProperties): Use the new constants.
* netx/net/sourceforge/jnlp/security/SecurityWarning.java
(showAccessWarningDialog): Check if the user should be prompted
before prompting the user.
(showNotAllSignedWarningDialog): Likewise.
(showCertWarningDialog): Likewise.
(showAppletWarning): Likewise.
(shouldPromptUser): New method. Check if configuration allows
showing user prompts.
* netx/net/sourceforge/jnlp/services/ServiceUtil.java
(checkAccess(AccessType,Object...)): Clarify javadocs.
(checkAccess(ApplicationInstance,AccessType,Object...)): Clarify
javadocs. Only prompt the user if showing JNLP prompts is ok.
(shouldPromptUser): New method. Returns true if configuration allows
for showing JNLP api prompts.
* plugin/icedteanp/java/sun/applet/PluginMain.java
(init): Only install custom authenticator if allowed by
configuration.
Diffstat (limited to 'netx/net/sourceforge/jnlp/security/SecurityWarning.java')
| -rw-r--r-- | netx/net/sourceforge/jnlp/security/SecurityWarning.java | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/security/SecurityWarning.java b/netx/net/sourceforge/jnlp/security/SecurityWarning.java index 54ffc31..c0eda43 100644 --- a/netx/net/sourceforge/jnlp/security/SecurityWarning.java +++ b/netx/net/sourceforge/jnlp/security/SecurityWarning.java @@ -49,6 +49,7 @@ import javax.swing.JDialog; import javax.swing.SwingUtilities; import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.runtime.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPRuntime; /** @@ -111,6 +112,11 @@ public class SecurityWarning { */ public static boolean showAccessWarningDialog(final AccessType accessType, final JNLPFile file, final Object[] extras) { + + if (!shouldPromptUser()) { + return false; + } + final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.ACCESS_WARNING; @@ -140,6 +146,10 @@ public class SecurityWarning { */ public static boolean showNotAllSignedWarningDialog(JNLPFile file) { + if (!shouldPromptUser()) { + return false; + } + final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.NOTALLSIGNED_WARNING; message.accessType = AccessType.NOTALLSIGNED; @@ -174,6 +184,10 @@ public class SecurityWarning { public static boolean showCertWarningDialog(AccessType accessType, JNLPFile file, CertVerifier jarSigner) { + if (!shouldPromptUser()) { + return false; + } + final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.CERT_WARNING; message.accessType = accessType; @@ -200,6 +214,10 @@ public class SecurityWarning { */ public static int showAppletWarning() { + if (!shouldPromptUser()) { + return 2; + } + SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.APPLET_WARNING; @@ -295,4 +313,15 @@ public class SecurityWarning { return message.userResponse; } + /** + * Returns whether the current runtime configuration allows prompting user + * for security warnings. + * + * @return true if security warnings should be shown to the user. + */ + private static boolean shouldPromptUser() { + return Boolean.valueOf(JNLPRuntime.getConfiguration() + .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER)); + } + } |