List of usage examples for java.security ProtectionDomain getPrincipals
public final Principal[] getPrincipals()
From source file:net.sourceforge.safr.jaas.policy.InstancePolicy.java
@Override public boolean implies(ProtectionDomain domain, Permission permission) { if (!(permission instanceof InstancePermission)) { return defaultPolicy.implies(domain, permission); }/*w w w .ja v a2 s . c o m*/ return permissionManager.implies(permission, domain.getPrincipals()); }
From source file:com.ecyrd.jspwiki.auth.SecurityVerifier.java
/** * Verfies the Java security policy configuration. The configuration is * valid if value of the local policy (at <code>WEB-INF/jspwiki.policy</code> * resolves to an existing file, and the policy file contained therein * represents a valid policy./*from ww w . j av a 2s.com*/ */ @SuppressWarnings("unchecked") protected final void verifyPolicy() { // Look up the policy file and set the status text. URL policyURL = AuthenticationManager.findConfigFile(m_engine, AuthorizationManager.DEFAULT_POLICY); String path = policyURL.getPath(); if (path.startsWith("file:")) { path = path.substring(5); } File policyFile = new File(path); // Next, verify the policy try { // Get the file PolicyReader policy = new PolicyReader(policyFile); m_session.addMessage(INFO_POLICY, "The security policy '" + policy.getFile() + "' exists."); // See if there is a keystore that's valid KeyStore ks = policy.getKeyStore(); if (ks == null) { m_session.addMessage(WARNING_POLICY, "Policy file does not have a keystore... at least not one that we can locate. If your policy file " + "does not contain any 'signedBy' blocks, this is probably ok."); } else { m_session.addMessage(INFO_POLICY, "The security policy specifies a keystore, and we were able to locate it in the filesystem."); } // Verify the file policy.read(); List<Exception> errors = policy.getMessages(); if (errors.size() > 0) { for (Exception e : errors) { m_session.addMessage(ERROR_POLICY, e.getMessage()); } } else { m_session.addMessage(INFO_POLICY, "The security policy looks fine."); m_isSecurityPolicyConfigured = true; } // Stash the unique principals mentioned in the file, // plus our standard roles. Set<Principal> principals = new LinkedHashSet<Principal>(); principals.add(Role.ALL); principals.add(Role.ANONYMOUS); principals.add(Role.ASSERTED); principals.add(Role.AUTHENTICATED); ProtectionDomain[] domains = policy.getProtectionDomains(); for (ProtectionDomain domain : domains) { for (Principal principal : domain.getPrincipals()) { principals.add(principal); } } m_policyPrincipals = principals.toArray(new Principal[principals.size()]); } catch (IOException e) { m_session.addMessage(ERROR_POLICY, e.getMessage()); } }
From source file:org.apache.hadoop.security.authorize.ConfiguredPolicy.java
@Override public boolean implies(ProtectionDomain domain, Permission permission) { // Only make checks for domains having principals if (domain.getPrincipals().length == 0) { return true; }/*ww w .j a va2 s . co m*/ return super.implies(domain, permission); }
From source file:org.apache.hadoop.security.authorize.ConfiguredPolicy.java
@Override public PermissionCollection getPermissions(ProtectionDomain domain) { PermissionCollection permissionCollection = super.getPermissions(domain); for (Principal principal : domain.getPrincipals()) { Set<Permission> principalPermissions = permissions.get(principal); if (principalPermissions != null) { for (Permission permission : principalPermissions) { permissionCollection.add(permission); }//from w ww .j a v a 2 s . c o m } for (Permission permission : allowedPermissions) { permissionCollection.add(permission); } } return permissionCollection; }
From source file:org.apache.jxtadoop.security.authorize.ConfiguredPolicy.java
@Override public boolean implies(ProtectionDomain domain, Permission permission) { // Only make checks for domains having principals if (domain.getPrincipals().length == 0) { return true; }/*w w w . j a v a 2s. co m*/ return super.implies(domain, permission); }