gcc/libjava/java/security/Policy.java

/* Policy.java --- Policy Manager Class
   Copyright (C) 1999 Free Software Foundation, Inc.

This file is part of GNU Classpath.

GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
General Public License for more details.

You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING.  If not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA.

As a special exception, if you link this library with other files to
produce an executable, this library does not by itself cause the
resulting executable to be covered by the GNU General Public License.
This exception does not however invalidate any other reasons why the
executable file might be covered by the GNU General Public License. */

package java.security;

/**
   Policy is an abstract class for managing the system security
   policy for the Java application environment. It specifies
   which permissions are available for code from various
   sources. The security policy is represented through a 
   subclass of Policy.

   Only one Policy is in effect at any time. ProtectionDomain
   initializes itself with information from this class on the 
   set of permssions to grant.

   The location for the actual Policy could be anywhere in any
   form because it depends on the Policy implementation. The
   default system is in a flat ASCII file or it could be in a 
   database.

   The current installed Policy can be accessed with getPolicy
   and changed with setPolicy if the code has the correct
   permissions.

   The refresh method causes the Policy class to refresh/reload
   its configuration. The method used to refresh depends on the 
   Policy implementation.

   When a protection domain initializes its permissions it uses
   code like:
   <code>
   policy = Policy.getPolicy();
   permissionCollection perms = policy.getPermissions(MyCodeSource)     
   </code>
   The protection domain passes the Policy handler a CodeSource
   object which contains the codebase URL and public key. The 
   Policy implementation then returns the proper set of 
   permissions for the CodeSource.

   The default Policy implementation can be changed by setting
   the "policy.provider" security provider in java.security
   to the correct Policy implementation class.

   @author Mark Benvenuto

   @since JDK 1.2
 */
public abstract class Policy
{
  // FIXME: The class name of the Policy provider should really be sourced 
  // from the "java.security" configuration file. For now, just hard-code 
  // a stub implementation.
  static private Policy currentPolicy 
    = new gnu.java.security.provider.DefaultPolicy();

  /**
     Constructs a new Policy class.
   */
  public Policy()
  {
  }

  /**
     Gets the currently installed Policy handler. The value should
     not be cached as it can be changed by setPolicy. This 
     function first calls <code>SecurityManager.checkPermission</code>
     with <code>SecurityPermission("getPolicy")</code> to check
     if the caller has Permission to get the current Policy.

     @return the current Policy

     @throws SecurityException if the security manager exists
     the caller does not have permission to 
     <code>getPolicy</code>.
   */
  public static Policy getPolicy()
  {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null)
      sm.checkPermission(new SecurityPermission("getPolicy"));

    return currentPolicy;
  }

  /**
     Sets the currently installed Policy handler. This 
     function first calls <code>SecurityManager.checkPermission</code>
     with <code>SecurityPermission("setPolicy")</code> to check
     if the caller has Permission to get the current Policy.

     @param policy the new Policy to use

     @throws SecurityException if the security manager exists
     the caller does not have permission to 
     <code>getPolicy</code>.
   */
  public static void setPolicy(Policy policy)
  {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null)
      sm.checkPermission(new SecurityPermission("setPolicy"));

    currentPolicy = policy;
  }


  /**
     Evalutes the global policy and returns a set of Permissions 
     allowed for the specified CodeSource.

     @param codesource The CodeSource to get Permission for

     @return a set of permissions for codesource specified by 
     the current policy

     @throws SecurityException if the current thread does not
     have permission to call <code>getPermissions</code>
   */
  public abstract PermissionCollection getPermissions(CodeSource codesource);

  /**
     Refreshes and/or reloads the current Policy. The actual
     behavior of this method depends on the implementation. 
   */
  public abstract void refresh();
}
decl.c (init_decl_processing): Add new class "protectionDomain" field. gcc/java: 2001-04-25 Bryce McKinlay <bryce@waitaki.otago.ac.nz> * decl.c (init_decl_processing): Add new class "protectionDomain" field. * class.c (make_class_data): Set initial value for "protectionDomain". libjava: 2001-04-25 Bryce McKinlay <bryce@albatross.co.nz> java.security merge and ClassLoader compliance fixes. * java/lang/Class.h (Class): Include ProtectionDomain.h. New protectionDomain field. (forName): Add initialize parameter. Fixes declaration to comply with JDK spec. * java/lang/natClass.cc (forName): Correct declaration of the three-arg variant. Honour "initialize" flag. (getProtectionDomain0): New method. * java/lang/Class.java: Fix forName() declaration. (getPackage): New method based on Classpath implementation. (getProtectionDomain0): New native method decl. (getProtectionDomain): New method. * java/lang/ClassLoader.java (getParent): Now final. (definedPackages): New field. (getPackage): New. (defineClass): New variant with protectionDomain argument. (definePackage): New. (getPackages): New. (findSystemClass): Now final. (getSystemResourceAsStream): Remove redundant "final" modifier. (getSystemResource): Remove redundant "final" modifier. (getResources): Now final. (protectionDomainPermission): New static field. (unknownProtectionDomain): Ditto. (defaultProtectionDomain): Ditto. (getSystemClassLoader): Now non-native. * java/util/ResourceBundle.java (tryGetSomeBundle): Use the correct arguments for Class.forName(). * java/lang/Package.java: New file. * gnu/gcj/runtime/VMClassLoader.java (getVMClassLoader): Removed. (instance): Static initialize singleton. (findClass): Override this, not findSystemClass. * java/lang/natClassLoader.cc (defineClass0): Set class's protectionDomain field as specified. (getSystemClassLoader): Removed. (findClass): Renamed from findSystemClass. Call the interpreter via URLClassLoader.findClass if loading class via dlopen fails. * java/security/.java: java.security import/merge with Classpath. java/security/acl/.java: Likewise. java/security/interfaces/.java: Likewise. java/security/spec/.java: Likewise. java/net/NetPermission.java: Likewise. * java/net/SocketPermission.java: Likewise. * gnu/java/security/provider/DefaultPolicy.java: Likewise. * Makefile.am: Add new classes. * Makefile.in: Rebuilt. * gcj/javaprims.h: CNI namespace rebuild. From-SVN: r41543 2001-04-25 23:45:15 +08:00			`/* Policy.java --- Policy Manager Class`
			`Copyright (C) 1999 Free Software Foundation, Inc.`

			`This file is part of GNU Classpath.`

			`GNU Classpath is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation; either version 2, or (at your option)`
			`any later version.`

			`GNU Classpath is distributed in the hope that it will be useful, but`
			`WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with GNU Classpath; see the file COPYING. If not, write to the`
			`Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA`
			`02111-1307 USA.`

			`As a special exception, if you link this library with other files to`
			`produce an executable, this library does not by itself cause the`
			`resulting executable to be covered by the GNU General Public License.`
			`This exception does not however invalidate any other reasons why the`
			`executable file might be covered by the GNU General Public License. */`

			`package java.security;`

			`/**`
			`Policy is an abstract class for managing the system security`
			`policy for the Java application environment. It specifies`
			`which permissions are available for code from various`
			`sources. The security policy is represented through a`
			`subclass of Policy.`

			`Only one Policy is in effect at any time. ProtectionDomain`
			`initializes itself with information from this class on the`
			`set of permssions to grant.`

			`The location for the actual Policy could be anywhere in any`
			`form because it depends on the Policy implementation. The`
			`default system is in a flat ASCII file or it could be in a`
			`database.`

			`The current installed Policy can be accessed with getPolicy`
			`and changed with setPolicy if the code has the correct`
			`permissions.`

			`The refresh method causes the Policy class to refresh/reload`
			`its configuration. The method used to refresh depends on the`
			`Policy implementation.`

			`When a protection domain initializes its permissions it uses`
			`code like:`
			`<code>`
			`policy = Policy.getPolicy();`
			`permissionCollection perms = policy.getPermissions(MyCodeSource)`
			`</code>`
			`The protection domain passes the Policy handler a CodeSource`
			`object which contains the codebase URL and public key. The`
			`Policy implementation then returns the proper set of`
			`permissions for the CodeSource.`

			`The default Policy implementation can be changed by setting`
			`the "policy.provider" security provider in java.security`
			`to the correct Policy implementation class.`

			`@author Mark Benvenuto`

			`@since JDK 1.2`
			`*/`
			`public abstract class Policy`
			`{`
			`// FIXME: The class name of the Policy provider should really be sourced`
			`// from the "java.security" configuration file. For now, just hard-code`
			`// a stub implementation.`
			`static private Policy currentPolicy`
			`= new gnu.java.security.provider.DefaultPolicy();`

			`/**`
			`Constructs a new Policy class.`
			`*/`
			`public Policy()`
			`{`
			`}`

			`/**`
			`Gets the currently installed Policy handler. The value should`
			`not be cached as it can be changed by setPolicy. This`
			`function first calls <code>SecurityManager.checkPermission</code>`
			`with <code>SecurityPermission("getPolicy")</code> to check`
			`if the caller has Permission to get the current Policy.`

			`@return the current Policy`

			`@throws SecurityException if the security manager exists`
			`the caller does not have permission to`
			`<code>getPolicy</code>.`
			`*/`
			`public static Policy getPolicy()`
			`{`
			`SecurityManager sm = System.getSecurityManager();`
			`if (sm != null)`
			`sm.checkPermission(new SecurityPermission("getPolicy"));`

			`return currentPolicy;`
			`}`

			`/**`
			`Sets the currently installed Policy handler. This`
			`function first calls <code>SecurityManager.checkPermission</code>`
			`with <code>SecurityPermission("setPolicy")</code> to check`
			`if the caller has Permission to get the current Policy.`

			`@param policy the new Policy to use`

			`@throws SecurityException if the security manager exists`
			`the caller does not have permission to`
			`<code>getPolicy</code>.`
			`*/`
			`public static void setPolicy(Policy policy)`
			`{`
			`SecurityManager sm = System.getSecurityManager();`
			`if (sm != null)`
			`sm.checkPermission(new SecurityPermission("setPolicy"));`

			`currentPolicy = policy;`
			`}`


			`/**`
			`Evalutes the global policy and returns a set of Permissions`
			`allowed for the specified CodeSource.`

			`@param codesource The CodeSource to get Permission for`

			`@return a set of permissions for codesource specified by`
			`the current policy`

			`@throws SecurityException if the current thread does not`
			`have permission to call <code>getPermissions</code>`
			`*/`
			`public abstract PermissionCollection getPermissions(CodeSource codesource);`

			`/**`
			`Refreshes and/or reloads the current Policy. The actual`
			`behavior of this method depends on the implementation.`
			`*/`
			`public abstract void refresh();`
			`}`