3909N/A * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * A Policy object is responsible for determining whether code executing 0N/A * in the Java runtime environment has permission to perform a 0N/A * security-sensitive operation. 0N/A * <p> There is only one Policy object installed in the runtime at any 0N/A * given time. A Policy object can be installed by calling the 0N/A * <code>setPolicy</code> method. The installed Policy object can be 0N/A * obtained by calling the <code>getPolicy</code> method. 0N/A * <p> If no Policy object has been installed in the runtime, a call to 0N/A * <code>getPolicy</code> installs an instance of the default Policy 0N/A * implementation (a default subclass implementation of this abstract class). 0N/A * The default Policy implementation can be changed by setting the value 0N/A * of the "policy.provider" security property (in the Java security properties 0N/A * file) to the fully qualified name of the desired Policy subclass 0N/A * implementation. The Java security properties file is located in the 0N/A * <JAVA_HOME> refers to the value of the java.home system property, 0N/A * and specifies the directory where the JRE is installed. 0N/A * <p> Application code can directly subclass Policy to provide a custom 0N/A * implementation. In addition, an instance of a Policy object can be 0N/A * constructed by invoking one of the <code>getInstance</code> factory methods 0N/A * with a standard type. The default policy type is "JavaPolicy". 0N/A * <p> Once a Policy instance has been installed (either by default, or by 4541N/A * calling <code>setPolicy</code>), the Java runtime invokes its 4541N/A * <code>implies</code> method when it needs to 0N/A * determine whether executing code (encapsulated in a ProtectionDomain) 0N/A * can perform SecurityManager-protected operations. How a Policy object 0N/A * retrieves its policy data is up to the Policy implementation itself. 0N/A * The policy data may be stored, for example, in a flat ASCII file, 0N/A * in a serialized binary file of the Policy class, or in a database. 0N/A * <p> The <code>refresh</code> method causes the policy object to 0N/A * For example, if the policy object stores its data in configuration files, 0N/A * calling <code>refresh</code> will cause it to re-read the configuration 0N/A * policy files. If a refresh operation is not supported, this method does 0N/A * nothing. Note that refreshed policy may not have an effect on classes 0N/A * in a particular ProtectionDomain. This is dependent on the Policy 0N/A * provider's implementation of the <code>implies</code> 0N/A * method and its PermissionCollection caching strategy. 0N/A * @author Roland Schemers 0N/A * @author Gary Ellison 0N/A * @see java.security.Provider 0N/A * @see java.security.ProtectionDomain 0N/A * @see java.security.Permission 0N/A * A read-only empty PermissionCollection instance. 4541N/A // Information about the system-wide policy. 4541N/A // a flag indicating if the system-wide policy has been initialized 4541N/A // PolicyInfo is stored in an AtomicReference 2262N/A // Cache mapping ProtectionDomain.Key to PermissionCollection 4541N/A /** package private for AccessControlContext and ProtectionDomain */ 0N/A * Returns the installed Policy object. This value should not be cached, 0N/A * as it may be changed by a call to <code>setPolicy</code>. 0N/A * This method first calls 0N/A * <code>SecurityManager.checkPermission</code> with a 0N/A * <code>SecurityPermission("getPolicy")</code> permission 3465N/A * to ensure it's ok to get the Policy object. 0N/A * @return the installed Policy. 0N/A * @throws SecurityException 0N/A * if a security manager exists and its 0N/A * <code>checkPermission</code> method doesn't allow 0N/A * getting the Policy object. 0N/A * @see SecurityManager#checkPermission(Permission) 0N/A * @see #setPolicy(java.security.Policy) 0N/A * Returns the installed Policy object, skipping the security check. 4541N/A * Used by ProtectionDomain and getPolicy. 0N/A * @return the installed Policy. 4541N/A // Use double-check idiom to avoid locking if system-wide policy is 4541N/A * The policy_class seems to be an extension 4541N/A * so we have to bootstrap loading it via a policy 4541N/A * provider that is on the bootclasspath. 4541N/A * If it loads then shift gears to using the configured 4541N/A // install the bootstrap provider to avoid recursion 4541N/A // we want the extension loader 4541N/A * if it loaded install it as the policy provider. Otherwise 4541N/A * continue to use the system default implementation 0N/A * Sets the system-wide Policy object. This method first calls 0N/A * <code>SecurityManager.checkPermission</code> with a 0N/A * <code>SecurityPermission("setPolicy")</code> 0N/A * permission to ensure it's ok to set the Policy. 0N/A * @param p the new system Policy object. 0N/A * @throws SecurityException 0N/A * if a security manager exists and its 0N/A * <code>checkPermission</code> method doesn't allow 0N/A * setting the Policy. 0N/A * @see SecurityManager#checkPermission(Permission) 0N/A * Initialize superclass state such that a legacy provider can 0N/A * handle queries for itself. 0N/A * A policy provider not on the bootclasspath could trigger 0N/A * security checks fulfilling a call to either Policy.implies 0N/A * or Policy.getPermissions. If this does occur the provider 0N/A * must be able to answer for it's own ProtectionDomain 0N/A * without triggering additional security checks, otherwise 0N/A * the policy implementation will end up in an infinite 0N/A * To mitigate this, the provider can collect it's own 0N/A * ProtectionDomain and associate a PermissionCollection while 0N/A * it is being installed. The currently installed policy 0N/A * provider (if there is one) will handle calls to 0N/A * Policy.implies or Policy.getPermissions during this 0N/A * This Policy superclass caches away the ProtectionDomain and 0N/A * statically binds permissions so that legacy Policy 0N/A * implementations will continue to function. 0N/A * Collect the permissions granted to this protection domain 0N/A * so that the provider can be security checked while processing 0N/A * calls to Policy.implies or Policy.getPermissions. 0N/A // cache of pd to permissions 0N/A * Returns a Policy object of the specified type. 0N/A * <p> This method traverses the list of registered security providers, 0N/A * starting with the most preferred Provider. 0N/A * A new Policy object encapsulating the 0N/A * PolicySpi implementation from the first 0N/A * Provider that supports the specified type is returned. 0N/A * <p> Note that the list of registered providers may be retrieved via 0N/A * the {@link Security#getProviders() Security.getProviders()} method. 3465N/A * @param type the specified Policy type. See the Policy section in the 3465N/A * Java Cryptography Architecture Standard Algorithm Name Documentation</a> 0N/A * for a list of standard Policy types. 0N/A * @param params parameters for the Policy, which may be null. 0N/A * @return the new Policy object. 0N/A * @exception SecurityException if the caller does not have permission 0N/A * to get a Policy instance for the specified type. 0N/A * @exception NullPointerException if the specified type is null. 0N/A * @exception IllegalArgumentException if the specified parameters 0N/A * are not understood by the PolicySpi implementation 0N/A * from the selected Provider. 0N/A * @exception NoSuchAlgorithmException if no Provider supports a PolicySpi 0N/A * implementation for the specified type. 0N/A * Returns a Policy object of the specified type. 0N/A * <p> A new Policy object encapsulating the 0N/A * PolicySpi implementation from the specified provider 0N/A * is returned. The specified provider must be registered 0N/A * in the provider list. 0N/A * <p> Note that the list of registered providers may be retrieved via 0N/A * the {@link Security#getProviders() Security.getProviders()} method. 3465N/A * @param type the specified Policy type. See the Policy section in the 3465N/A * Java Cryptography Architecture Standard Algorithm Name Documentation</a> 0N/A * for a list of standard Policy types. 0N/A * @param params parameters for the Policy, which may be null. 0N/A * @param provider the provider. 0N/A * @return the new Policy object. 0N/A * @exception SecurityException if the caller does not have permission 0N/A * to get a Policy instance for the specified type. 0N/A * @exception NullPointerException if the specified type is null. 0N/A * @exception IllegalArgumentException if the specified provider 0N/A * or if the specified parameters are not understood by 0N/A * the PolicySpi implementation from the specified provider. 0N/A * @exception NoSuchProviderException if the specified provider is not 0N/A * registered in the security provider list. 0N/A * @exception NoSuchAlgorithmException if the specified provider does not 0N/A * support a PolicySpi implementation for the specified type. 0N/A * Returns a Policy object of the specified type. 0N/A * <p> A new Policy object encapsulating the 0N/A * PolicySpi implementation from the specified Provider 0N/A * object is returned. Note that the specified Provider object 0N/A * does not have to be registered in the provider list. 3465N/A * @param type the specified Policy type. See the Policy section in the 3465N/A * Java Cryptography Architecture Standard Algorithm Name Documentation</a> 0N/A * for a list of standard Policy types. 0N/A * @param params parameters for the Policy, which may be null. 0N/A * @param provider the Provider. 0N/A * @return the new Policy object. 0N/A * @exception SecurityException if the caller does not have permission 0N/A * to get a Policy instance for the specified type. 0N/A * @exception NullPointerException if the specified type is null. 0N/A * @exception IllegalArgumentException if the specified Provider is null, 0N/A * or if the specified parameters are not understood by 0N/A * the PolicySpi implementation from the specified Provider. 0N/A * @exception NoSuchAlgorithmException if the specified Provider does not 0N/A * support a PolicySpi implementation for the specified type. 0N/A * Return the Provider of this Policy. 0N/A * <p> This Policy instance will only have a Provider if it 0N/A * was obtained via a call to <code>Policy.getInstance</code>. 0N/A * Otherwise this method returns null. 0N/A * @return the Provider of this Policy, or null. 0N/A * Return the type of this Policy. 0N/A * <p> This Policy instance will only have a type if it 0N/A * was obtained via a call to <code>Policy.getInstance</code>. 0N/A * Otherwise this method returns null. 0N/A * @return the type of this Policy, or null. 0N/A * Return Policy parameters. 0N/A * <p> This Policy instance will only have parameters if it 0N/A * was obtained via a call to <code>Policy.getInstance</code>. 0N/A * Otherwise this method returns null. 0N/A * @return Policy parameters, or null. 0N/A * Return a PermissionCollection object containing the set of 0N/A * permissions granted to the specified CodeSource. 0N/A * <p> Applications are discouraged from calling this method 0N/A * since this operation may not be supported by all policy implementations. 0N/A * Applications should solely rely on the <code>implies</code> method 0N/A * to perform policy checks. If an application absolutely must call 0N/A * a getPermissions method, it should call 0N/A * <code>getPermissions(ProtectionDomain)</code>. 0N/A * <p> The default implementation of this method returns 0N/A * Policy.UNSUPPORTED_EMPTY_COLLECTION. This method can be 0N/A * overridden if the policy implementation can return a set of 0N/A * permissions granted to a CodeSource. 0N/A * @param codesource the CodeSource to which the returned 0N/A * PermissionCollection has been granted. 0N/A * @return a set of permissions granted to the specified CodeSource. 0N/A * If this operation is supported, the returned 0N/A * set of permissions must be a new mutable instance 0N/A * and it must support heterogeneous Permission types. 0N/A * If this operation is not supported, 0N/A * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. 0N/A * Return a PermissionCollection object containing the set of 0N/A * permissions granted to the specified ProtectionDomain. 0N/A * <p> Applications are discouraged from calling this method 0N/A * since this operation may not be supported by all policy implementations. 0N/A * Applications should rely on the <code>implies</code> method 0N/A * to perform policy checks. 0N/A * <p> The default implementation of this method first retrieves 0N/A * the permissions returned via <code>getPermissions(CodeSource)</code> 0N/A * (the CodeSource is taken from the specified ProtectionDomain), 0N/A * as well as the permissions located inside the specified ProtectionDomain. 0N/A * All of these permissions are then combined and returned in a new 0N/A * PermissionCollection object. If <code>getPermissions(CodeSource)</code> 0N/A * returns Policy.UNSUPPORTED_EMPTY_COLLECTION, then this method 0N/A * returns the permissions contained inside the specified ProtectionDomain 0N/A * in a new PermissionCollection object. 0N/A * <p> This method can be overridden if the policy implementation 0N/A * supports returning a set of permissions granted to a ProtectionDomain. 0N/A * @param domain the ProtectionDomain to which the returned 0N/A * PermissionCollection has been granted. 0N/A * @return a set of permissions granted to the specified ProtectionDomain. 0N/A * If this operation is supported, the returned 0N/A * set of permissions must be a new mutable instance 0N/A * and it must support heterogeneous Permission types. 0N/A * If this operation is not supported, 0N/A * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. 0N/A * add static permissions to provided permission collection 0N/A * Evaluates the global policy for the permissions granted to 0N/A * the ProtectionDomain and tests whether the permission is 0N/A * @param domain the ProtectionDomain to test 0N/A * @param permission the Permission object to be tested for implication. 0N/A * @return true if "permission" is a proper subset of a permission 0N/A * granted to this ProtectionDomain. 0N/A * @see java.security.ProtectionDomain 0N/A * depends on the implementation. For example, calling <code>refresh</code> 0N/A * on a file-based policy will cause the file to be re-read. 0N/A * <p> The default implementation of this method does nothing. 0N/A * This method should be overridden if a refresh operation is supported 0N/A * by the policy implementation. 0N/A * This subclass is returned by the getInstance calls. All Policy calls 0N/A * are delegated to the underlying PolicySpi. 0N/A * This represents a marker interface for Policy parameters. 0N/A * This class represents a read-only empty PermissionCollection object that 0N/A * is returned from the <code>getPermissions(CodeSource)</code> and 0N/A * <code>getPermissions(ProtectionDomain)</code> 0N/A * methods in the Policy class when those operations are not 0N/A * supported by the Policy implementation. 0N/A * Create a read-only empty PermissionCollection object. 0N/A * Adds a permission object to the current collection of permission 0N/A * @param permission the Permission object to add. 0N/A * @exception SecurityException - if this PermissionCollection object 0N/A * has been marked readonly 0N/A * Checks to see if the specified permission is implied by the 0N/A * collection of Permission objects held in this PermissionCollection. 0N/A * @param permission the Permission object to compare. 4541N/A * @return true if "permission" is implied by the permissions in 0N/A * the collection, false if not. 0N/A * Returns an enumeration of all the Permission objects in the 0N/A * @return an enumeration of all the Permissions.