/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* PolicyTool may be used by users and administrators to configure the
* overall java security policy (currently stored in the policy file).
* Using PolicyTool administrators may add and remove policies from
* the policy file. <p>
*
* @see java.security.Policy
* @since 1.2
*/
public class PolicyTool {
// for i18n
static {
// this is for case insensitive string comparisons
};
// anyone can add warnings
boolean newWarning = false;
// set to true if policy modified.
// this way upon exit we know if to ask the user to save changes
boolean modified = false;
private static final boolean testing = false;
/*
* All of the policy entries are read in from the
* policy file and stored here. Updates to the policy entries
* using addEntry() and removeEntry() are made here. To ultimately save
* the policy entries back to the policy file, the SavePolicy button
* must be clicked.
**/
/* The public key alias information is stored here. */
/* standard PKCS11 KeyStore type */
/* reserved word for PKCS11 KeyStores */
/**
* default constructor
*/
private PolicyTool() {
parser = new PolicyParser();
}
/**
* get the PolicyFileName
*/
return policyFileName;
}
/**
* set the PolicyFileName
*/
this.policyFileName = policyFileName;
}
/**
* clear keyStore info
*/
void clearKeyStoreInfo() {
this.keyStoreName = null;
this.keyStoreType = null;
this.keyStoreProvider = null;
this.keyStorePwdURL = null;
}
/**
* get the keyStore URL name
*/
return keyStoreName;
}
/**
* get the keyStore Type
*/
return keyStoreType;
}
/**
* get the keyStore Provider
*/
return keyStoreProvider;
}
/**
* get the keyStore password URL
*/
return keyStorePwdURL;
}
/**
* Open and read a policy file
*/
newWarning = false;
// start fresh - blow away the current state
parser = new PolicyParser();
// see if user is opening a NEW policy file
modified = false;
return;
}
// Read in the policy entries from the file and
// populate the parser vector table. The parser vector
// table only holds the entries as strings, so it only
// guarantees that the policies are syntactically
// correct.
// open the keystore
// Update the local vector with the same policy entries.
// This guarantees that the policy entries are not only
// syntactically correct, but semantically valid as well.
while (enum_.hasMoreElements()) {
// see if all the signers have public keys
newWarning = true;
("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
}
}
}
// check to see if the Principals are valid
try {
pe.getPrincipalName());
} catch (ClassNotFoundException fnfe) {
newWarning = true;
("Warning.Class.not.found.class"));
}
}
// check to see if the Permissions are valid
while (perms.hasMoreElements()) {
try {
} catch (ClassNotFoundException fnfe) {
newWarning = true;
("Warning.Class.not.found.class"));
} catch (InvocationTargetException ite) {
newWarning = true;
("Warning.Invalid.argument.s.for.constructor.arg"));
}
// see if all the permission signers have public keys
newWarning = true;
("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
}
}
}
}
}
// just read in the policy -- nothing has been modified yet
modified = false;
}
/**
* Save a policy to a file
*/
throws FileNotFoundException, IOException {
// save the policy entries to a file
modified = false;
}
/**
* Open the KeyStore
*/
// policy did not specify a keystore during open
// or use wants to reset keystore values
this.keyStoreName = null;
this.keyStoreType = null;
this.keyStoreProvider = null;
this.keyStorePwdURL = null;
// caller will set (tool.modified = true) if appropriate
return;
}
if (policyFileName != null) {
}
// although PolicyUtil.getKeyStore may properly handle
// defaults and property expansion, we do it here so that
// if the call is successful, we can set the proper values
// (PolicyUtil.getKeyStore does not return expanded values)
}
}
}
try {
name,
type,
null);
} catch (IOException ioe) {
// copied from sun.security.pkcs11.SunPKCS11
"available for retrieving password";
// throw a more friendly exception message
throw new IOException(MSG);
} else {
throw ioe;
}
}
this.keyStoreName = name;
this.keyStoreType = type;
this.keyStoreProvider = provider;
this.keyStorePwdURL = pwdURL;
// caller will set (tool.modified = true)
}
/**
* Add a Grant entry to the overall policy at the specified index.
* A policy entry consists of a CodeSource.
*/
if (index < 0) {
// new entry -- just add it to the end
} else {
// existing entry -- replace old one
}
return true;
}
/**
* Add a Principal entry to an existing PolicyEntry at the specified index.
* A Principal entry consists of a class, and name.
*
* If the principal already exists, it is not added again.
*/
int index) {
// first add the principal to the Policy Parser entry
return false;
if (index != -1)
else
modified = true;
return true;
}
/**
* Add a Permission entry to an existing PolicyEntry at the specified index.
* A Permission entry consists of a permission, name, and actions.
*
* If the permission already exists, it is not added again.
*/
int index) {
// first add the permission to the Policy Parser Vector
return false;
if (index != -1)
else
modified = true;
return true;
}
/**
* Remove a Permission entry from an existing PolicyEntry.
*/
// remove the Permission from the GrantEntry
return modified;
}
/**
* remove an entry from the overall policy
*/
modified = true;
}
/**
* retrieve all Policy Entries
*/
return entries;
}
return null;
}
/**
* Retrieve the public key mapped to a particular name.
* If the key has expired, a KeyException is thrown.
*/
return null;
}
return null;
}
return pubKey;
}
/**
* Retrieve all the alias names stored in the certificate database
*/
int numAliases = 0;
return null;
}
// first count the number of elements
while (enum_.hasMoreElements()) {
enum_.nextElement();
numAliases++;
}
if (numAliases > 0) {
// now copy them into an array
numAliases = 0;
while (enum_.hasMoreElements()) {
numAliases++;
}
}
return aliases;
}
/**
* This method parses a single string of signers separated by commas
* ("jordan, duke, pippen") into an array of individual strings.
*/
int numSigners = 1;
int signedByIndex = 0;
int commaIndex = 0;
int signerNum = 0;
// first pass thru "signedBy" counts the number of signers
while (commaIndex >= 0) {
if (commaIndex >= 0) {
numSigners++;
}
}
// second pass thru "signedBy" transfers signers to array
commaIndex = 0;
signedByIndex = 0;
while (commaIndex >= 0) {
// transfer signer and ignore trailing part of the string
signerNum++;
} else {
// we are at the end of the string -- transfer signer
}
}
return signers;
}
/**
* Check to see if the Principal contents are OK
*/
throws ClassNotFoundException,
{
return;
};
("Illegal.Principal.Type.type"));
}
// PolicyParser checks validity of X500Principal name
// - PolicyTool needs to as well so that it doesn't store
// an invalid name that can't be read in later
//
// this can throw an IllegalArgumentException
}
}
/**
* Check to see if the Permission contents are OK
*/
throws ClassNotFoundException,
{
//XXX we might want to keep a hash of created factories...
Constructor<?> c = null;
case 0:
try {
break;
} catch (NoSuchMethodException ex) {
// proceed to the one-param constructor
}
case 1:
try {
break;
} catch (NoSuchMethodException ex) {
// proceed to the two-param constructor
}
case 2:
break;
}
}
/*
* Parse command line arguments.
*/
/* parse flags */
int n = 0;
policyFileName = args[n];
} else {
("Illegal.option.option"));
usage();
}
}
}
static void usage() {
(".file.file.policy.file.location"));
}
/**
* run the PolicyTool
*/
}
// split instr to words according to capitalization,
// like, AWTControl -> A W T Control
// this method is for easy pronounciation
}
}
/**
* Each entry in the policy configuration file is represented by a
* PolicyEntry object.
*
* A PolicyEntry is a (CodeSource,Permission) pair. The
* CodeSource contains the (URL, PublicKey) that together identify
* where the Java bytecodes come from and who (if anyone) signed
* them. The URL could refer to localhost. The URL could also be
* null, meaning that this policy entry is given to all comers, as
* long as they match the signer field. The signer could be null,
* meaning the code is not signed.
*
* The Permission contains the (Type, Name, Action) triplet.
*
*/
class PolicyEntry {
private boolean testing = false;
/**
* Create a PolicyEntry object from the information read in
* from a policy file.
*/
// construct the CodeSource
if (testing) {
" Principals");
}
this.grantEntry = ge;
}
/**
* get the codesource associated with this PolicyEntry
*/
return codesource;
}
/**
* get the GrantEntry associated with this PolicyEntry
*/
return grantEntry;
}
/**
* convert the header portion, i.e. codebase, signer, principals, of
* this policy entry into a string
*/
return codebaseToString();
} else {
}
}
/**
*/
("CodeBase \"" +
"\"");
"\"") :
"\""));
return new String("CodeBase <ALL>");
return stringEntry;
}
/**
* convert the Principals portion of this policy entry into a string
*/
pppe.getDisplayName(true));
}
}
return result;
}
/**
* convert this policy entry into a PolicyParser.PermissionEntry
*/
// get the actions
actions);
return pe;
}
}
/**
* The main window for the PolicyTool
*/
// use serialVersionUID from JDK 1.2.2 for interoperability
/* external paddings */
/* buttons and menus */
/* gridbag index for components in the main window (MW) */
/**
* Constructor
*/
}
/**
* Initialize the PolicyTool window with the necessary components
*/
private void initWindow() {
// create the top menu bar
// create a File menu
// create a KeyStore menu
// policy entry listing
tf.setEditable(false);
if (policyFile == null) {
}
try {
// open the policy file
// display the policy entries via the policy list textarea
}
} catch (FileNotFoundException fnfe) {
// add blank policy listing
setVisible(true);
// just add warning
} catch (Exception e) {
// add blank policy listing
setVisible(true);
// display the error
("Could.not.open.policy.file.policyFile.e.toString."));
}
}
/**
* Add a component to the PolicyTool window
*/
// add the component at the specified gridbag index
// set the constraints
}
/**
* Add a component to the PolicyTool window without external padding
*/
// delegate with "null" external padding
}
/**
* Init the policy_entry_list TEXTAREA component in the
* PolicyTool window
*/
// add the policy list to the window
}
/**
* Replace the policy_entry_list TEXTAREA component in the
* PolicyTool window with an updated one.
*/
// remove the original list of Policy Entries
// and add the new list of entries
}
/**
* display the main PolicyTool window
*/
setResizable(true);
addWindowListener(new ToolWindowListener(this));
setLayout(new GridBagLayout());
initWindow();
// display it
setVisible(true);
if (tool.newWarning == true) {
("Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information."));
}
}
/**
* displays a dialog box describing an error which occurred.
*/
// find where the PolicyTool gui is
getLocationOnScreen() : w.getLocationOnScreen());
ed.setVisible(true);
}
/**
* displays a dialog box describing an error which occurred.
*/
if (t instanceof NoDisplayException) {
return;
}
displayErrorDialog(w, t.toString());
}
/**
* displays a dialog box describing the status of an event
*/
// find the location of the PolicyTool gui
getLocationOnScreen() : w.getLocationOnScreen());
sd.setVisible(true);
}
/**
* display the warning log
*/
// find the location of the PolicyTool gui
getLocationOnScreen() : w.getLocationOnScreen());
ta.setEditable(false);
}
ta.setFocusable(false);
wd.setVisible(true);
}
getLocationOnScreen() : w.getLocationOnScreen());
ta.setEditable(false);
ta.setFocusable(false);
// StringBuffer to store button press. Must be final.
public void actionPerformed(ActionEvent e) {
tw.setVisible(false);
}
});
public void actionPerformed(ActionEvent e) {
tw.setVisible(false);
}
});
tw.setVisible(true);
} else {
// I did encounter this once, don't why.
return 'N';
}
}
}
/**
* General dialog window
*/
// use serialVersionUID from JDK 1.2.2 for interoperability
/* necessary constants */
"java.security.AllPermission";
"java.io.FilePermission";
"javax.security.auth.x500.X500Principal";
/* popup menus */
("Permission.");
/* more popu menus */
("Target.Name.");
/* and more popup menus */
("Actions.");
/* gridbag index for display PolicyEntry (PE) components */
/* the gridbag index for components in the Principal Dialog (PRD) */
/* the gridbag index for components in the Permission Dialog (PD) */
/* modes for KeyStore */
/* the gridbag index for components in the Change KeyStore Dialog (KSD) */
/* the gridbag index for components in the User Save Changes Dialog (USC) */
/* gridbag index for the ConfirmRemovePolicyEntryDialog (CRPE) */
/* some private static finals */
static {
// set up permission objects
// set up principal objects
}
addWindowListener(new ChildWindowListener(this));
}
/**
* get the Perm instance based on either the (shortened) class name
* or the fully qualified class name
*/
if (fullClassName) {
return next;
}
} else {
return next;
}
}
}
return null;
}
/**
* get the Prin instance based on either the (shortened) class name
* or the fully qualified class name
*/
if (fullClassName) {
return next;
}
} else {
return next;
}
}
}
return null;
}
/**
* pop up a dialog so the user can enter info to add a new PolicyEntry
* - if edit is TRUE, then the user is editing an existing entry
* and we should display the original info as well.
*
* - the other reason we need the 'edit' boolean is we need to know
* when we are adding a NEW policy entry. in this case, we can
* not simply update the existing entry, because it doesn't exist.
* finally clicks 'OK' or 'DONE', then we can collect that info
* and add it to the policy.
*/
int listIndex = 0;
// find where the PolicyTool gui is
setLayout(new GridBagLayout());
setResizable(true);
if (edit) {
// get the selected item
// get principal list
}
// get permission list
permissions.elementAt(i);
}
}
// codebase label and textfield
new TextField(60));
// signedby label and textfield
new TextField(60));
// panel for principal buttons
// principal label and list
// panel for permission buttons
// permission list
// panel for Done and Cancel buttons
// Done Button
tw.LR_PADDING);
// Cancel Button
tw.LR_PADDING);
// add the panel
setVisible(true);
}
/**
* Read all the Policy information data in the dialog box
* and construct a PolicyEntry object with it.
*/
// get the Codebase
// get the SignedBy
// construct a new GrantEntry
// get the new Principals
}
// get the new Permissions
}
// construct a new PolicyEntry object
return entry;
}
/**
* display a dialog box for the user to enter KeyStore information
*/
// find where the PolicyTool gui is
setLayout(new GridBagLayout());
if (mode == EDIT_KEYSTORE) {
// KeyStore label and textfield
// URL to U R L, so that accessibility reader will pronounce well
// KeyStore type and textfield
// KeyStore provider and textfield
("KeyStore.Provider."));
// KeyStore password URL and textfield
("KeyStore.Password.URL."));
// OK button
// cancel button
}
setVisible(true);
}
/**
* display a dialog box for the user to input Principal info
*
* if editPolicyEntry is false, then we are adding Principals to
* a new PolicyEntry, and we only update the GUI listing
* with the new Principal.
*
* if edit is true, then we are editing an existing Policy entry.
*/
// get the Principal selected from the Principal List
if (edit) {
}
// find where the PolicyTool gui is
newTD.setResizable(true);
// description label
// principal choice
}
if (edit) {
(editMe.getPrincipalClass())) {
} else {
}
}
}
tw.LR_PADDING);
// principal textfield
new TextField(30));
tw.LR_PADDING);
// name label and textfield
new TextField(40));
tw.LR_PADDING);
tw.LR_PADDING);
// OK button
// cancel button
newTD.setVisible(true);
}
/**
* display a dialog box for the user to input Permission info
*
* if editPolicyEntry is false, then we are adding Permissions to
* a new PolicyEntry, and we only update the GUI listing
* with the new Permission.
*
* if edit is true, then we are editing an existing Permission entry.
*/
// get the Permission selected from the Permission List
if (edit) {
}
// find where the PolicyTool gui is
newTD.setResizable(true);
// description label
// permission choice (added in alphabetical order)
}
tw.LR_PADDING);
// permission textfield
if (edit) {
}
}
tw.LR_PADDING);
// name label and textfield
if (edit) {
}
tw.LR_PADDING);
tw.LR_PADDING);
// actions label and textfield
if (edit) {
}
tw.LR_PADDING);
tw.LR_PADDING);
// signedby label and textfield
tw.LR_PADDING);
tw.LR_PADDING);
// OK button
// cancel button
newTD.setVisible(true);
}
/**
* construct a Principal object from the Principal Info Dialog Box
*/
}
}
throw new Exception
(PolicyTool.rb.getString("Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name"));
throw new Exception
// make this consistent with what PolicyParser does
// when it sees an empty principal class
"Warning: Principal name '" + pname +
"' specified without a Principal class.\n" +
"as a key store alias.\n" +
"\tThe final principal class will be " +
"\tThe final principal name will be " +
"determined by the following:\n" +
"\n" +
"\tIf the key store entry identified by '"
+ pname + "'\n" +
"\tis a key entry, then the principal name will be\n" +
"\tthe subject distinguished name from the first\n" +
"\tcertificate in the entry's certificate chain.\n" +
"\n" +
"\tIf the key store entry identified by '" +
pname + "'\n" +
"\tis a trusted certificate entry, then the\n" +
"\tprincipal name will be the subject distinguished\n" +
"\tname from the trusted public key certificate.");
tw.displayStatusDialog(this,
"store alias. View Warning Log for details.");
}
}
/**
* construct a Permission object from the Permission Info Dialog Box
*/
("Permission.and.Target.Name.must.have.a.value"));
}
// When the permission is FilePermission, we need to check the name
// to make sure it's not escaped. We believe --
//
// String name.lastIndexOf("\\\\")
// ---------------- ------------------------
// c:\foo\bar -1, legal
// c:\\foo\\bar 2, illegal
// \\server\share 0, legal
// \\\\server\share 2, illegal
"Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes"),
);
if (result != 'Y') {
// an invisible exception
throw new NoDisplayException();
}
}
// get the Actions
// get the Signed By
// see if the signers have public keys
try {
("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
}
} catch (Exception e) {
tw.displayErrorDialog(this, e);
}
}
}
return pppe;
}
/**
* confirm that the user REALLY wants to remove the Policy Entry
*/
void displayConfirmRemovePolicyEntry() {
// find the entry to be removed
// find where the PolicyTool gui is
setLayout(new GridBagLayout());
// ask the user do they really want to do this?
// display the policy entry
1, 3 + i, 1, 1, 0.0, 0.0,
} else {
1, 3 + i, 1, 1, 0.0, 0.0,
}
}
// OK button
0, 0, 1, 1, 0.0, 0.0,
// cancel button
1, 0, 1, 1, 0.0, 0.0,
pack();
setVisible(true);
}
/**
* perform SAVE AS
*/
// pop up a dialog box for the user to enter a filename.
public void windowClosing(WindowEvent e) {
e.getWindow().setVisible(false);
}
});
fd.setVisible(true);
// see if the user hit cancel
return;
// get the entered filename
try {
// save the policy entries to a file
// display status
("Policy.successfully.written.to.filename"));
// display the new policy filename
tw.setVisible(true);
// now continue with the originally requested command
// (QUIT, NEW, or OPEN)
} catch (FileNotFoundException fnfe) {
} else {
}
}
}
/**
* ask user if they want to save changes
*/
// find where the PolicyTool gui is
setLayout(new GridBagLayout());
0, 0, 1, 1, 0.0, 0.0,
1, 0, 1, 1, 0.0, 0.0,
(new UserSaveCancelButtonListener(this));
2, 0, 1, 1, 0.0, 0.0,
pack();
setVisible(true);
} else {
// just do the original request (QUIT, NEW, or OPEN)
}
}
/**
* when the user sees the 'YES', 'NO', 'CANCEL' buttons on the
* displayUserSave dialog, and the click on one of them,
* we need to continue the originally requested action
* (either QUITting, opening NEW policy file, or OPENing an existing
* policy file. do that now.
*/
// now either QUIT, open a NEW policy file, or OPEN an existing policy
switch(select) {
case ToolDialog.QUIT:
tw.setVisible(false);
case ToolDialog.NEW:
try {
}
// display the policy entries via the policy list textarea
// display null policy filename and keystore
tw.setVisible(true);
break;
case ToolDialog.OPEN:
// pop up a dialog box for the user to enter a filename.
public void windowClosing(WindowEvent e) {
e.getWindow().setVisible(false);
}
});
fd.setVisible(true);
// see if the user hit 'cancel'
return;
// get the entered filename
try {
// open the policy file
// display the policy entries via the policy list textarea
}
// display the new policy filename
newFilename = (TextField)
tw.setVisible(true);
// inform user of warnings
if (tool.newWarning == true) {
("Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information."));
}
} catch (Exception e) {
// add blank policy listing
// display a null policy filename
newFilename = (TextField)
tw.setVisible(true);
// display the error
("Could.not.open.policy.file.policyFile.e.toString."));
}
break;
}
}
/**
* Return a Menu list of names for a given permission
*
* If inputPerm's TARGETS are null, then this means TARGETS are
* not allowed to be entered (and the TextField is set to be
* non-editable).
*
* If TARGETS are valid but there are no standard ones
* (user must enter them by hand) then the TARGETS array may be empty
* (and of course non-null).
*/
// custom permission
field.setEditable(true);
// standard permission with no targets
field.setEditable(false);
} else {
// standard permission with standard targets
field.setEditable(true);
}
}
}
/**
* Return a Menu list of actions for a given permission
*
* If inputPerm's ACTIONS are null, then this means ACTIONS are
* not allowed to be entered (and the TextField is set to be
* non-editable). This is typically true for BasicPermissions.
*
* If ACTIONS are valid but there are no standard ones
* (user must enter them by hand) then the ACTIONS array may be empty
* (and of course non-null).
*/
// custom permission
field.setEditable(true);
// standard permission with no actions
field.setEditable(false);
} else {
// standard permission with standard actions
field.setEditable(true);
}
}
}
}
}
}
return result;
}
}
}
/**
* Event handler for the PolicyTool window
*/
}
}
// XXX
// should we ask user if they want to save changes?
// (we do if they choose the Menu->Exit)
// seems that if they kill the application by hand,
// we don't have to ask.
tw.setVisible(false);
}
}
}
}
}
}
}
/**
* Event handler for the Policy List
*/
}
// display the permission list for a policy entry
td.displayPolicyEntryDialog(true);
}
}
/**
* Event handler for the File Menu
*/
}
// ask user if they want to save changes
// the above method will perform the QUIT as long as the
// user does not CANCEL the request
// ask user if they want to save changes
// the above method will perform the NEW as long as the
// user does not CANCEL the request
// ask user if they want to save changes
// the above method will perform the OPEN as long as the
// user does not CANCEL the request
// get the previously entered filename
// if there is no filename, do a SAVE_AS
// user wants to SAVE AS
} else {
try {
// save the policy entries to a file
// display status
("Policy.successfully.written.to.filename"));
} catch (FileNotFoundException fnfe) {
} else {
}
}
}
// user wants to SAVE AS
}
}
}
/**
* Event handler for the main window buttons and Edit Menu
*/
}
// display a dialog box for the user to enter policy info
td.displayPolicyEntryDialog(false);
// get the selected entry
if (index < 0) {
return;
}
// ask the user if they really want to remove the policy entry
// get the selected entry
if (index < 0) {
return;
}
// display the permission list for a policy entry
td.displayPolicyEntryDialog(true);
// display a dialog box for the user to enter keystore info
}
}
}
/**
* Event handler for AddEntryDoneButton button
*
* -- if edit is TRUE, then we are EDITing an existing PolicyEntry
* and we need to update both the policy and the GUI listing.
* if edit is FALSE, then we are ADDing a new PolicyEntry,
* so we only need to update the GUI listing.
*/
private boolean edit;
}
try {
// get a PolicyEntry object from the dialog policy info
// see if all the signers have public keys
("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured."));
}
}
}
// add the entry
if (edit) {
} else {
}
td.setVisible(false);
}
}
}
/**
* Event handler for ChangeKeyStoreOKButton button
*/
ToolDialog td) {
}
try {
("Unable.to.open.KeyStore.ex.toString."));
return;
}
}
}
/**
* Event handler for AddPrinButton button
*/
private boolean editPolicyEntry;
this.editPolicyEntry = editPolicyEntry;
}
// display a dialog box for the user to enter principal info
}
}
/**
* Event handler for AddPermButton button
*/
private boolean editPolicyEntry;
this.editPolicyEntry = editPolicyEntry;
}
// display a dialog box for the user to enter permission info
}
}
/**
* Event handler for AddPrinOKButton button
*/
private boolean edit;
boolean edit) {
this.listDialog = listDialog;
this.infoDialog = infoDialog;
}
try {
// read in the new principal info from Dialog Box
try {
pppe.getPrincipalName());
} catch (ClassNotFoundException cnfe) {
("Warning.Class.not.found.class"));
}
// add the principal to the GUI principal list
if (edit) {
// if editing, replace the original principal
} else {
// if adding, just add it to the end
}
}
}
}
}
/**
* Event handler for AddPermOKButton button
*/
private boolean edit;
boolean edit) {
this.listDialog = listDialog;
this.infoDialog = infoDialog;
}
try {
// read in the new permission info from Dialog Box
try {
} catch (ClassNotFoundException cnfe) {
("Warning.Class.not.found.class"));
}
// add the permission to the GUI permission list
if (edit) {
// if editing, replace the original permission
} else {
// if adding, just add it to the end
}
} catch (InvocationTargetException ite) {
}
}
}
/**
* Event handler for RemovePrinButton button
*/
private boolean edit;
}
// get the Principal selected from the Principal List
if (prinIndex < 0) {
return;
}
// remove the principal from the display
}
}
/**
* Event handler for RemovePermButton button
*/
private boolean edit;
}
// get the Permission selected from the Permission List
if (permIndex < 0) {
return;
}
// remove the permission from the display
}
}
/**
* Event handler for Edit Principal button
*
* We need the editPolicyEntry boolean to tell us if the user is
* adding a new PolicyEntry at this time, or editing an existing entry.
* If the user is adding a new PolicyEntry, we ONLY update the
* GUI listing. If the user is editing an existing PolicyEntry, we
* update both the GUI listing and the actual PolicyEntry.
*/
private boolean editPolicyEntry;
this.editPolicyEntry = editPolicyEntry;
}
// get the Principal selected from the Principal List
if (prinIndex < 0) {
return;
}
}
}
/**
* Event handler for Edit Permission button
*
* We need the editPolicyEntry boolean to tell us if the user is
* adding a new PolicyEntry at this time, or editing an existing entry.
* If the user is adding a new PolicyEntry, we ONLY update the
* GUI listing. If the user is editing an existing PolicyEntry, we
* update both the GUI listing and the actual PolicyEntry.
*/
private boolean editPolicyEntry;
this.editPolicyEntry = editPolicyEntry;
}
// get the Permission selected from the Permission List
if (permIndex < 0) {
return;
}
}
}
/**
* Event handler for Principal Popup Menu
*/
}
// ignore if they choose "Principal Type:" item
}
return;
}
// if you change the principal, clear the name
}
// set the text in the textfield and also modify the
// pull-down choice menus to reflect the correct possible
// set of names and actions
}
}
}
/**
* Event handler for Permission Popup Menu
*/
}
// ignore if they choose the 'Permission:' item
}
}
return;
}
// if you change the permission, clear the name, actions, and signedBy
}
// set the text in the textfield and also modify the
// pull-down choice menus to reflect the correct possible
// set of names and actions
} else {
}
}
}
/**
* Event handler for Permission Name Popup Menu
*/
}
return;
}
}
/**
* Event handler for Permission Actions Popup Menu
*/
}
return;
} else {
}
}
}
/**
*/
}
}
// same as pressing the "cancel" button
td.setVisible(false);
}
}
}
}
}
}
}
/**
* Event handler for CancelButton button
*/
}
td.setVisible(false);
}
}
/**
* Event handler for ErrorOKButton button
*/
}
ed.setVisible(false);
}
}
/**
* Event handler for StatusOKButton button
*/
}
sd.setVisible(false);
}
}
/**
* Event handler for UserSaveYes button
*/
private int select;
}
// first get rid of the window
us.setVisible(false);
try {
// the above dialog will continue with the originally
// requested command if necessary
} else {
// save the policy entries to a file
// display status
("Policy.successfully.written.to.filename"));
// now continue with the originally requested command
// (QUIT, NEW, or OPEN)
}
// error -- just report it and bail
}
}
}
/**
* Event handler for UserSaveNoButton
*/
private int select;
}
us.setVisible(false);
// now continue with the originally requested command
// (QUIT, NEW, or OPEN)
}
}
/**
* Event handler for UserSaveCancelButton
*/
}
us.setVisible(false);
// do NOT continue with the originally requested command
// (QUIT, NEW, or OPEN)
}
}
/**
* Event handler for ConfirmRemovePolicyEntryOKButtonListener
*/
}
// remove the entry
// redraw the window listing
}
us.setVisible(false);
}
}
/**
* Just a special name, so that the codes dealing with this exception knows
* it's special, and does not pop out a warning box.
*/
}
/**
* This is a java.awt.List that bind an Object to each String it holds.
*/
public TaggedList(int i, boolean b) {
super(i, b);
}
}
throw new AssertionError("should not call add in TaggedList");
}
}
throw new AssertionError("should not call replaceItem in TaggedList");
}
}
// Cannot throw AssertionError, because replaceItem() call remove() internally
}
}
}
/**
* Convenience Principal Classes
*/
class Prin {
this.FULL_CLASS = fullClass;
}
}
public KrbPrin() {
super("KerberosPrincipal",
"javax.security.auth.kerberos.KerberosPrincipal");
}
}
public X500Prin() {
super("X500Principal",
"javax.security.auth.x500.X500Principal");
}
}
/**
* Convenience Permission Classes
*/
class Perm {
this.FULL_CLASS = fullClass;
}
}
public AllPerm() {
}
}
public AudioPerm() {
super("AudioPermission",
"javax.sound.sampled.AudioPermission",
new String[] {
"play",
"record"
},
null);
}
}
public AuthPerm() {
super("AuthPermission",
"javax.security.auth.AuthPermission",
new String[] {
"doAs",
"doAsPrivileged",
"getSubject",
"getSubjectFromDomainCombiner",
"setReadOnly",
"modifyPrincipals",
"modifyPublicCredentials",
"modifyPrivateCredentials",
"refreshCredential",
"destroyCredential",
"getLoginConfiguration",
"setLoginConfiguration",
"createLoginConfiguration.<" +
"refreshLoginConfiguration"
},
null);
}
}
public AWTPerm() {
super("AWTPermission",
"java.awt.AWTPermission",
new String[] {
"accessClipboard",
"accessEventQueue",
"accessSystemTray",
"createRobot",
"fullScreenExclusive",
"listenToAllAWTEvents",
"readDisplayPixels",
"replaceKeyboardFocusManager",
"setAppletStub",
"setWindowAlwaysOnTop",
"showWindowWithoutWarningBanner",
"toolkitModality",
"watchMousePointer"
},
null);
}
}
public DelegationPerm() {
super("DelegationPermission",
"javax.security.auth.kerberos.DelegationPermission",
new String[] {
// allow user input
},
null);
}
}
public FilePerm() {
super("FilePermission",
"java.io.FilePermission",
new String[] {
"<<ALL FILES>>"
},
new String[] {
"read",
"write",
"delete",
"execute"
});
}
}
public InqSecContextPerm() {
super("InquireSecContextPermission",
"com.sun.security.jgss.InquireSecContextPermission",
new String[] {
"KRB5_GET_SESSION_KEY",
"KRB5_GET_TKT_FLAGS",
"KRB5_GET_AUTHZ_DATA",
"KRB5_GET_AUTHTIME"
},
null);
}
}
public LogPerm() {
super("LoggingPermission",
"java.util.logging.LoggingPermission",
new String[] {
"control"
},
null);
}
}
public MgmtPerm() {
super("ManagementPermission",
"java.lang.management.ManagementPermission",
new String[] {
"control",
"monitor"
},
null);
}
}
public MBeanPerm() {
super("MBeanPermission",
"javax.management.MBeanPermission",
new String[] {
// allow user input
},
new String[] {
"addNotificationListener",
"getAttribute",
"getClassLoader",
"getClassLoaderFor",
"getClassLoaderRepository",
"getDomains",
"getMBeanInfo",
"getObjectInstance",
"instantiate",
"invoke",
"isInstanceOf",
"queryMBeans",
"queryNames",
"registerMBean",
"removeNotificationListener",
"setAttribute",
"unregisterMBean"
});
}
}
public MBeanSvrPerm() {
super("MBeanServerPermission",
"javax.management.MBeanServerPermission",
new String[] {
"createMBeanServer",
"findMBeanServer",
"newMBeanServer",
"releaseMBeanServer"
},
null);
}
}
public MBeanTrustPerm() {
super("MBeanTrustPermission",
"javax.management.MBeanTrustPermission",
new String[] {
"register"
},
null);
}
}
public NetPerm() {
super("NetPermission",
"java.net.NetPermission",
new String[] {
"setDefaultAuthenticator",
"requestPasswordAuthentication",
"specifyStreamHandler",
"setProxySelector",
"getProxySelector",
"setCookieHandler",
"getCookieHandler",
"setResponseCache",
"getResponseCache"
},
null);
}
}
public PrivCredPerm() {
super("PrivateCredentialPermission",
"javax.security.auth.PrivateCredentialPermission",
new String[] {
// allow user input
},
new String[] {
"read"
});
}
}
public PropPerm() {
super("PropertyPermission",
"java.util.PropertyPermission",
new String[] {
// allow user input
},
new String[] {
"read",
"write"
});
}
}
public ReflectPerm() {
super("ReflectPermission",
"java.lang.reflect.ReflectPermission",
new String[] {
"suppressAccessChecks"
},
null);
}
}
public RuntimePerm() {
super("RuntimePermission",
"java.lang.RuntimePermission",
new String[] {
"createClassLoader",
"getClassLoader",
"setContextClassLoader",
"enableContextClassLoaderOverride",
"setSecurityManager",
"createSecurityManager",
"getenv.<" +
"exitVM",
"shutdownHooks",
"setFactory",
"setIO",
"modifyThread",
"stopThread",
"modifyThreadGroup",
"getProtectionDomain",
"readFileDescriptor",
"writeFileDescriptor",
"loadLibrary.<" +
"accessClassInPackage.<" +
"defineClassInPackage.<" +
"accessDeclaredMembers",
"queuePrintJob",
"getStackTrace",
"setDefaultUncaughtExceptionHandler",
"preferences",
"usePolicy",
// "inheritedChannel"
},
null);
}
}
public SecurityPerm() {
super("SecurityPermission",
"java.security.SecurityPermission",
new String[] {
"createAccessControlContext",
"getDomainCombiner",
"getPolicy",
"setPolicy",
"createPolicy.<" +
"getProperty.<" +
"setProperty.<" +
"insertProvider.<" +
"removeProvider.<" +
//"setSystemScope",
//"setIdentityPublicKey",
//"setIdentityInfo",
//"addIdentityCertificate",
//"removeIdentityCertificate",
//"printIdentity",
"clearProviderProperties.<" +
"putProviderProperty.<" +
"removeProviderProperty.<" +
//"getSignerPrivateKey",
//"setSignerKeyPair"
},
null);
}
}
public SerialPerm() {
super("SerializablePermission",
"java.io.SerializablePermission",
new String[] {
"enableSubclassImplementation",
"enableSubstitution"
},
null);
}
}
public ServicePerm() {
super("ServicePermission",
"javax.security.auth.kerberos.ServicePermission",
new String[] {
// allow user input
},
new String[] {
"initiate",
"accept"
});
}
}
public SocketPerm() {
super("SocketPermission",
"java.net.SocketPermission",
new String[] {
// allow user input
},
new String[] {
"accept",
"connect",
"listen",
"resolve"
});
}
}
public SQLPerm() {
super("SQLPermission",
"java.sql.SQLPermission",
new String[] {
"setLog",
"callAbort",
"setSyncFactory",
"setNetworkTimeout",
},
null);
}
}
public SSLPerm() {
super("SSLPermission",
"javax.net.ssl.SSLPermission",
new String[] {
"setHostnameVerifier",
"getSSLSessionContext"
},
null);
}
}
public SubjDelegPerm() {
super("SubjectDelegationPermission",
"javax.management.remote.SubjectDelegationPermission",
new String[] {
// allow user input
},
null);
}
}