GeronimoPolicy.java

/**
 *
 * Copyright 2003-2005 The Apache Software Foundation
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package org.apache.geronimo.security.jacc;

import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.ProtectionDomain;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;


/**
 * @version $Rev$ $Date$
 */
public class GeronimoPolicy extends Policy {
    private final Policy root;
    private GeronimoPolicyConfigurationFactory factory;
    private boolean loaded;

    public GeronimoPolicy() {
        String provider = System.getProperty("org.apache.geronimo.jacc.policy.provider");

        if (provider == null) {
            root = Policy.getPolicy();
        } else {
            try {
                Object obj = Class.forName(provider).newInstance();
                if (obj instanceof Policy) {
                    root = (Policy) obj;
                } else {
                    throw new RuntimeException(provider + "is not a type of java.security.Policy");
                }
            } catch (InstantiationException e) {
                throw new RuntimeException("Unable to create an instance of " + provider, e);
            } catch (IllegalAccessException e) {
                throw new RuntimeException("Unable to create an instance of " + provider, e);
            } catch (ClassNotFoundException e) {
                throw new RuntimeException("Unable to create an instance of " + provider, e);
            }
        }
        root.refresh();
    }

    public PermissionCollection getPermissions(CodeSource codesource) {

        if (root != null) return root.getPermissions(codesource);

        return null;
    }

    public void refresh() {
    }

    public boolean implies(ProtectionDomain domain, Permission permission) {

        if (!loaded) {
            factory = GeronimoPolicyConfigurationFactory.getSingleton();
            loaded = true;
        }

        if (factory != null) {
            String contextID = PolicyContext.getContextID();
            if (contextID != null) {
                try {
                    GeronimoPolicyConfiguration configuration = factory.getGeronimoPolicyConfiguration(contextID);

                    if (configuration.inService()) {
                        if (configuration.implies(domain, permission)) return true;
                    } else {
                        return false;
                    }
                } catch (PolicyContextException e) {
                }
            }
        }
        if (root != null) return root.implies(domain, permission);

        return false;
    }
}