Class PolicyParser
java.lang.Object
com.sun.ts.lib.util.sec.security.provider.PolicyParser
The policy for a Java runtime (specifying which permissions are available for code from various principals) is
represented as a separate persistent configuration. The configuration may be stored as a flat ASCII file, as a
serialized binary file of the Policy class, or as a database.
The Java runtime creates one global Policy object, which is used to represent the static policy configuration file.
It is consulted by a ProtectionDomain when the protection domain initializes its set of permissions.
The Policy
init
method parses the policy configuration file, and then populates the Policy object. The
Policy object is agnostic in that it is not involved in making policy decisions. It is merely the Java runtime
representation of the persistent policy configuration file.
When a protection domain needs to initialize its set of permissions, it executes code such as the following to ask
the global Policy object to populate a Permissions object with the appropriate permissions:
policy = Policy.getPolicy(); Permissions perms = policy.getPermissions(protectiondomain)The protection domain contains CodeSource object, which encapsulates its codebase (URL) and public key attributes. It also contains the principals associated with the domain. The Policy object evaluates the global policy in light of who the principal is and what the code source is and returns an appropriate Permissions object.
- Since:
- 1.2
- Author:
- Roland Schemers, Ram Marti
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
Each grant entry in the policy configuration file is represented by a GrantEntry object.static class
static class
Each permission entry in the policy configuration file is represented by a PermissionEntry object.static class
Principal info (class and name) in a grant entry -
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
Returns the (possibly expanded) keystore location, or null if the expansion fails.Enumerate all the entries in the global policy object.static void
void
Reads a policy configuration into the Policy object using a Reader object.boolean
void
replace
(PolicyParser.GrantEntry origGe, PolicyParser.GrantEntry newGe) void
setKeyStoreProvider
(String provider) void
setKeyStoreType
(String type) void
setKeyStoreUrl
(String url) void
setStorePassURL
(String storePassURL) void
write out the policy
-
Field Details
-
REPLACE_NAME
- See Also:
-
-
Constructor Details
-
PolicyParser
public PolicyParser()Creates a PolicyParser object. -
PolicyParser
public PolicyParser(boolean expandProp)
-
-
Method Details
-
read
Reads a policy configuration into the Policy object using a Reader object.- Parameters:
policy
- the policy Reader object.- Throws:
PolicyParser.ParsingException
- if the policy configuration contains a syntax error.IOException
- if an error occurs while reading the policy configuration.
-
add
-
replace
-
remove
-
getKeyStoreUrl
Returns the (possibly expanded) keystore location, or null if the expansion fails. -
setKeyStoreUrl
-
getKeyStoreType
-
setKeyStoreType
-
getKeyStoreProvider
-
setKeyStoreProvider
-
getStorePassURL
-
setStorePassURL
-
grantElements
Enumerate all the entries in the global policy object. This method is used by policy admin tools. The tools should use the Enumeration methods on the returned object to fetch the elements sequentially. -
write
write out the policy -
main
- Throws:
Exception
-