src/java.base/share/classes/sun/security/provider/PolicyFile.java
Print this page
*** 75,85 ****
* <i>policy.url.1</i>, <i>policy.url.2</i>, ...,
* <i>policy.url.X</i>" and
* <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ...,
* <i>auth.policy.url.X</i>". These properties are set
* in the Java security properties file, which is located in the file named
! * <JAVA_HOME>/lib/security/java.security.
* <JAVA_HOME> refers to the value of the java.home system property,
* and specifies the directory where the JRE is installed.
* Each property value specifies a <code>URL</code> pointing to a
* policy file to be loaded. Read in and load each policy.
*
--- 75,85 ----
* <i>policy.url.1</i>, <i>policy.url.2</i>, ...,
* <i>policy.url.X</i>" and
* <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ...,
* <i>auth.policy.url.X</i>". These properties are set
* in the Java security properties file, which is located in the file named
! * <JAVA_HOME>/conf/security/java.security.
* <JAVA_HOME> refers to the value of the java.home system property,
* and specifies the directory where the JRE is installed.
* Each property value specifies a <code>URL</code> pointing to a
* policy file to be loaded. Read in and load each policy.
*
*** 316,326 ****
* loop through the Security Properties named "policy.url.1",
* ""policy.url.2", "auth.policy.url.1", "auth.policy.url.2" etc, until
* you don't find one. Each of these specify a policy file.
*
* if none of these could be loaded, use a builtin static policy
! * equivalent to the default lib/security/java.policy file.
*
* if the system property "java.policy" or "java.auth.policy" is defined
* (which is the
* case when the user uses the -D switch at runtime), and
* its use is allowed by the security property file,
--- 316,326 ----
* loop through the Security Properties named "policy.url.1",
* ""policy.url.2", "auth.policy.url.1", "auth.policy.url.2" etc, until
* you don't find one. Each of these specify a policy file.
*
* if none of these could be loaded, use a builtin static policy
! * equivalent to the default conf/security/java.policy file.
*
* if the system property "java.policy" or "java.auth.policy" is defined
* (which is the
* case when the user uses the -D switch at runtime), and
* its use is allowed by the security property file,
*** 466,476 ****
/**
* Caller did not specify URL via Policy.getInstance.
* Read from URLs listed in the java.security properties file.
*
! * We call initPolicyFile with POLICY , POLICY_URL and then
* call it with AUTH_POLICY and AUTH_POLICY_URL
* So first we will process the JAVA standard policy
* and then process the JAVA AUTH Policy.
* This is for backward compatibility as well as to handle
* cases where the user has a single unified policyfile
--- 466,476 ----
/**
* Caller did not specify URL via Policy.getInstance.
* Read from URLs listed in the java.security properties file.
*
! * We call initPolicyFile with POLICY, POLICY_URL and then
* call it with AUTH_POLICY and AUTH_POLICY_URL
* So first we will process the JAVA standard policy
* and then process the JAVA AUTH Policy.
* This is for backward compatibility as well as to handle
* cases where the user has a single unified policyfile
*** 707,736 ****
SecurityConstants.PROPERTY_READ_ACTION));
// No need to sync because noone has access to newInfo yet
newInfo.policyEntries.add(pe);
- // Add AllPermissions for standard extensions
- String[] extCodebases = PolicyParser.parseExtDirs(
- PolicyParser.EXTDIRS_EXPANSION, 0);
- if (extCodebases != null && extCodebases.length > 0) {
- for (int i = 0; i < extCodebases.length; i++) {
- try {
- pe = new PolicyEntry(canonicalizeCodebase(
- new CodeSource(new URL(extCodebases[i]),
- (Certificate[]) null), false ));
- pe.add(SecurityConstants.ALL_PERMISSION);
-
- // No need to sync because noone has access to
- // newInfo yet
- newInfo.policyEntries.add(pe);
- } catch (Exception e) {
- // this is probably bad (though not dangerous).
- // What should we do?
- }
- }
- }
return null;
}
});
}
--- 707,716 ----