1 /* 2 * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 27 package java.security; 28 29 import java.util.Enumeration; 30 import java.util.WeakHashMap; 31 import java.util.Objects; 32 import sun.security.jca.GetInstance; 33 import sun.security.util.Debug; 34 import sun.security.util.SecurityConstants; 35 36 37 /** 38 * A Policy object is responsible for determining whether code executing 39 * in the Java runtime environment has permission to perform a 40 * security-sensitive operation. 41 * 42 * <p> There is only one Policy object installed in the runtime at any 43 * given time. A Policy object can be installed by calling the 44 * {@code setPolicy} method. The installed Policy object can be 45 * obtained by calling the {@code getPolicy} method. 46 * 47 * <p> If no Policy object has been installed in the runtime, a call to 48 * {@code getPolicy} installs an instance of the default Policy 49 * implementation (a default subclass implementation of this abstract class). 50 * The default Policy implementation can be changed by setting the value 51 * of the {@code policy.provider} security property to the fully qualified 52 * name of the desired Policy subclass implementation. The system class loader 53 * is used to load this class. 54 * 55 * <p> Application code can directly subclass Policy to provide a custom 56 * implementation. In addition, an instance of a Policy object can be 57 * constructed by invoking one of the {@code getInstance} factory methods 58 * with a standard type. The default policy type is "JavaPolicy". 59 * 60 * <p> Once a Policy instance has been installed (either by default, or by 61 * calling {@code setPolicy}), the Java runtime invokes its 62 * {@code implies} method when it needs to 63 * determine whether executing code (encapsulated in a ProtectionDomain) 64 * can perform SecurityManager-protected operations. How a Policy object 65 * retrieves its policy data is up to the Policy implementation itself. 66 * The policy data may be stored, for example, in a flat ASCII file, 67 * in a serialized binary file of the Policy class, or in a database. 68 * 69 * <p> The {@code refresh} method causes the policy object to 70 * refresh/reload its data. This operation is implementation-dependent. 71 * For example, if the policy object stores its data in configuration files, 72 * calling {@code refresh} will cause it to re-read the configuration 73 * policy files. If a refresh operation is not supported, this method does 74 * nothing. Note that refreshed policy may not have an effect on classes 75 * in a particular ProtectionDomain. This is dependent on the Policy 76 * provider's implementation of the {@code implies} 77 * method and its PermissionCollection caching strategy. 78 * 79 * @author Roland Schemers 80 * @author Gary Ellison 81 * @since 1.2 82 * @see java.security.Provider 83 * @see java.security.ProtectionDomain 84 * @see java.security.Permission 85 * @see java.security.Security security properties 86 */ 87 88 public abstract class Policy { 89 90 /** 91 * A read-only empty PermissionCollection instance. 92 * @since 1.6 93 */ 94 public static final PermissionCollection UNSUPPORTED_EMPTY_COLLECTION = 95 new UnsupportedEmptyCollection(); 96 97 // Information about the system-wide policy. 98 private static class PolicyInfo { 99 // the system-wide policy 100 final Policy policy; 101 // a flag indicating if the system-wide policy has been initialized 102 final boolean initialized; 103 104 PolicyInfo(Policy policy, boolean initialized) { 105 this.policy = policy; 106 this.initialized = initialized; 107 } 108 } 109 110 // PolicyInfo is volatile since we apply DCL during initialization. 111 // For correctness, care must be taken to read the field only once and only 112 // write to it after any other initialization action has taken place. 113 private static volatile PolicyInfo policyInfo = new PolicyInfo(null, false); 114 115 private static final Debug debug = Debug.getInstance("policy"); 116 117 // Default policy provider 118 private static final String DEFAULT_POLICY = 119 "sun.security.provider.PolicyFile"; 120 121 // Cache mapping ProtectionDomain.Key to PermissionCollection 122 private WeakHashMap<ProtectionDomain.Key, PermissionCollection> pdMapping; 123 124 /** package private for AccessControlContext and ProtectionDomain */ 125 static boolean isSet() { 126 PolicyInfo pi = policyInfo; 127 return pi.policy != null && pi.initialized == true; 128 } 129 130 private static void checkPermission(String type) { 131 SecurityManager sm = System.getSecurityManager(); 132 if (sm != null) { 133 sm.checkPermission(new SecurityPermission("createPolicy." + type)); 134 } 135 } 136 137 /** 138 * Returns the installed Policy object. This value should not be cached, 139 * as it may be changed by a call to {@code setPolicy}. 140 * This method first calls 141 * {@code SecurityManager.checkPermission} with a 142 * {@code SecurityPermission("getPolicy")} permission 143 * to ensure it's ok to get the Policy object. 144 * 145 * @return the installed Policy. 146 * 147 * @throws SecurityException 148 * if a security manager exists and its 149 * {@code checkPermission} method doesn't allow 150 * getting the Policy object. 151 * 152 * @see SecurityManager#checkPermission(Permission) 153 * @see #setPolicy(java.security.Policy) 154 */ 155 public static Policy getPolicy() 156 { 157 SecurityManager sm = System.getSecurityManager(); 158 if (sm != null) 159 sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION); 160 return getPolicyNoCheck(); 161 } 162 163 /** 164 * Returns the installed Policy object, skipping the security check. 165 * Used by ProtectionDomain and getPolicy. 166 * 167 * @return the installed Policy. 168 */ 169 static Policy getPolicyNoCheck() 170 { 171 PolicyInfo pi = policyInfo; 172 // Use double-check idiom to avoid locking if system-wide policy is 173 // already initialized 174 if (pi.initialized == false || pi.policy == null) { 175 synchronized (Policy.class) { 176 pi = policyInfo; 177 if (pi.policy == null) { 178 return loadPolicyProvider(); 179 } 180 } 181 } 182 return pi.policy; 183 } 184 185 /** 186 * Loads and instantiates a Policy implementation specified by the 187 * policy.provider security property. Note that this method should only 188 * be called by getPolicyNoCheck and from within a synchronized block with 189 * an intrinsic lock on the Policy.class. 190 */ 191 private static Policy loadPolicyProvider() { 192 String policyProvider = 193 AccessController.doPrivileged(new PrivilegedAction<>() { 194 @Override 195 public String run() { 196 return Security.getProperty("policy.provider"); 197 } 198 }); 199 200 /* 201 * If policy.provider is not set or is set to the default provider, 202 * simply instantiate it and return. 203 */ 204 if (policyProvider == null || policyProvider.isEmpty() || 205 policyProvider.equals(DEFAULT_POLICY)) 206 { 207 Policy polFile = new sun.security.provider.PolicyFile(); 208 policyInfo = new PolicyInfo(polFile, true); 209 return polFile; 210 } 211 212 /* 213 * Locate, load, and instantiate the policy.provider impl using 214 * the system class loader. While doing so, install the bootstrap 215 * provider to avoid potential recursion. 216 */ 217 Policy polFile = new sun.security.provider.PolicyFile(); 218 policyInfo = new PolicyInfo(polFile, false); 219 220 Policy pol = AccessController.doPrivileged(new PrivilegedAction<>() { 221 @Override 222 public Policy run() { 223 try { 224 ClassLoader scl = ClassLoader.getSystemClassLoader(); 225 @SuppressWarnings("deprecation") 226 Object o = Class.forName(policyProvider, true, scl).newInstance(); 227 return (Policy)o; 228 } catch (Exception e) { 229 if (debug != null) { 230 debug.println("policy provider " + policyProvider + 231 " not available"); 232 e.printStackTrace(); 233 } 234 return null; 235 } 236 } 237 }); 238 239 if (pol == null) { 240 // Fallback and use the system default implementation 241 if (debug != null) { 242 debug.println("using " + DEFAULT_POLICY); 243 } 244 pol = polFile; 245 } 246 policyInfo = new PolicyInfo(pol, true); 247 return pol; 248 } 249 250 /** 251 * Sets the system-wide Policy object. This method first calls 252 * {@code SecurityManager.checkPermission} with a 253 * {@code SecurityPermission("setPolicy")} 254 * permission to ensure it's ok to set the Policy. 255 * 256 * @param p the new system Policy object. 257 * 258 * @throws SecurityException 259 * if a security manager exists and its 260 * {@code checkPermission} method doesn't allow 261 * setting the Policy. 262 * 263 * @see SecurityManager#checkPermission(Permission) 264 * @see #getPolicy() 265 * 266 */ 267 public static void setPolicy(Policy p) 268 { 269 SecurityManager sm = System.getSecurityManager(); 270 if (sm != null) sm.checkPermission( 271 new SecurityPermission("setPolicy")); 272 if (p != null) { 273 initPolicy(p); 274 } 275 synchronized (Policy.class) { 276 policyInfo = new PolicyInfo(p, p != null); 277 } 278 } 279 280 /** 281 * Initialize superclass state such that a legacy provider can 282 * handle queries for itself. 283 * 284 * @since 1.4 285 */ 286 private static void initPolicy (final Policy p) { 287 /* 288 * A policy provider not on the bootclasspath could trigger 289 * security checks fulfilling a call to either Policy.implies 290 * or Policy.getPermissions. If this does occur the provider 291 * must be able to answer for it's own ProtectionDomain 292 * without triggering additional security checks, otherwise 293 * the policy implementation will end up in an infinite 294 * recursion. 295 * 296 * To mitigate this, the provider can collect it's own 297 * ProtectionDomain and associate a PermissionCollection while 298 * it is being installed. The currently installed policy 299 * provider (if there is one) will handle calls to 300 * Policy.implies or Policy.getPermissions during this 301 * process. 302 * 303 * This Policy superclass caches away the ProtectionDomain and 304 * statically binds permissions so that legacy Policy 305 * implementations will continue to function. 306 */ 307 308 ProtectionDomain policyDomain = 309 AccessController.doPrivileged(new PrivilegedAction<>() { 310 public ProtectionDomain run() { 311 return p.getClass().getProtectionDomain(); 312 } 313 }); 314 315 /* 316 * Collect the permissions granted to this protection domain 317 * so that the provider can be security checked while processing 318 * calls to Policy.implies or Policy.getPermissions. 319 */ 320 PermissionCollection policyPerms = null; 321 synchronized (p) { 322 if (p.pdMapping == null) { 323 p.pdMapping = new WeakHashMap<>(); 324 } 325 } 326 327 if (policyDomain.getCodeSource() != null) { 328 Policy pol = policyInfo.policy; 329 if (pol != null) { 330 policyPerms = pol.getPermissions(policyDomain); 331 } 332 333 if (policyPerms == null) { // assume it has all 334 policyPerms = new Permissions(); 335 policyPerms.add(SecurityConstants.ALL_PERMISSION); 336 } 337 338 synchronized (p.pdMapping) { 339 // cache of pd to permissions 340 p.pdMapping.put(policyDomain.key, policyPerms); 341 } 342 } 343 return; 344 } 345 346 347 /** 348 * Returns a Policy object of the specified type. 349 * 350 * <p> This method traverses the list of registered security providers, 351 * starting with the most preferred Provider. 352 * A new Policy object encapsulating the 353 * PolicySpi implementation from the first 354 * Provider that supports the specified type is returned. 355 * 356 * <p> Note that the list of registered providers may be retrieved via 357 * the {@link Security#getProviders() Security.getProviders()} method. 358 * 359 * @implNote 360 * The JDK Reference Implementation additionally uses the 361 * {@code jdk.security.provider.preferred} 362 * {@link Security#getProperty(String) Security} property to determine 363 * the preferred provider order for the specified algorithm. This 364 * may be different than the order of providers returned by 365 * {@link Security#getProviders() Security.getProviders()}. 366 * 367 * @param type the specified Policy type. See the Policy section in the 368 * <a href= 369 * "{@docRoot}/../specs/security/standard-names.html#policy-types"> 370 * Java Security Standard Algorithm Names Specification</a> 371 * for a list of standard Policy types. 372 * 373 * @param params parameters for the Policy, which may be null. 374 * 375 * @return the new {@code Policy} object 376 * 377 * @throws IllegalArgumentException if the specified parameters 378 * are not understood by the {@code PolicySpi} implementation 379 * from the selected {@code Provider} 380 * 381 * @throws NoSuchAlgorithmException if no {@code Provider} supports 382 * a {@code PolicySpi} implementation for the specified type 383 * 384 * @throws NullPointerException if {@code type} is {@code null} 385 * 386 * @throws SecurityException if the caller does not have permission 387 * to get a {@code Policy} instance for the specified type. 388 * 389 * @see Provider 390 * @since 1.6 391 */ 392 public static Policy getInstance(String type, Policy.Parameters params) 393 throws NoSuchAlgorithmException { 394 Objects.requireNonNull(type, "null type name"); 395 checkPermission(type); 396 try { 397 GetInstance.Instance instance = GetInstance.getInstance("Policy", 398 PolicySpi.class, 399 type, 400 params); 401 return new PolicyDelegate((PolicySpi)instance.impl, 402 instance.provider, 403 type, 404 params); 405 } catch (NoSuchAlgorithmException nsae) { 406 return handleException(nsae); 407 } 408 } 409 410 /** 411 * Returns a Policy object of the specified type. 412 * 413 * <p> A new Policy object encapsulating the 414 * PolicySpi implementation from the specified provider 415 * is returned. The specified provider must be registered 416 * in the provider list. 417 * 418 * <p> Note that the list of registered providers may be retrieved via 419 * the {@link Security#getProviders() Security.getProviders()} method. 420 * 421 * @param type the specified Policy type. See the Policy section in the 422 * <a href= 423 * "{@docRoot}/../specs/security/standard-names.html#policy-types"> 424 * Java Security Standard Algorithm Names Specification</a> 425 * for a list of standard Policy types. 426 * 427 * @param params parameters for the Policy, which may be null. 428 * 429 * @param provider the provider. 430 * 431 * @return the new {@code Policy} object 432 * 433 * @throws IllegalArgumentException if the specified provider 434 * is {@code null} or empty, or if the specified parameters are 435 * not understood by the {@code PolicySpi} implementation from 436 * the specified provider 437 * 438 * @throws NoSuchAlgorithmException if the specified provider does not 439 * support a {@code PolicySpi} implementation for the specified 440 * type 441 * 442 * @throws NoSuchProviderException if the specified provider is not 443 * registered in the security provider list 444 * 445 * @throws NullPointerException if {@code type} is {@code null} 446 * 447 * @throws SecurityException if the caller does not have permission 448 * to get a {@code Policy} instance for the specified type 449 * 450 * @see Provider 451 * @since 1.6 452 */ 453 public static Policy getInstance(String type, 454 Policy.Parameters params, 455 String provider) 456 throws NoSuchProviderException, NoSuchAlgorithmException { 457 458 Objects.requireNonNull(type, "null type name"); 459 if (provider == null || provider.isEmpty()) { 460 throw new IllegalArgumentException("missing provider"); 461 } 462 463 checkPermission(type); 464 try { 465 GetInstance.Instance instance = GetInstance.getInstance("Policy", 466 PolicySpi.class, 467 type, 468 params, 469 provider); 470 return new PolicyDelegate((PolicySpi)instance.impl, 471 instance.provider, 472 type, 473 params); 474 } catch (NoSuchAlgorithmException nsae) { 475 return handleException(nsae); 476 } 477 } 478 479 /** 480 * Returns a Policy object of the specified type. 481 * 482 * <p> A new Policy object encapsulating the 483 * PolicySpi implementation from the specified Provider 484 * object is returned. Note that the specified Provider object 485 * does not have to be registered in the provider list. 486 * 487 * @param type the specified Policy type. See the Policy section in the 488 * <a href= 489 * "{@docRoot}/../specs/security/standard-names.html#policy-types"> 490 * Java Security Standard Algorithm Names Specification</a> 491 * for a list of standard Policy types. 492 * 493 * @param params parameters for the Policy, which may be null. 494 * 495 * @param provider the Provider. 496 * 497 * @return the new {@code Policy} object 498 * 499 * @throws IllegalArgumentException if the specified {@code Provider} 500 * is {@code null}, or if the specified parameters are not 501 * understood by the {@code PolicySpi} implementation from the 502 * specified {@code Provider} 503 * 504 * @throws NoSuchAlgorithmException if the specified {@code Provider} 505 * does not support a {@code PolicySpi} implementation for 506 * the specified type 507 * 508 * @throws NullPointerException if {@code type} is {@code null} 509 * 510 * @throws SecurityException if the caller does not have permission 511 * to get a {@code Policy} instance for the specified type 512 * 513 * @see Provider 514 * @since 1.6 515 */ 516 public static Policy getInstance(String type, 517 Policy.Parameters params, 518 Provider provider) 519 throws NoSuchAlgorithmException { 520 521 Objects.requireNonNull(type, "null type name"); 522 if (provider == null) { 523 throw new IllegalArgumentException("missing provider"); 524 } 525 526 checkPermission(type); 527 try { 528 GetInstance.Instance instance = GetInstance.getInstance("Policy", 529 PolicySpi.class, 530 type, 531 params, 532 provider); 533 return new PolicyDelegate((PolicySpi)instance.impl, 534 instance.provider, 535 type, 536 params); 537 } catch (NoSuchAlgorithmException nsae) { 538 return handleException(nsae); 539 } 540 } 541 542 private static Policy handleException(NoSuchAlgorithmException nsae) 543 throws NoSuchAlgorithmException { 544 Throwable cause = nsae.getCause(); 545 if (cause instanceof IllegalArgumentException) { 546 throw (IllegalArgumentException)cause; 547 } 548 throw nsae; 549 } 550 551 /** 552 * Return the Provider of this Policy. 553 * 554 * <p> This Policy instance will only have a Provider if it 555 * was obtained via a call to {@code Policy.getInstance}. 556 * Otherwise this method returns null. 557 * 558 * @return the Provider of this Policy, or null. 559 * 560 * @since 1.6 561 */ 562 public Provider getProvider() { 563 return null; 564 } 565 566 /** 567 * Return the type of this Policy. 568 * 569 * <p> This Policy instance will only have a type if it 570 * was obtained via a call to {@code Policy.getInstance}. 571 * Otherwise this method returns null. 572 * 573 * @return the type of this Policy, or null. 574 * 575 * @since 1.6 576 */ 577 public String getType() { 578 return null; 579 } 580 581 /** 582 * Return Policy parameters. 583 * 584 * <p> This Policy instance will only have parameters if it 585 * was obtained via a call to {@code Policy.getInstance}. 586 * Otherwise this method returns null. 587 * 588 * @return Policy parameters, or null. 589 * 590 * @since 1.6 591 */ 592 public Policy.Parameters getParameters() { 593 return null; 594 } 595 596 /** 597 * Return a PermissionCollection object containing the set of 598 * permissions granted to the specified CodeSource. 599 * 600 * <p> Applications are discouraged from calling this method 601 * since this operation may not be supported by all policy implementations. 602 * Applications should solely rely on the {@code implies} method 603 * to perform policy checks. If an application absolutely must call 604 * a getPermissions method, it should call 605 * {@code getPermissions(ProtectionDomain)}. 606 * 607 * <p> The default implementation of this method returns 608 * Policy.UNSUPPORTED_EMPTY_COLLECTION. This method can be 609 * overridden if the policy implementation can return a set of 610 * permissions granted to a CodeSource. 611 * 612 * @param codesource the CodeSource to which the returned 613 * PermissionCollection has been granted. 614 * 615 * @return a set of permissions granted to the specified CodeSource. 616 * If this operation is supported, the returned 617 * set of permissions must be a new mutable instance 618 * and it must support heterogeneous Permission types. 619 * If this operation is not supported, 620 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. 621 */ 622 public PermissionCollection getPermissions(CodeSource codesource) { 623 return Policy.UNSUPPORTED_EMPTY_COLLECTION; 624 } 625 626 /** 627 * Return a PermissionCollection object containing the set of 628 * permissions granted to the specified ProtectionDomain. 629 * 630 * <p> Applications are discouraged from calling this method 631 * since this operation may not be supported by all policy implementations. 632 * Applications should rely on the {@code implies} method 633 * to perform policy checks. 634 * 635 * <p> The default implementation of this method first retrieves 636 * the permissions returned via {@code getPermissions(CodeSource)} 637 * (the CodeSource is taken from the specified ProtectionDomain), 638 * as well as the permissions located inside the specified ProtectionDomain. 639 * All of these permissions are then combined and returned in a new 640 * PermissionCollection object. If {@code getPermissions(CodeSource)} 641 * returns Policy.UNSUPPORTED_EMPTY_COLLECTION, then this method 642 * returns the permissions contained inside the specified ProtectionDomain 643 * in a new PermissionCollection object. 644 * 645 * <p> This method can be overridden if the policy implementation 646 * supports returning a set of permissions granted to a ProtectionDomain. 647 * 648 * @param domain the ProtectionDomain to which the returned 649 * PermissionCollection has been granted. 650 * 651 * @return a set of permissions granted to the specified ProtectionDomain. 652 * If this operation is supported, the returned 653 * set of permissions must be a new mutable instance 654 * and it must support heterogeneous Permission types. 655 * If this operation is not supported, 656 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. 657 * 658 * @since 1.4 659 */ 660 public PermissionCollection getPermissions(ProtectionDomain domain) { 661 PermissionCollection pc = null; 662 663 if (domain == null) 664 return new Permissions(); 665 666 if (pdMapping == null) { 667 initPolicy(this); 668 } 669 670 synchronized (pdMapping) { 671 pc = pdMapping.get(domain.key); 672 } 673 674 if (pc != null) { 675 Permissions perms = new Permissions(); 676 synchronized (pc) { 677 for (Enumeration<Permission> e = pc.elements() ; e.hasMoreElements() ;) { 678 perms.add(e.nextElement()); 679 } 680 } 681 return perms; 682 } 683 684 pc = getPermissions(domain.getCodeSource()); 685 if (pc == null || pc == UNSUPPORTED_EMPTY_COLLECTION) { 686 pc = new Permissions(); 687 } 688 689 addStaticPerms(pc, domain.getPermissions()); 690 return pc; 691 } 692 693 /** 694 * add static permissions to provided permission collection 695 */ 696 private void addStaticPerms(PermissionCollection perms, 697 PermissionCollection statics) { 698 if (statics != null) { 699 synchronized (statics) { 700 Enumeration<Permission> e = statics.elements(); 701 while (e.hasMoreElements()) { 702 perms.add(e.nextElement()); 703 } 704 } 705 } 706 } 707 708 /** 709 * Evaluates the global policy for the permissions granted to 710 * the ProtectionDomain and tests whether the permission is 711 * granted. 712 * 713 * @param domain the ProtectionDomain to test 714 * @param permission the Permission object to be tested for implication. 715 * 716 * @return true if "permission" is a proper subset of a permission 717 * granted to this ProtectionDomain. 718 * 719 * @see java.security.ProtectionDomain 720 * @since 1.4 721 */ 722 public boolean implies(ProtectionDomain domain, Permission permission) { 723 PermissionCollection pc; 724 725 if (pdMapping == null) { 726 initPolicy(this); 727 } 728 729 synchronized (pdMapping) { 730 pc = pdMapping.get(domain.key); 731 } 732 733 if (pc != null) { 734 return pc.implies(permission); 735 } 736 737 pc = getPermissions(domain); 738 if (pc == null) { 739 return false; 740 } 741 742 synchronized (pdMapping) { 743 // cache it 744 pdMapping.put(domain.key, pc); 745 } 746 747 return pc.implies(permission); 748 } 749 750 /** 751 * Refreshes/reloads the policy configuration. The behavior of this method 752 * depends on the implementation. For example, calling {@code refresh} 753 * on a file-based policy will cause the file to be re-read. 754 * 755 * <p> The default implementation of this method does nothing. 756 * This method should be overridden if a refresh operation is supported 757 * by the policy implementation. 758 */ 759 public void refresh() { } 760 761 /** 762 * This subclass is returned by the getInstance calls. All Policy calls 763 * are delegated to the underlying PolicySpi. 764 */ 765 private static class PolicyDelegate extends Policy { 766 767 private PolicySpi spi; 768 private Provider p; 769 private String type; 770 private Policy.Parameters params; 771 772 private PolicyDelegate(PolicySpi spi, Provider p, 773 String type, Policy.Parameters params) { 774 this.spi = spi; 775 this.p = p; 776 this.type = type; 777 this.params = params; 778 } 779 780 @Override public String getType() { return type; } 781 782 @Override public Policy.Parameters getParameters() { return params; } 783 784 @Override public Provider getProvider() { return p; } 785 786 @Override 787 public PermissionCollection getPermissions(CodeSource codesource) { 788 return spi.engineGetPermissions(codesource); 789 } 790 @Override 791 public PermissionCollection getPermissions(ProtectionDomain domain) { 792 return spi.engineGetPermissions(domain); 793 } 794 @Override 795 public boolean implies(ProtectionDomain domain, Permission perm) { 796 return spi.engineImplies(domain, perm); 797 } 798 @Override 799 public void refresh() { 800 spi.engineRefresh(); 801 } 802 } 803 804 /** 805 * This represents a marker interface for Policy parameters. 806 * 807 * @since 1.6 808 */ 809 public static interface Parameters { } 810 811 /** 812 * This class represents a read-only empty PermissionCollection object that 813 * is returned from the {@code getPermissions(CodeSource)} and 814 * {@code getPermissions(ProtectionDomain)} 815 * methods in the Policy class when those operations are not 816 * supported by the Policy implementation. 817 */ 818 private static class UnsupportedEmptyCollection 819 extends PermissionCollection { 820 821 private static final long serialVersionUID = -8492269157353014774L; 822 823 private Permissions perms; 824 825 /** 826 * Create a read-only empty PermissionCollection object. 827 */ 828 public UnsupportedEmptyCollection() { 829 this.perms = new Permissions(); 830 perms.setReadOnly(); 831 } 832 833 /** 834 * Adds a permission object to the current collection of permission 835 * objects. 836 * 837 * @param permission the Permission object to add. 838 * 839 * @exception SecurityException - if this PermissionCollection object 840 * has been marked readonly 841 */ 842 @Override public void add(Permission permission) { 843 perms.add(permission); 844 } 845 846 /** 847 * Checks to see if the specified permission is implied by the 848 * collection of Permission objects held in this PermissionCollection. 849 * 850 * @param permission the Permission object to compare. 851 * 852 * @return true if "permission" is implied by the permissions in 853 * the collection, false if not. 854 */ 855 @Override public boolean implies(Permission permission) { 856 return perms.implies(permission); 857 } 858 859 /** 860 * Returns an enumeration of all the Permission objects in the 861 * collection. 862 * 863 * @return an enumeration of all the Permissions. 864 */ 865 @Override public Enumeration<Permission> elements() { 866 return perms.elements(); 867 } 868 } 869 }