1 /*
2 * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26
27 package java.security;
28
29 import java.util.Enumeration;
30 import java.util.WeakHashMap;
31 import java.util.concurrent.atomic.AtomicReference;
32 import sun.security.jca.GetInstance;
33 import sun.security.util.Debug;
34 import sun.security.util.SecurityConstants;
35
36
37 /**
38 * A Policy object is responsible for determining whether code executing
39 * in the Java runtime environment has permission to perform a
40 * security-sensitive operation.
41 *
42 * <p> There is only one Policy object installed in the runtime at any
43 * given time. A Policy object can be installed by calling the
44 * {@code setPolicy} method. The installed Policy object can be
45 * obtained by calling the {@code getPolicy} method.
46 *
47 * <p> If no Policy object has been installed in the runtime, a call to
48 * {@code getPolicy} installs an instance of the default Policy
49 * implementation (a default subclass implementation of this abstract class).
50 * The default Policy implementation can be changed by setting the value
51 * of the {@code policy.provider} security property to the fully qualified
52 * name of the desired Policy subclass implementation. The system class loader
53 * is used to load this class.
54 *
55 * <p> Application code can directly subclass Policy to provide a custom
56 * implementation. In addition, an instance of a Policy object can be
57 * constructed by invoking one of the {@code getInstance} factory methods
58 * with a standard type. The default policy type is "JavaPolicy".
59 *
60 * <p> Once a Policy instance has been installed (either by default, or by
61 * calling {@code setPolicy}), the Java runtime invokes its
62 * {@code implies} method when it needs to
63 * determine whether executing code (encapsulated in a ProtectionDomain)
64 * can perform SecurityManager-protected operations. How a Policy object
65 * retrieves its policy data is up to the Policy implementation itself.
66 * The policy data may be stored, for example, in a flat ASCII file,
67 * in a serialized binary file of the Policy class, or in a database.
68 *
69 * <p> The {@code refresh} method causes the policy object to
70 * refresh/reload its data. This operation is implementation-dependent.
71 * For example, if the policy object stores its data in configuration files,
72 * calling {@code refresh} will cause it to re-read the configuration
73 * policy files. If a refresh operation is not supported, this method does
74 * nothing. Note that refreshed policy may not have an effect on classes
75 * in a particular ProtectionDomain. This is dependent on the Policy
76 * provider's implementation of the {@code implies}
77 * method and its PermissionCollection caching strategy.
78 *
79 * @author Roland Schemers
80 * @author Gary Ellison
81 * @see java.security.Provider
82 * @see java.security.ProtectionDomain
83 * @see java.security.Permission
84 * @see java.security.Security security properties
85 */
86
87 public abstract class Policy {
88
89 /**
90 * A read-only empty PermissionCollection instance.
91 * @since 1.6
92 */
93 public static final PermissionCollection UNSUPPORTED_EMPTY_COLLECTION =
94 new UnsupportedEmptyCollection();
95
96 // Information about the system-wide policy.
97 private static class PolicyInfo {
98 // the system-wide policy
99 final Policy policy;
100 // a flag indicating if the system-wide policy has been initialized
101 final boolean initialized;
102
103 PolicyInfo(Policy policy, boolean initialized) {
104 this.policy = policy;
105 this.initialized = initialized;
106 }
107 }
108
109 // PolicyInfo is stored in an AtomicReference
110 private static AtomicReference<PolicyInfo> policy =
111 new AtomicReference<>(new PolicyInfo(null, false));
112
113 private static final Debug debug = Debug.getInstance("policy");
114
115 // Default policy provider
116 private static final String DEFAULT_POLICY =
117 "sun.security.provider.PolicyFile";
118
119 // Cache mapping ProtectionDomain.Key to PermissionCollection
120 private WeakHashMap<ProtectionDomain.Key, PermissionCollection> pdMapping;
121
122 /** package private for AccessControlContext and ProtectionDomain */
123 static boolean isSet()
124 {
125 PolicyInfo pi = policy.get();
126 return pi.policy != null && pi.initialized == true;
127 }
128
129 private static void checkPermission(String type) {
130 SecurityManager sm = System.getSecurityManager();
131 if (sm != null) {
132 sm.checkPermission(new SecurityPermission("createPolicy." + type));
133 }
134 }
135
136 /**
137 * Returns the installed Policy object. This value should not be cached,
138 * as it may be changed by a call to {@code setPolicy}.
139 * This method first calls
140 * {@code SecurityManager.checkPermission} with a
141 * {@code SecurityPermission("getPolicy")} permission
142 * to ensure it's ok to get the Policy object.
143 *
144 * @return the installed Policy.
145 *
146 * @throws SecurityException
147 * if a security manager exists and its
148 * {@code checkPermission} method doesn't allow
149 * getting the Policy object.
150 *
151 * @see SecurityManager#checkPermission(Permission)
152 * @see #setPolicy(java.security.Policy)
153 */
154 public static Policy getPolicy()
155 {
156 SecurityManager sm = System.getSecurityManager();
157 if (sm != null)
158 sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION);
159 return getPolicyNoCheck();
160 }
161
162 /**
163 * Returns the installed Policy object, skipping the security check.
164 * Used by ProtectionDomain and getPolicy.
165 *
166 * @return the installed Policy.
167 */
168 static Policy getPolicyNoCheck()
169 {
170 PolicyInfo pi = policy.get();
171 // Use double-check idiom to avoid locking if system-wide policy is
172 // already initialized
173 if (pi.initialized == false || pi.policy == null) {
174 synchronized (Policy.class) {
175 PolicyInfo pinfo = policy.get();
176 if (pinfo.policy == null) {
177 return loadPolicyProvider();
178 }
179 return pinfo.policy;
180 }
181 }
182 return pi.policy;
183 }
184
185 /**
186 * Loads and instantiates a Policy implementation specified by the
187 * policy.provider security property. Note that this method should only
188 * be called by getPolicyNoCheck and from within a synchronized block with
189 * an intrinsic lock on the Policy.class.
190 */
191 private static Policy loadPolicyProvider() {
192 String policyProvider =
193 AccessController.doPrivileged((PrivilegedAction<String>)
194 () -> Security.getProperty("policy.provider"));
195
196 /*
197 * If policy.provider is not set or is set to the default provider,
198 * simply instantiate it and return.
199 */
200 if (policyProvider == null || policyProvider.isEmpty() ||
201 policyProvider.equals(DEFAULT_POLICY))
202 {
203 Policy polFile = new sun.security.provider.PolicyFile();
204 policy.set(new PolicyInfo(polFile, true));
205 return polFile;
206 }
207
208 /*
209 * Locate, load, and instantiate the policy.provider impl using
210 * the system class loader. While doing so, install the bootstrap
211 * provider to avoid potential recursion.
212 */
213 Policy polFile = new sun.security.provider.PolicyFile();
214 policy.set(new PolicyInfo(polFile, false));
215
216 Policy pol = null;
217 try {
218 pol = AccessController.doPrivileged(
219 (PrivilegedExceptionAction<Policy>) () ->
220 {
221 ClassLoader scl = ClassLoader.getSystemClassLoader();
222 Class<?> c = Class.forName(policyProvider, true, scl);
223 return (Policy)c.newInstance();
224 });
225 } catch (Exception e) {
226 if (debug != null) {
227 debug.println("policy provider " + policyProvider +
228 " not available");
229 e.printStackTrace();
230 }
231 }
232 if (pol == null) {
233 // Fallback and use the system default implementation
234 if (debug != null) {
235 debug.println("using " + DEFAULT_POLICY);
236 }
237 pol = polFile;
238 }
239 policy.set(new PolicyInfo(pol, true));
240 return pol;
241 }
242
243 /**
244 * Sets the system-wide Policy object. This method first calls
245 * {@code SecurityManager.checkPermission} with a
246 * {@code SecurityPermission("setPolicy")}
247 * permission to ensure it's ok to set the Policy.
248 *
249 * @param p the new system Policy object.
250 *
251 * @throws SecurityException
252 * if a security manager exists and its
253 * {@code checkPermission} method doesn't allow
254 * setting the Policy.
255 *
256 * @see SecurityManager#checkPermission(Permission)
257 * @see #getPolicy()
258 *
259 */
260 public static void setPolicy(Policy p)
261 {
262 SecurityManager sm = System.getSecurityManager();
263 if (sm != null) sm.checkPermission(
264 new SecurityPermission("setPolicy"));
265 if (p != null) {
266 initPolicy(p);
267 }
268 synchronized (Policy.class) {
269 policy.set(new PolicyInfo(p, p != null));
270 }
271 }
272
273 /**
274 * Initialize superclass state such that a legacy provider can
275 * handle queries for itself.
276 *
277 * @since 1.4
278 */
279 private static void initPolicy (final Policy p) {
280 /*
281 * A policy provider not on the bootclasspath could trigger
282 * security checks fulfilling a call to either Policy.implies
283 * or Policy.getPermissions. If this does occur the provider
284 * must be able to answer for it's own ProtectionDomain
285 * without triggering additional security checks, otherwise
286 * the policy implementation will end up in an infinite
287 * recursion.
288 *
289 * To mitigate this, the provider can collect it's own
290 * ProtectionDomain and associate a PermissionCollection while
291 * it is being installed. The currently installed policy
292 * provider (if there is one) will handle calls to
293 * Policy.implies or Policy.getPermissions during this
294 * process.
295 *
296 * This Policy superclass caches away the ProtectionDomain and
297 * statically binds permissions so that legacy Policy
298 * implementations will continue to function.
299 */
300
301 ProtectionDomain policyDomain =
302 AccessController.doPrivileged(new PrivilegedAction<ProtectionDomain>() {
303 public ProtectionDomain run() {
304 return p.getClass().getProtectionDomain();
305 }
306 });
307
308 /*
309 * Collect the permissions granted to this protection domain
310 * so that the provider can be security checked while processing
311 * calls to Policy.implies or Policy.getPermissions.
312 */
313 PermissionCollection policyPerms = null;
314 synchronized (p) {
315 if (p.pdMapping == null) {
316 p.pdMapping = new WeakHashMap<>();
317 }
318 }
319
320 if (policyDomain.getCodeSource() != null) {
321 Policy pol = policy.get().policy;
322 if (pol != null) {
323 policyPerms = pol.getPermissions(policyDomain);
324 }
325
326 if (policyPerms == null) { // assume it has all
327 policyPerms = new Permissions();
328 policyPerms.add(SecurityConstants.ALL_PERMISSION);
329 }
330
331 synchronized (p.pdMapping) {
332 // cache of pd to permissions
333 p.pdMapping.put(policyDomain.key, policyPerms);
334 }
335 }
336 return;
337 }
338
339
340 /**
341 * Returns a Policy object of the specified type.
342 *
343 * <p> This method traverses the list of registered security providers,
344 * starting with the most preferred Provider.
345 * A new Policy object encapsulating the
346 * PolicySpi implementation from the first
347 * Provider that supports the specified type is returned.
348 *
349 * <p> Note that the list of registered providers may be retrieved via
350 * the {@link Security#getProviders() Security.getProviders()} method.
351 *
352 * @param type the specified Policy type. See the Policy section in the
353 * <a href=
354 * "{@docRoot}/../technotes/guides/security/StandardNames.html#Policy">
355 * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
356 * for a list of standard Policy types.
357 *
358 * @param params parameters for the Policy, which may be null.
359 *
360 * @return the new Policy object.
361 *
362 * @exception SecurityException if the caller does not have permission
363 * to get a Policy instance for the specified type.
364 *
365 * @exception NullPointerException if the specified type is null.
366 *
367 * @exception IllegalArgumentException if the specified parameters
368 * are not understood by the PolicySpi implementation
369 * from the selected Provider.
370 *
371 * @exception NoSuchAlgorithmException if no Provider supports a PolicySpi
372 * implementation for the specified type.
373 *
374 * @see Provider
375 * @since 1.6
376 */
377 public static Policy getInstance(String type, Policy.Parameters params)
378 throws NoSuchAlgorithmException {
379
380 checkPermission(type);
381 try {
382 GetInstance.Instance instance = GetInstance.getInstance("Policy",
383 PolicySpi.class,
384 type,
385 params);
386 return new PolicyDelegate((PolicySpi)instance.impl,
387 instance.provider,
388 type,
389 params);
390 } catch (NoSuchAlgorithmException nsae) {
391 return handleException(nsae);
392 }
393 }
394
395 /**
396 * Returns a Policy object of the specified type.
397 *
398 * <p> A new Policy object encapsulating the
399 * PolicySpi implementation from the specified provider
400 * is returned. The specified provider must be registered
401 * in the provider list.
402 *
403 * <p> Note that the list of registered providers may be retrieved via
404 * the {@link Security#getProviders() Security.getProviders()} method.
405 *
406 * @param type the specified Policy type. See the Policy section in the
407 * <a href=
408 * "{@docRoot}/../technotes/guides/security/StandardNames.html#Policy">
409 * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
410 * for a list of standard Policy types.
411 *
412 * @param params parameters for the Policy, which may be null.
413 *
414 * @param provider the provider.
415 *
416 * @return the new Policy object.
417 *
418 * @exception SecurityException if the caller does not have permission
419 * to get a Policy instance for the specified type.
420 *
421 * @exception NullPointerException if the specified type is null.
422 *
423 * @exception IllegalArgumentException if the specified provider
424 * is null or empty,
425 * or if the specified parameters are not understood by
426 * the PolicySpi implementation from the specified provider.
427 *
428 * @exception NoSuchProviderException if the specified provider is not
429 * registered in the security provider list.
430 *
431 * @exception NoSuchAlgorithmException if the specified provider does not
432 * support a PolicySpi implementation for the specified type.
433 *
434 * @see Provider
435 * @since 1.6
436 */
437 public static Policy getInstance(String type,
438 Policy.Parameters params,
439 String provider)
440 throws NoSuchProviderException, NoSuchAlgorithmException {
441
442 if (provider == null || provider.length() == 0) {
443 throw new IllegalArgumentException("missing provider");
444 }
445
446 checkPermission(type);
447 try {
448 GetInstance.Instance instance = GetInstance.getInstance("Policy",
449 PolicySpi.class,
450 type,
451 params,
452 provider);
453 return new PolicyDelegate((PolicySpi)instance.impl,
454 instance.provider,
455 type,
456 params);
457 } catch (NoSuchAlgorithmException nsae) {
458 return handleException(nsae);
459 }
460 }
461
462 /**
463 * Returns a Policy object of the specified type.
464 *
465 * <p> A new Policy object encapsulating the
466 * PolicySpi implementation from the specified Provider
467 * object is returned. Note that the specified Provider object
468 * does not have to be registered in the provider list.
469 *
470 * @param type the specified Policy type. See the Policy section in the
471 * <a href=
472 * "{@docRoot}/../technotes/guides/security/StandardNames.html#Policy">
473 * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
474 * for a list of standard Policy types.
475 *
476 * @param params parameters for the Policy, which may be null.
477 *
478 * @param provider the Provider.
479 *
480 * @return the new Policy object.
481 *
482 * @exception SecurityException if the caller does not have permission
483 * to get a Policy instance for the specified type.
484 *
485 * @exception NullPointerException if the specified type is null.
486 *
487 * @exception IllegalArgumentException if the specified Provider is null,
488 * or if the specified parameters are not understood by
489 * the PolicySpi implementation from the specified Provider.
490 *
491 * @exception NoSuchAlgorithmException if the specified Provider does not
492 * support a PolicySpi implementation for the specified type.
493 *
494 * @see Provider
495 * @since 1.6
496 */
497 public static Policy getInstance(String type,
498 Policy.Parameters params,
499 Provider provider)
500 throws NoSuchAlgorithmException {
501
502 if (provider == null) {
503 throw new IllegalArgumentException("missing provider");
504 }
505
506 checkPermission(type);
507 try {
508 GetInstance.Instance instance = GetInstance.getInstance("Policy",
509 PolicySpi.class,
510 type,
511 params,
512 provider);
513 return new PolicyDelegate((PolicySpi)instance.impl,
514 instance.provider,
515 type,
516 params);
517 } catch (NoSuchAlgorithmException nsae) {
518 return handleException(nsae);
519 }
520 }
521
522 private static Policy handleException(NoSuchAlgorithmException nsae)
523 throws NoSuchAlgorithmException {
524 Throwable cause = nsae.getCause();
525 if (cause instanceof IllegalArgumentException) {
526 throw (IllegalArgumentException)cause;
527 }
528 throw nsae;
529 }
530
531 /**
532 * Return the Provider of this Policy.
533 *
534 * <p> This Policy instance will only have a Provider if it
535 * was obtained via a call to {@code Policy.getInstance}.
536 * Otherwise this method returns null.
537 *
538 * @return the Provider of this Policy, or null.
539 *
540 * @since 1.6
541 */
542 public Provider getProvider() {
543 return null;
544 }
545
546 /**
547 * Return the type of this Policy.
548 *
549 * <p> This Policy instance will only have a type if it
550 * was obtained via a call to {@code Policy.getInstance}.
551 * Otherwise this method returns null.
552 *
553 * @return the type of this Policy, or null.
554 *
555 * @since 1.6
556 */
557 public String getType() {
558 return null;
559 }
560
561 /**
562 * Return Policy parameters.
563 *
564 * <p> This Policy instance will only have parameters if it
565 * was obtained via a call to {@code Policy.getInstance}.
566 * Otherwise this method returns null.
567 *
568 * @return Policy parameters, or null.
569 *
570 * @since 1.6
571 */
572 public Policy.Parameters getParameters() {
573 return null;
574 }
575
576 /**
577 * Return a PermissionCollection object containing the set of
578 * permissions granted to the specified CodeSource.
579 *
580 * <p> Applications are discouraged from calling this method
581 * since this operation may not be supported by all policy implementations.
582 * Applications should solely rely on the {@code implies} method
583 * to perform policy checks. If an application absolutely must call
584 * a getPermissions method, it should call
585 * {@code getPermissions(ProtectionDomain)}.
586 *
587 * <p> The default implementation of this method returns
588 * Policy.UNSUPPORTED_EMPTY_COLLECTION. This method can be
589 * overridden if the policy implementation can return a set of
590 * permissions granted to a CodeSource.
591 *
592 * @param codesource the CodeSource to which the returned
593 * PermissionCollection has been granted.
594 *
595 * @return a set of permissions granted to the specified CodeSource.
596 * If this operation is supported, the returned
597 * set of permissions must be a new mutable instance
598 * and it must support heterogeneous Permission types.
599 * If this operation is not supported,
600 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
601 */
602 public PermissionCollection getPermissions(CodeSource codesource) {
603 return Policy.UNSUPPORTED_EMPTY_COLLECTION;
604 }
605
606 /**
607 * Return a PermissionCollection object containing the set of
608 * permissions granted to the specified ProtectionDomain.
609 *
610 * <p> Applications are discouraged from calling this method
611 * since this operation may not be supported by all policy implementations.
612 * Applications should rely on the {@code implies} method
613 * to perform policy checks.
614 *
615 * <p> The default implementation of this method first retrieves
616 * the permissions returned via {@code getPermissions(CodeSource)}
617 * (the CodeSource is taken from the specified ProtectionDomain),
618 * as well as the permissions located inside the specified ProtectionDomain.
619 * All of these permissions are then combined and returned in a new
620 * PermissionCollection object. If {@code getPermissions(CodeSource)}
621 * returns Policy.UNSUPPORTED_EMPTY_COLLECTION, then this method
622 * returns the permissions contained inside the specified ProtectionDomain
623 * in a new PermissionCollection object.
624 *
625 * <p> This method can be overridden if the policy implementation
626 * supports returning a set of permissions granted to a ProtectionDomain.
627 *
628 * @param domain the ProtectionDomain to which the returned
629 * PermissionCollection has been granted.
630 *
631 * @return a set of permissions granted to the specified ProtectionDomain.
632 * If this operation is supported, the returned
633 * set of permissions must be a new mutable instance
634 * and it must support heterogeneous Permission types.
635 * If this operation is not supported,
636 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned.
637 *
638 * @since 1.4
639 */
640 public PermissionCollection getPermissions(ProtectionDomain domain) {
641 PermissionCollection pc = null;
642
643 if (domain == null)
644 return new Permissions();
645
646 if (pdMapping == null) {
647 initPolicy(this);
648 }
649
650 synchronized (pdMapping) {
651 pc = pdMapping.get(domain.key);
652 }
653
654 if (pc != null) {
655 Permissions perms = new Permissions();
656 synchronized (pc) {
657 for (Enumeration<Permission> e = pc.elements() ; e.hasMoreElements() ;) {
658 perms.add(e.nextElement());
659 }
660 }
661 return perms;
662 }
663
664 pc = getPermissions(domain.getCodeSource());
665 if (pc == null || pc == UNSUPPORTED_EMPTY_COLLECTION) {
666 pc = new Permissions();
667 }
668
669 addStaticPerms(pc, domain.getPermissions());
670 return pc;
671 }
672
673 /**
674 * add static permissions to provided permission collection
675 */
676 private void addStaticPerms(PermissionCollection perms,
677 PermissionCollection statics) {
678 if (statics != null) {
679 synchronized (statics) {
680 Enumeration<Permission> e = statics.elements();
681 while (e.hasMoreElements()) {
682 perms.add(e.nextElement());
683 }
684 }
685 }
686 }
687
688 /**
689 * Evaluates the global policy for the permissions granted to
690 * the ProtectionDomain and tests whether the permission is
691 * granted.
692 *
693 * @param domain the ProtectionDomain to test
694 * @param permission the Permission object to be tested for implication.
695 *
696 * @return true if "permission" is a proper subset of a permission
697 * granted to this ProtectionDomain.
698 *
699 * @see java.security.ProtectionDomain
700 * @since 1.4
701 */
702 public boolean implies(ProtectionDomain domain, Permission permission) {
703 PermissionCollection pc;
704
705 if (pdMapping == null) {
706 initPolicy(this);
707 }
708
709 synchronized (pdMapping) {
710 pc = pdMapping.get(domain.key);
711 }
712
713 if (pc != null) {
714 return pc.implies(permission);
715 }
716
717 pc = getPermissions(domain);
718 if (pc == null) {
719 return false;
720 }
721
722 synchronized (pdMapping) {
723 // cache it
724 pdMapping.put(domain.key, pc);
725 }
726
727 return pc.implies(permission);
728 }
729
730 /**
731 * Refreshes/reloads the policy configuration. The behavior of this method
732 * depends on the implementation. For example, calling {@code refresh}
733 * on a file-based policy will cause the file to be re-read.
734 *
735 * <p> The default implementation of this method does nothing.
736 * This method should be overridden if a refresh operation is supported
737 * by the policy implementation.
738 */
739 public void refresh() { }
740
741 /**
742 * This subclass is returned by the getInstance calls. All Policy calls
743 * are delegated to the underlying PolicySpi.
744 */
745 private static class PolicyDelegate extends Policy {
746
747 private PolicySpi spi;
748 private Provider p;
749 private String type;
750 private Policy.Parameters params;
751
752 private PolicyDelegate(PolicySpi spi, Provider p,
753 String type, Policy.Parameters params) {
754 this.spi = spi;
755 this.p = p;
756 this.type = type;
757 this.params = params;
758 }
759
760 @Override public String getType() { return type; }
761
762 @Override public Policy.Parameters getParameters() { return params; }
763
764 @Override public Provider getProvider() { return p; }
765
766 @Override
767 public PermissionCollection getPermissions(CodeSource codesource) {
768 return spi.engineGetPermissions(codesource);
769 }
770 @Override
771 public PermissionCollection getPermissions(ProtectionDomain domain) {
772 return spi.engineGetPermissions(domain);
773 }
774 @Override
775 public boolean implies(ProtectionDomain domain, Permission perm) {
776 return spi.engineImplies(domain, perm);
777 }
778 @Override
779 public void refresh() {
780 spi.engineRefresh();
781 }
782 }
783
784 /**
785 * This represents a marker interface for Policy parameters.
786 *
787 * @since 1.6
788 */
789 public static interface Parameters { }
790
791 /**
792 * This class represents a read-only empty PermissionCollection object that
793 * is returned from the {@code getPermissions(CodeSource)} and
794 * {@code getPermissions(ProtectionDomain)}
795 * methods in the Policy class when those operations are not
796 * supported by the Policy implementation.
797 */
798 private static class UnsupportedEmptyCollection
799 extends PermissionCollection {
800
801 private static final long serialVersionUID = -8492269157353014774L;
802
803 private Permissions perms;
804
805 /**
806 * Create a read-only empty PermissionCollection object.
807 */
808 public UnsupportedEmptyCollection() {
809 this.perms = new Permissions();
810 perms.setReadOnly();
811 }
812
813 /**
814 * Adds a permission object to the current collection of permission
815 * objects.
816 *
817 * @param permission the Permission object to add.
818 *
819 * @exception SecurityException - if this PermissionCollection object
820 * has been marked readonly
821 */
822 @Override public void add(Permission permission) {
823 perms.add(permission);
824 }
825
826 /**
827 * Checks to see if the specified permission is implied by the
828 * collection of Permission objects held in this PermissionCollection.
829 *
830 * @param permission the Permission object to compare.
831 *
832 * @return true if "permission" is implied by the permissions in
833 * the collection, false if not.
834 */
835 @Override public boolean implies(Permission permission) {
836 return perms.implies(permission);
837 }
838
839 /**
840 * Returns an enumeration of all the Permission objects in the
841 * collection.
842 *
843 * @return an enumeration of all the Permissions.
844 */
845 @Override public Enumeration<Permission> elements() {
846 return perms.elements();
847 }
848 }
849 }