1 /* 2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 27 package java.security; 28 29 import java.util.Enumeration; 30 import java.util.WeakHashMap; 31 import java.util.concurrent.atomic.AtomicReference; 32 import java.util.Objects; 33 import sun.security.jca.GetInstance; 34 import sun.security.util.Debug; 35 import sun.security.util.SecurityConstants; 36 37 38 /** 39 * A Policy object is responsible for determining whether code executing 40 * in the Java runtime environment has permission to perform a 41 * security-sensitive operation. 42 * 43 * <p> There is only one Policy object installed in the runtime at any 44 * given time. A Policy object can be installed by calling the 45 * {@code setPolicy} method. The installed Policy object can be 46 * obtained by calling the {@code getPolicy} method. 47 * 48 * <p> If no Policy object has been installed in the runtime, a call to 49 * {@code getPolicy} installs an instance of the default Policy 50 * implementation (a default subclass implementation of this abstract class). 51 * The default Policy implementation can be changed by setting the value 52 * of the {@code policy.provider} security property to the fully qualified 53 * name of the desired Policy subclass implementation. The system class loader 54 * is used to load this class. 55 * 56 * <p> Application code can directly subclass Policy to provide a custom 57 * implementation. In addition, an instance of a Policy object can be 58 * constructed by invoking one of the {@code getInstance} factory methods 59 * with a standard type. The default policy type is "JavaPolicy". 60 * 61 * <p> Once a Policy instance has been installed (either by default, or by 62 * calling {@code setPolicy}), the Java runtime invokes its 63 * {@code implies} method when it needs to 64 * determine whether executing code (encapsulated in a ProtectionDomain) 65 * can perform SecurityManager-protected operations. How a Policy object 66 * retrieves its policy data is up to the Policy implementation itself. 67 * The policy data may be stored, for example, in a flat ASCII file, 68 * in a serialized binary file of the Policy class, or in a database. 69 * 70 * <p> The {@code refresh} method causes the policy object to 71 * refresh/reload its data. This operation is implementation-dependent. 72 * For example, if the policy object stores its data in configuration files, 73 * calling {@code refresh} will cause it to re-read the configuration 74 * policy files. If a refresh operation is not supported, this method does 75 * nothing. Note that refreshed policy may not have an effect on classes 76 * in a particular ProtectionDomain. This is dependent on the Policy 77 * provider's implementation of the {@code implies} 78 * method and its PermissionCollection caching strategy. 79 * 80 * @author Roland Schemers 81 * @author Gary Ellison 82 * @see java.security.Provider 83 * @see java.security.ProtectionDomain 84 * @see java.security.Permission 85 * @see java.security.Security security properties 86 */ 87 88 public abstract class Policy { 89 90 /** 91 * A read-only empty PermissionCollection instance. 92 * @since 1.6 93 */ 94 public static final PermissionCollection UNSUPPORTED_EMPTY_COLLECTION = 95 new UnsupportedEmptyCollection(); 96 97 // Information about the system-wide policy. 98 private static class PolicyInfo { 99 // the system-wide policy 100 final Policy policy; 101 // a flag indicating if the system-wide policy has been initialized 102 final boolean initialized; 103 104 PolicyInfo(Policy policy, boolean initialized) { 105 this.policy = policy; 106 this.initialized = initialized; 107 } 108 } 109 110 // PolicyInfo is stored in an AtomicReference 111 private static AtomicReference<PolicyInfo> policy = 112 new AtomicReference<>(new PolicyInfo(null, false)); 113 114 private static final Debug debug = Debug.getInstance("policy"); 115 116 // Default policy provider 117 private static final String DEFAULT_POLICY = 118 "sun.security.provider.PolicyFile"; 119 120 // Cache mapping ProtectionDomain.Key to PermissionCollection 121 private WeakHashMap<ProtectionDomain.Key, PermissionCollection> pdMapping; 122 123 /** package private for AccessControlContext and ProtectionDomain */ 124 static boolean isSet() 125 { 126 PolicyInfo pi = policy.get(); 127 return pi.policy != null && pi.initialized == true; 128 } 129 130 private static void checkPermission(String type) { 131 SecurityManager sm = System.getSecurityManager(); 132 if (sm != null) { 133 sm.checkPermission(new SecurityPermission("createPolicy." + type)); 134 } 135 } 136 137 /** 138 * Returns the installed Policy object. This value should not be cached, 139 * as it may be changed by a call to {@code setPolicy}. 140 * This method first calls 141 * {@code SecurityManager.checkPermission} with a 142 * {@code SecurityPermission("getPolicy")} permission 143 * to ensure it's ok to get the Policy object. 144 * 145 * @return the installed Policy. 146 * 147 * @throws SecurityException 148 * if a security manager exists and its 149 * {@code checkPermission} method doesn't allow 150 * getting the Policy object. 151 * 152 * @see SecurityManager#checkPermission(Permission) 153 * @see #setPolicy(java.security.Policy) 154 */ 155 public static Policy getPolicy() 156 { 157 SecurityManager sm = System.getSecurityManager(); 158 if (sm != null) 159 sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION); 160 return getPolicyNoCheck(); 161 } 162 163 /** 164 * Returns the installed Policy object, skipping the security check. 165 * Used by ProtectionDomain and getPolicy. 166 * 167 * @return the installed Policy. 168 */ 169 static Policy getPolicyNoCheck() 170 { 171 PolicyInfo pi = policy.get(); 172 // Use double-check idiom to avoid locking if system-wide policy is 173 // already initialized 174 if (pi.initialized == false || pi.policy == null) { 175 synchronized (Policy.class) { 176 PolicyInfo pinfo = policy.get(); 177 if (pinfo.policy == null) { 178 return loadPolicyProvider(); 179 } 180 return pinfo.policy; 181 } 182 } 183 return pi.policy; 184 } 185 186 /** 187 * Loads and instantiates a Policy implementation specified by the 188 * policy.provider security property. Note that this method should only 189 * be called by getPolicyNoCheck and from within a synchronized block with 190 * an intrinsic lock on the Policy.class. 191 */ 192 private static Policy loadPolicyProvider() { 193 String policyProvider = 194 AccessController.doPrivileged(new PrivilegedAction<>() { 195 @Override 196 public String run() { 197 return Security.getProperty("policy.provider"); 198 } 199 }); 200 201 /* 202 * If policy.provider is not set or is set to the default provider, 203 * simply instantiate it and return. 204 */ 205 if (policyProvider == null || policyProvider.isEmpty() || 206 policyProvider.equals(DEFAULT_POLICY)) 207 { 208 Policy polFile = new sun.security.provider.PolicyFile(); 209 policy.set(new PolicyInfo(polFile, true)); 210 return polFile; 211 } 212 213 /* 214 * Locate, load, and instantiate the policy.provider impl using 215 * the system class loader. While doing so, install the bootstrap 216 * provider to avoid potential recursion. 217 */ 218 Policy polFile = new sun.security.provider.PolicyFile(); 219 policy.set(new PolicyInfo(polFile, false)); 220 221 Policy pol = AccessController.doPrivileged(new PrivilegedAction<>() { 222 @Override 223 public Policy run() { 224 try { 225 ClassLoader scl = ClassLoader.getSystemClassLoader(); 226 @SuppressWarnings("deprecation") 227 Object o = Class.forName(policyProvider, true, scl).newInstance(); 228 return (Policy)o; 229 } catch (Exception e) { 230 if (debug != null) { 231 debug.println("policy provider " + policyProvider + 232 " not available"); 233 e.printStackTrace(); 234 } 235 return null; 236 } 237 } 238 }); 239 240 if (pol == null) { 241 // Fallback and use the system default implementation 242 if (debug != null) { 243 debug.println("using " + DEFAULT_POLICY); 244 } 245 pol = polFile; 246 } 247 policy.set(new PolicyInfo(pol, true)); 248 return pol; 249 } 250 251 /** 252 * Sets the system-wide Policy object. This method first calls 253 * {@code SecurityManager.checkPermission} with a 254 * {@code SecurityPermission("setPolicy")} 255 * permission to ensure it's ok to set the Policy. 256 * 257 * @param p the new system Policy object. 258 * 259 * @throws SecurityException 260 * if a security manager exists and its 261 * {@code checkPermission} method doesn't allow 262 * setting the Policy. 263 * 264 * @see SecurityManager#checkPermission(Permission) 265 * @see #getPolicy() 266 * 267 */ 268 public static void setPolicy(Policy p) 269 { 270 SecurityManager sm = System.getSecurityManager(); 271 if (sm != null) sm.checkPermission( 272 new SecurityPermission("setPolicy")); 273 if (p != null) { 274 initPolicy(p); 275 } 276 synchronized (Policy.class) { 277 policy.set(new PolicyInfo(p, p != null)); 278 } 279 } 280 281 /** 282 * Initialize superclass state such that a legacy provider can 283 * handle queries for itself. 284 * 285 * @since 1.4 286 */ 287 private static void initPolicy (final Policy p) { 288 /* 289 * A policy provider not on the bootclasspath could trigger 290 * security checks fulfilling a call to either Policy.implies 291 * or Policy.getPermissions. If this does occur the provider 292 * must be able to answer for it's own ProtectionDomain 293 * without triggering additional security checks, otherwise 294 * the policy implementation will end up in an infinite 295 * recursion. 296 * 297 * To mitigate this, the provider can collect it's own 298 * ProtectionDomain and associate a PermissionCollection while 299 * it is being installed. The currently installed policy 300 * provider (if there is one) will handle calls to 301 * Policy.implies or Policy.getPermissions during this 302 * process. 303 * 304 * This Policy superclass caches away the ProtectionDomain and 305 * statically binds permissions so that legacy Policy 306 * implementations will continue to function. 307 */ 308 309 ProtectionDomain policyDomain = 310 AccessController.doPrivileged(new PrivilegedAction<>() { 311 public ProtectionDomain run() { 312 return p.getClass().getProtectionDomain(); 313 } 314 }); 315 316 /* 317 * Collect the permissions granted to this protection domain 318 * so that the provider can be security checked while processing 319 * calls to Policy.implies or Policy.getPermissions. 320 */ 321 PermissionCollection policyPerms = null; 322 synchronized (p) { 323 if (p.pdMapping == null) { 324 p.pdMapping = new WeakHashMap<>(); 325 } 326 } 327 328 if (policyDomain.getCodeSource() != null) { 329 Policy pol = policy.get().policy; 330 if (pol != null) { 331 policyPerms = pol.getPermissions(policyDomain); 332 } 333 334 if (policyPerms == null) { // assume it has all 335 policyPerms = new Permissions(); 336 policyPerms.add(SecurityConstants.ALL_PERMISSION); 337 } 338 339 synchronized (p.pdMapping) { 340 // cache of pd to permissions 341 p.pdMapping.put(policyDomain.key, policyPerms); 342 } 343 } 344 return; 345 } 346 347 348 /** 349 * Returns a Policy object of the specified type. 350 * 351 * <p> This method traverses the list of registered security providers, 352 * starting with the most preferred Provider. 353 * A new Policy object encapsulating the 354 * PolicySpi implementation from the first 355 * Provider that supports the specified type is returned. 356 * 357 * <p> Note that the list of registered providers may be retrieved via 358 * the {@link Security#getProviders() Security.getProviders()} method. 359 * 360 * @implNote 361 * The JDK Reference Implementation additionally uses the 362 * {@code jdk.security.provider.preferred} 363 * {@link Security#getProperty(String) Security} property to determine 364 * the preferred provider order for the specified algorithm. This 365 * may be different than the order of providers returned by 366 * {@link Security#getProviders() Security.getProviders()}. 367 * 368 * @param type the specified Policy type. See the Policy section in the 369 * <a href= 370 * "{@docRoot}/../technotes/guides/security/StandardNames.html#Policy"> 371 * Java Cryptography Architecture Standard Algorithm Name Documentation</a> 372 * for a list of standard Policy types. 373 * 374 * @param params parameters for the Policy, which may be null. 375 * 376 * @return the new {@code Policy} object 377 * 378 * @throws IllegalArgumentException if the specified parameters 379 * are not understood by the {@code PolicySpi} implementation 380 * from the selected {@code Provider} 381 * 382 * @throws NoSuchAlgorithmException if no {@code Provider} supports 383 * a {@code PolicySpi} implementation for the specified type 384 * 385 * @throws NullPointerException if {@code type} is {@code null} 386 * 387 * @throws SecurityException if the caller does not have permission 388 * to get a {@code Policy} instance for the specified type. 389 * 390 * @see Provider 391 * @since 1.6 392 */ 393 public static Policy getInstance(String type, Policy.Parameters params) 394 throws NoSuchAlgorithmException { 395 Objects.requireNonNull(type, "null type name"); 396 checkPermission(type); 397 try { 398 GetInstance.Instance instance = GetInstance.getInstance("Policy", 399 PolicySpi.class, 400 type, 401 params); 402 return new PolicyDelegate((PolicySpi)instance.impl, 403 instance.provider, 404 type, 405 params); 406 } catch (NoSuchAlgorithmException nsae) { 407 return handleException(nsae); 408 } 409 } 410 411 /** 412 * Returns a Policy object of the specified type. 413 * 414 * <p> A new Policy object encapsulating the 415 * PolicySpi implementation from the specified provider 416 * is returned. The specified provider must be registered 417 * in the provider list. 418 * 419 * <p> Note that the list of registered providers may be retrieved via 420 * the {@link Security#getProviders() Security.getProviders()} method. 421 * 422 * @param type the specified Policy type. See the Policy section in the 423 * <a href= 424 * "{@docRoot}/../technotes/guides/security/StandardNames.html#Policy"> 425 * Java Cryptography Architecture Standard Algorithm Name Documentation</a> 426 * for a list of standard Policy types. 427 * 428 * @param params parameters for the Policy, which may be null. 429 * 430 * @param provider the provider. 431 * 432 * @return the new {@code Policy} object 433 * 434 * @throws IllegalArgumentException if the specified provider 435 * is {@code null} or empty, or if the specified parameters are 436 * not understood by the {@code PolicySpi} implementation from 437 * the specified provider 438 * 439 * @throws NoSuchAlgorithmException if the specified provider does not 440 * support a {@code PolicySpi} implementation for the specified 441 * type 442 * 443 * @throws NoSuchProviderException if the specified provider is not 444 * registered in the security provider list 445 * 446 * @throws NullPointerException if {@code type} is {@code null} 447 * 448 * @throws SecurityException if the caller does not have permission 449 * to get a {@code Policy} instance for the specified type 450 * 451 * @see Provider 452 * @since 1.6 453 */ 454 public static Policy getInstance(String type, 455 Policy.Parameters params, 456 String provider) 457 throws NoSuchProviderException, NoSuchAlgorithmException { 458 459 Objects.requireNonNull(type, "null type name"); 460 if (provider == null || provider.length() == 0) { 461 throw new IllegalArgumentException("missing provider"); 462 } 463 464 checkPermission(type); 465 try { 466 GetInstance.Instance instance = GetInstance.getInstance("Policy", 467 PolicySpi.class, 468 type, 469 params, 470 provider); 471 return new PolicyDelegate((PolicySpi)instance.impl, 472 instance.provider, 473 type, 474 params); 475 } catch (NoSuchAlgorithmException nsae) { 476 return handleException(nsae); 477 } 478 } 479 480 /** 481 * Returns a Policy object of the specified type. 482 * 483 * <p> A new Policy object encapsulating the 484 * PolicySpi implementation from the specified Provider 485 * object is returned. Note that the specified Provider object 486 * does not have to be registered in the provider list. 487 * 488 * @param type the specified Policy type. See the Policy section in the 489 * <a href= 490 * "{@docRoot}/../technotes/guides/security/StandardNames.html#Policy"> 491 * Java Cryptography Architecture Standard Algorithm Name Documentation</a> 492 * for a list of standard Policy types. 493 * 494 * @param params parameters for the Policy, which may be null. 495 * 496 * @param provider the Provider. 497 * 498 * @return the new {@code Policy} object 499 * 500 * @throws IllegalArgumentException if the specified {@code Provider} 501 * is {@code null}, or if the specified parameters are not 502 * understood by the {@code PolicySpi} implementation from the 503 * specified {@code Provider} 504 * 505 * @throws NoSuchAlgorithmException if the specified {@code Provider} 506 * does not support a {@code PolicySpi} implementation for 507 * the specified type 508 * 509 * @throws NullPointerException if {@code type} is {@code null} 510 * 511 * @throws SecurityException if the caller does not have permission 512 * to get a {@code Policy} instance for the specified type 513 * 514 * @see Provider 515 * @since 1.6 516 */ 517 public static Policy getInstance(String type, 518 Policy.Parameters params, 519 Provider provider) 520 throws NoSuchAlgorithmException { 521 522 Objects.requireNonNull(type, "null type name"); 523 if (provider == null) { 524 throw new IllegalArgumentException("missing provider"); 525 } 526 527 checkPermission(type); 528 try { 529 GetInstance.Instance instance = GetInstance.getInstance("Policy", 530 PolicySpi.class, 531 type, 532 params, 533 provider); 534 return new PolicyDelegate((PolicySpi)instance.impl, 535 instance.provider, 536 type, 537 params); 538 } catch (NoSuchAlgorithmException nsae) { 539 return handleException(nsae); 540 } 541 } 542 543 private static Policy handleException(NoSuchAlgorithmException nsae) 544 throws NoSuchAlgorithmException { 545 Throwable cause = nsae.getCause(); 546 if (cause instanceof IllegalArgumentException) { 547 throw (IllegalArgumentException)cause; 548 } 549 throw nsae; 550 } 551 552 /** 553 * Return the Provider of this Policy. 554 * 555 * <p> This Policy instance will only have a Provider if it 556 * was obtained via a call to {@code Policy.getInstance}. 557 * Otherwise this method returns null. 558 * 559 * @return the Provider of this Policy, or null. 560 * 561 * @since 1.6 562 */ 563 public Provider getProvider() { 564 return null; 565 } 566 567 /** 568 * Return the type of this Policy. 569 * 570 * <p> This Policy instance will only have a type if it 571 * was obtained via a call to {@code Policy.getInstance}. 572 * Otherwise this method returns null. 573 * 574 * @return the type of this Policy, or null. 575 * 576 * @since 1.6 577 */ 578 public String getType() { 579 return null; 580 } 581 582 /** 583 * Return Policy parameters. 584 * 585 * <p> This Policy instance will only have parameters if it 586 * was obtained via a call to {@code Policy.getInstance}. 587 * Otherwise this method returns null. 588 * 589 * @return Policy parameters, or null. 590 * 591 * @since 1.6 592 */ 593 public Policy.Parameters getParameters() { 594 return null; 595 } 596 597 /** 598 * Return a PermissionCollection object containing the set of 599 * permissions granted to the specified CodeSource. 600 * 601 * <p> Applications are discouraged from calling this method 602 * since this operation may not be supported by all policy implementations. 603 * Applications should solely rely on the {@code implies} method 604 * to perform policy checks. If an application absolutely must call 605 * a getPermissions method, it should call 606 * {@code getPermissions(ProtectionDomain)}. 607 * 608 * <p> The default implementation of this method returns 609 * Policy.UNSUPPORTED_EMPTY_COLLECTION. This method can be 610 * overridden if the policy implementation can return a set of 611 * permissions granted to a CodeSource. 612 * 613 * @param codesource the CodeSource to which the returned 614 * PermissionCollection has been granted. 615 * 616 * @return a set of permissions granted to the specified CodeSource. 617 * If this operation is supported, the returned 618 * set of permissions must be a new mutable instance 619 * and it must support heterogeneous Permission types. 620 * If this operation is not supported, 621 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. 622 */ 623 public PermissionCollection getPermissions(CodeSource codesource) { 624 return Policy.UNSUPPORTED_EMPTY_COLLECTION; 625 } 626 627 /** 628 * Return a PermissionCollection object containing the set of 629 * permissions granted to the specified ProtectionDomain. 630 * 631 * <p> Applications are discouraged from calling this method 632 * since this operation may not be supported by all policy implementations. 633 * Applications should rely on the {@code implies} method 634 * to perform policy checks. 635 * 636 * <p> The default implementation of this method first retrieves 637 * the permissions returned via {@code getPermissions(CodeSource)} 638 * (the CodeSource is taken from the specified ProtectionDomain), 639 * as well as the permissions located inside the specified ProtectionDomain. 640 * All of these permissions are then combined and returned in a new 641 * PermissionCollection object. If {@code getPermissions(CodeSource)} 642 * returns Policy.UNSUPPORTED_EMPTY_COLLECTION, then this method 643 * returns the permissions contained inside the specified ProtectionDomain 644 * in a new PermissionCollection object. 645 * 646 * <p> This method can be overridden if the policy implementation 647 * supports returning a set of permissions granted to a ProtectionDomain. 648 * 649 * @param domain the ProtectionDomain to which the returned 650 * PermissionCollection has been granted. 651 * 652 * @return a set of permissions granted to the specified ProtectionDomain. 653 * If this operation is supported, the returned 654 * set of permissions must be a new mutable instance 655 * and it must support heterogeneous Permission types. 656 * If this operation is not supported, 657 * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. 658 * 659 * @since 1.4 660 */ 661 public PermissionCollection getPermissions(ProtectionDomain domain) { 662 PermissionCollection pc = null; 663 664 if (domain == null) 665 return new Permissions(); 666 667 if (pdMapping == null) { 668 initPolicy(this); 669 } 670 671 synchronized (pdMapping) { 672 pc = pdMapping.get(domain.key); 673 } 674 675 if (pc != null) { 676 Permissions perms = new Permissions(); 677 synchronized (pc) { 678 for (Enumeration<Permission> e = pc.elements() ; e.hasMoreElements() ;) { 679 perms.add(e.nextElement()); 680 } 681 } 682 return perms; 683 } 684 685 pc = getPermissions(domain.getCodeSource()); 686 if (pc == null || pc == UNSUPPORTED_EMPTY_COLLECTION) { 687 pc = new Permissions(); 688 } 689 690 addStaticPerms(pc, domain.getPermissions()); 691 return pc; 692 } 693 694 /** 695 * add static permissions to provided permission collection 696 */ 697 private void addStaticPerms(PermissionCollection perms, 698 PermissionCollection statics) { 699 if (statics != null) { 700 synchronized (statics) { 701 Enumeration<Permission> e = statics.elements(); 702 while (e.hasMoreElements()) { 703 perms.add(e.nextElement()); 704 } 705 } 706 } 707 } 708 709 /** 710 * Evaluates the global policy for the permissions granted to 711 * the ProtectionDomain and tests whether the permission is 712 * granted. 713 * 714 * @param domain the ProtectionDomain to test 715 * @param permission the Permission object to be tested for implication. 716 * 717 * @return true if "permission" is a proper subset of a permission 718 * granted to this ProtectionDomain. 719 * 720 * @see java.security.ProtectionDomain 721 * @since 1.4 722 */ 723 public boolean implies(ProtectionDomain domain, Permission permission) { 724 PermissionCollection pc; 725 726 if (pdMapping == null) { 727 initPolicy(this); 728 } 729 730 synchronized (pdMapping) { 731 pc = pdMapping.get(domain.key); 732 } 733 734 if (pc != null) { 735 return pc.implies(permission); 736 } 737 738 pc = getPermissions(domain); 739 if (pc == null) { 740 return false; 741 } 742 743 synchronized (pdMapping) { 744 // cache it 745 pdMapping.put(domain.key, pc); 746 } 747 748 return pc.implies(permission); 749 } 750 751 /** 752 * Refreshes/reloads the policy configuration. The behavior of this method 753 * depends on the implementation. For example, calling {@code refresh} 754 * on a file-based policy will cause the file to be re-read. 755 * 756 * <p> The default implementation of this method does nothing. 757 * This method should be overridden if a refresh operation is supported 758 * by the policy implementation. 759 */ 760 public void refresh() { } 761 762 /** 763 * This subclass is returned by the getInstance calls. All Policy calls 764 * are delegated to the underlying PolicySpi. 765 */ 766 private static class PolicyDelegate extends Policy { 767 768 private PolicySpi spi; 769 private Provider p; 770 private String type; 771 private Policy.Parameters params; 772 773 private PolicyDelegate(PolicySpi spi, Provider p, 774 String type, Policy.Parameters params) { 775 this.spi = spi; 776 this.p = p; 777 this.type = type; 778 this.params = params; 779 } 780 781 @Override public String getType() { return type; } 782 783 @Override public Policy.Parameters getParameters() { return params; } 784 785 @Override public Provider getProvider() { return p; } 786 787 @Override 788 public PermissionCollection getPermissions(CodeSource codesource) { 789 return spi.engineGetPermissions(codesource); 790 } 791 @Override 792 public PermissionCollection getPermissions(ProtectionDomain domain) { 793 return spi.engineGetPermissions(domain); 794 } 795 @Override 796 public boolean implies(ProtectionDomain domain, Permission perm) { 797 return spi.engineImplies(domain, perm); 798 } 799 @Override 800 public void refresh() { 801 spi.engineRefresh(); 802 } 803 } 804 805 /** 806 * This represents a marker interface for Policy parameters. 807 * 808 * @since 1.6 809 */ 810 public static interface Parameters { } 811 812 /** 813 * This class represents a read-only empty PermissionCollection object that 814 * is returned from the {@code getPermissions(CodeSource)} and 815 * {@code getPermissions(ProtectionDomain)} 816 * methods in the Policy class when those operations are not 817 * supported by the Policy implementation. 818 */ 819 private static class UnsupportedEmptyCollection 820 extends PermissionCollection { 821 822 private static final long serialVersionUID = -8492269157353014774L; 823 824 private Permissions perms; 825 826 /** 827 * Create a read-only empty PermissionCollection object. 828 */ 829 public UnsupportedEmptyCollection() { 830 this.perms = new Permissions(); 831 perms.setReadOnly(); 832 } 833 834 /** 835 * Adds a permission object to the current collection of permission 836 * objects. 837 * 838 * @param permission the Permission object to add. 839 * 840 * @exception SecurityException - if this PermissionCollection object 841 * has been marked readonly 842 */ 843 @Override public void add(Permission permission) { 844 perms.add(permission); 845 } 846 847 /** 848 * Checks to see if the specified permission is implied by the 849 * collection of Permission objects held in this PermissionCollection. 850 * 851 * @param permission the Permission object to compare. 852 * 853 * @return true if "permission" is implied by the permissions in 854 * the collection, false if not. 855 */ 856 @Override public boolean implies(Permission permission) { 857 return perms.implies(permission); 858 } 859 860 /** 861 * Returns an enumeration of all the Permission objects in the 862 * collection. 863 * 864 * @return an enumeration of all the Permissions. 865 */ 866 @Override public Enumeration<Permission> elements() { 867 return perms.elements(); 868 } 869 } 870 }