Package | Description |
---|---|
net.jini.security.policy |
Provides an interface for security policy providers capable of dynamic
permission grants, an interface for security manager or policy providers
that use custom security context state, and a security policy provider
supporting dynamic permission grants.
|
org.apache.river.api.security |
This package contains a scalable cache based security manager that parallelises
domain security checks.
|
org.apache.river.start |
Provides the utilities and APIs used to launch the contributed services
provided in the Apache River release.
|
Modifier and Type | Field and Description |
---|---|
private Collection<PermissionGrant> |
DynamicPolicyProvider.dynamicPolicyGrants |
Modifier and Type | Method and Description |
---|---|
List<PermissionGrant> |
DynamicPolicyProvider.getPermissionGrants(ProtectionDomain domain) |
Modifier and Type | Method and Description |
---|---|
boolean |
DynamicPolicyProvider.grant(PermissionGrant p) |
Modifier and Type | Class and Description |
---|---|
(package private) class |
CertificateGrant |
(package private) class |
ClassLoaderGrant |
(package private) static class |
PermissionGrantBuilderImp.NullPermissionGrant |
(package private) class |
PrincipalGrant |
(package private) class |
ProtectionDomainGrant
ProtectionDomainGrant's become void if serialized, since ProtectionDomain's
cannot be serialized.
|
(package private) class |
URIGrant
RFC3986 URI PermissionGrant
|
Modifier and Type | Field and Description |
---|---|
private PermissionGrant |
PermissionGrant.decorated |
private PermissionGrant[] |
ConcurrentPolicyFile.grantArray |
private static PermissionGrant |
PermissionGrantBuilderImp.nullGrant |
private static PermissionGrant |
PermissionGrant.nullGrant |
private PermissionGrant[] |
RemotePolicyProvider.remotePolicyGrants |
Modifier and Type | Method and Description |
---|---|
PermissionGrant |
PermissionGrantBuilderImp.build() |
abstract PermissionGrant |
PermissionGrantBuilder.build()
Build the PermissionGrant using information supplied.
|
private static PermissionGrant[] |
ConcurrentPolicyFile.check(PolicyParser parser)
All exceptions are thrown by this method during construction,
to avoid a finalizer attack from an overriding class attempting
to avoid the construction guard, catching the exception then calling
refresh from the finalizer to instantiate a complete policy.
|
protected PermissionGrant |
PermissionGrant.decorated() |
protected PermissionGrant |
AbstractPolicy.extractGrantFromPolicy(Policy p,
ProtectionDomain domain) |
private static PermissionGrant[] |
ConcurrentPolicyFile.initialize(PolicyParser parser) |
(package private) PermissionGrant |
DefaultPolicyParser.resolveGrant(DefaultPolicyScanner.GrantEntry ge,
KeyStore ks,
Properties system,
boolean resolve)
Translates GrantEntry token to PermissionGrant object.
|
Modifier and Type | Method and Description |
---|---|
List<PermissionGrant> |
ScalableNestedPolicy.getPermissionGrants(ProtectionDomain domain)
Returns a new List containing immutable PermissionGrant's, the
List returned is not synchronised and must not be shared with policy
internal state.
|
List<PermissionGrant> |
RemotePolicyProvider.getPermissionGrants(ProtectionDomain domain) |
List<PermissionGrant> |
ConcurrentPolicyFile.getPermissionGrants(ProtectionDomain pd) |
Collection<PermissionGrant> |
PolicyParser.parse(URL location,
Properties system)
Parses a given location, making use of system properties as necessary and
returns a collection of
PermissionGrant 's |
Collection<PermissionGrant> |
DefaultPolicyParser.parse(URL location,
Properties system)
This is the main business method.
|
Modifier and Type | Method and Description |
---|---|
private static boolean |
PermissionGrant.checkInvariants(PermissionGrant decorated)
Avoid finalizer attack.
|
boolean |
RevocablePolicy.grant(PermissionGrant p)
A dynamic grant.
|
private void |
RemotePolicyProvider.processRemotePolicyGrants(PermissionGrant[] grants)
Any grants must first be checked for PermissionGrants, checkCallerHasGrants has
been provided for this purpose, then prior to calling this method,
the PermissionGrant's must be added to the grantsCache.
|
void |
RemotePolicyProvider.replace(PermissionGrant[] grants) |
void |
RemotePolicy.replace(PermissionGrant[] policyPermissions)
Replaces the existing RemotePolicy's PermissionGrant's.
|
Modifier and Type | Method and Description |
---|---|
protected void |
AbstractPolicy.checkCallerHasGrants(Collection<PermissionGrant> grants)
This method checks that the PermissionGrant's are authorised to be
granted by it's caller, if it Fails, it will throw a SecurityException
or AccessControlException.
|
protected void |
AbstractPolicy.processGrants(Collection<PermissionGrant> grant,
Class permClass,
boolean stopIfAll,
NavigableSet<Permission> setToAddPerms)
Adds Permission objects contained in PermissionGrant's to a NavigableSet
that is sorted using a PermissionComparator.
|
Constructor and Description |
---|
ConcurrentPolicyFile(PolicyParser dpr,
Comparator<Permission> comp,
PermissionGrant[] grants)
Constructor to allow for custom policy providers, for example a database
policy provider, can make administration simpler than traditional
policy files.
|
PermissionGrant(boolean check,
PermissionGrant decorated) |
PermissionGrant(PermissionGrant decorated)
PermissionGrant allows for extension to enable condition or
event based policy decisions. |
Modifier and Type | Method and Description |
---|---|
List<PermissionGrant> |
AggregatePolicyProvider.getPermissionGrants(ProtectionDomain domain) |
Copyright 2007-2013, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.