1. /*

  2.  * @(#)ProtectionDomain.java	1.41 03/01/23

  3.  *

  4.  * Copyright 2003 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7.  

  8. package java.security;

  9. 

  10. import java.util.Enumeration;

  11. import java.util.Vector;

  12. import sun.security.util.SecurityConstants;

  13. 

  14. /** 

  15.  *

  16.  *<p>

  17.  * This ProtectionDomain class encapsulates the characteristics of a domain,

  18.  * which encloses a set of classes whose instances are granted a set 

  19.  * of permissions when being executed on behalf of a given set of Principals.

  20.  * <p>

  21.  * A static set of permissions can be bound to a ProtectionDomain when it is

  22.  * constructed; such permissions are granted to the domain regardless of the

  23.  * Policy in force. However, to support dynamic security policies, a

  24.  * ProtectionDomain can also be constructed such that it is dynamically

  25.  * mapped to a set of permissions by the current Policy whenever a permission

  26.  * is checked.

  27.  * <p>

  28.  * 

  29.  * @version 	1.41, 01/23/03

  30.  * @author Li Gong 

  31.  * @author Roland Schemers

  32.  * @author Gary Ellison

  33.  */

  34. 

  35. public class ProtectionDomain {

  36. 

  37.     /* CodeSource */

  38.     private CodeSource codesource ;

  39. 

  40.     /* ClassLoader the protection domain was consed from */

  41.     private ClassLoader classloader;

  42. 

  43.     /* Principals running-as within this protection domain */

  44.     private Principal[] principals;

  45. 

  46.     /* the rights this protection domain is granted */

  47.     private PermissionCollection permissions;

  48. 

  49.     /* the PermissionCollection is static (pre 1.4 constructor)

  50.        or dynamic (via a policy refresh) */

  51.     private boolean staticPermissions;

  52. 

  53.     /**

  54.      * Creates a new ProtectionDomain with the given CodeSource and

  55.      * Permissions. If the permissions object is not null, then

  56.      *  <code>setReadOnly())</code> will be called on the passed in

  57.      * Permissions object. The only permissions granted to this domain

  58.      * are the ones specified; the current Policy will not be consulted.

  59.      *

  60.      * @param codesource the codesource associated with this domain

  61.      * @param permissions the permissions granted to this domain

  62.      */

  63.     public ProtectionDomain(CodeSource codesource,

  64. 			    PermissionCollection permissions) {

  65. 	this.codesource = codesource;

  66. 	if (permissions != null) {

  67. 	    this.permissions = permissions;

  68. 	    this.permissions.setReadOnly();

  69. 	}

  70. 	this.classloader = null;

  71. 	this.principals = new Principal[0];

  72. 	staticPermissions = true;

  73.     }

  74. 

  75.     /**

  76.      * Creates a new ProtectionDomain qualified by the given CodeSource,

  77.      * Permissions, ClassLoader and array of Principals. If the

  78.      * permissions object is not null, then <code>setReadOnly()</code>

  79.      * will be called on the passed in Permissions object.

  80.      * The permissions granted to this domain are dynamic; they include

  81.      * both the static permissions passed to this constructor, and any

  82.      * permissions granted to this domain by the current Policy at the

  83.      * time a permission is checked.

  84.      * <p>

  85.      * This constructor is typically used by

  86.      * {@link SecureClassLoader ClassLoaders}

  87.      * and {@link DomainCombiner DomainCombiners} which delegate to 

  88.      * <code>Policy</code> to actively associate the permissions granted to

  89.      * this domain. This constructor affords the

  90.      * Policy provider the opportunity to augment the supplied

  91.      * PermissionCollection to reflect policy changes.

  92.      * <p>

  93.      *

  94.      * @param codesource the CodeSource associated with this domain

  95.      * @param permissions the permissions granted to this domain

  96.      * @param classloader the ClassLoader associated with this domain

  97.      * @param principals the array of Principals associated with this domain

  98.      * @see Policy#refresh

  99.      * @see Policy#getPermissions(ProtectionDomain)

  100.      * @since 1.4

  101.      */

  102.     public ProtectionDomain(CodeSource codesource,

  103. 			    PermissionCollection permissions,

  104. 			    ClassLoader classloader,

  105. 			    Principal[] principals) {

  106. 	this.codesource = codesource;

  107. 	if (permissions != null) {

  108. 	    this.permissions = permissions;

  109. 	    this.permissions.setReadOnly();

  110. 	}

  111. 	this.classloader = classloader;

  112. 	this.principals = (principals != null ?

  113. 			   (Principal[])principals.clone():

  114. 			   new Principal[0]);

  115. 	staticPermissions = false;

  116.     }

  117. 

  118.     /**

  119.      * Returns the CodeSource of this domain.

  120.      * @return the CodeSource of this domain which may be null.

  121.      * @since 1.2

  122.      */

  123.     public final CodeSource getCodeSource() {

  124. 	return this.codesource;

  125.     }

  126. 

  127. 

  128.     /**

  129.      * Returns the ClassLoader of this domain.

  130.      * @return the ClassLoader of this domain which may be null.

  131.      *

  132.      * @since 1.4

  133.      */

  134.     public final ClassLoader getClassLoader() {

  135. 	return this.classloader;

  136.     }

  137. 

  138. 

  139.     /**

  140.      * Returns an array of principals for this domain.

  141.      * @return returns a non-null array of principals for this domain.

  142.      * Changes to this array will have no impact on the ProtectionDomain.

  143.      *

  144.      * @since 1.4

  145.      */

  146.     public final Principal[] getPrincipals() {

  147. 	return (Principal[])this.principals.clone();

  148.     }

  149. 

  150.     /** 

  151.      * Returns the static permissions granted to this domain. 

  152.      * 

  153.      * @return the static set of permissions for this domain which may be null.

  154.      * @see Policy#refresh

  155.      * @see Policy#getPermissions(ProtectionDomain)

  156.      */

  157.     public final PermissionCollection getPermissions() {

  158. 	return permissions;

  159.     }

  160. 

  161.     /**

  162.      * Check and see if this ProtectionDomain implies the permissions 

  163.      * expressed in the Permission object. 

  164.      * <p>

  165.      * The set of permissions evaluated is a function of whether the

  166.      * ProtectionDomain was constructed with a static set of permissions

  167.      * or it was bound to a dynamically mapped set of permissions.

  168.      * <p>

  169.      * If the ProtectionDomain was constructed to a 

  170.      * {@link #ProtectionDomain(CodeSource, PermissionCollection)

  171.      * statically bound} PermissionCollection then the permission will

  172.      * only be checked against the PermissionCollection supplied at

  173.      * construction.

  174.      * <p>

  175.      * However, if the ProtectionDomain was constructed with

  176.      * the constructor variant which supports 

  177.      * {@link #ProtectionDomain(CodeSource, PermissionCollection,

  178.      * ClassLoader, java.security.Principal[]) dynamically binding}

  179.      * permissions, then the permission will be checked against the

  180.      * combination of the PermissionCollection supplied at construction and

  181.      * the current Policy binding.

  182.      * <p>

  183.      *

  184.      * @param permission the Permission object to check.

  185.      *

  186.      * @return true if "permission" is implicit to this ProtectionDomain.

  187.      */

  188.     public boolean implies(Permission permission) {

  189. 	if (!staticPermissions && 

  190. 	    Policy.getPolicyNoCheck().implies(this, permission))

  191. 	    return true;

  192. 	if (permissions != null) 

  193. 	    return permissions.implies(permission);

  194. 

  195. 	return false;

  196.     }

  197. 

  198.     /**

  199.      * Convert a ProtectionDomain to a String.

  200.      */

  201.     public String toString() {

  202. 	String pals = "<no principals>";

  203. 	if (principals != null && principals.length > 0) {

  204. 	    StringBuffer palBuf = new StringBuffer("(principals ");

  205. 	    

  206. 	    for (int i = 0; i < principals.length; i++) {

  207. 		palBuf.append(principals[i].getClass().getName() +

  208. 			    " \"" + principals[i].getName() +

  209. 			    "\"");

  210. 		if (i < principals.length-1)

  211. 		    palBuf.append(",\n");

  212. 		else

  213. 		    palBuf.append(")\n");

  214. 	    }

  215. 	    pals = palBuf.toString();

  216. 	}

  217. 

  218. 	// Check if policy is set; we don't want to load

  219. 	// the policy prematurely here	

  220. 	PermissionCollection pc = Policy.isSet() && seeAllp() ?

  221. 				      mergePermissions():

  222. 	                              getPermissions();

  223. 

  224.  	return "ProtectionDomain "+

  225.  	    " "+codesource+"\n"+

  226.  	    " "+classloader+"\n"+

  227.  	    " "+pals+"\n"+

  228. 	    " "+pc+"\n"; 

  229.     }

  230. 

  231.     private boolean seeAllp() {

  232. 	SecurityManager sm = System.getSecurityManager();

  233. 	if (sm != null) {

  234. 	    String debug =

  235. 		(String) java.security.AccessController.doPrivileged(

  236. 	     new sun.security.action.GetPropertyAction("java.security.debug"));

  237. 	    if (debug != null) {

  238. 		return true;

  239. 	    }

  240. 	    try {

  241. 		sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION);

  242. 	    } catch (SecurityException se) {

  243. 		return false;

  244. 	    }

  245. 	}

  246. 

  247. 	return true;

  248.     }

  249. 

  250.     private PermissionCollection mergePermissions() {

  251. 	if (staticPermissions)

  252. 	    return permissions;

  253. 	

  254.         PermissionCollection perms = (PermissionCollection)

  255.             java.security.AccessController.doPrivileged

  256.             (new java.security.PrivilegedAction() {

  257.                     public Object run() {

  258.                         Policy p = Policy.getPolicyNoCheck();

  259.                         return p.getPermissions(ProtectionDomain.this);

  260.                     }

  261.                 });

  262. 	

  263. 

  264. 	Permissions mergedPerms = new Permissions();

  265. 	int swag = 32;

  266. 	int vcap = 8;       

  267. 	Enumeration e;

  268. 	Vector pdVector = new Vector(vcap);

  269. 	Vector plVector = new Vector(swag);

  270.             

  271. 	//

  272. 	// Build a vector of domain permissions for subsequent merge

  273. 	if (permissions != null) {

  274. 	    e = permissions.elements();

  275. 	    while (e.hasMoreElements()) {

  276. 		Permission p = (Permission)e.nextElement();

  277. 		pdVector.add(p);

  278. 	    }

  279. 	}

  280. 

  281. 	//

  282. 	// Build a vector of Policy permissions for subsequent merge

  283. 	if (perms != null) {

  284. 	    e = perms.elements();

  285. 	    while (e.hasMoreElements()) {

  286. 		plVector.add(e.nextElement());

  287. 		vcap++;

  288. 	    }

  289. 	}

  290. 

  291. 	if (perms != null && permissions != null) {

  292. 	    //

  293. 	    // Weed out the duplicates from the policy. Unless a refresh

  294. 	    // has occured since the pd was consed this should result in

  295. 	    // an empty vector.

  296. 	    e = permissions.elements();   // domain vs policy

  297. 	    while (e.hasMoreElements()) {

  298. 		Permission pdp = (Permission)e.nextElement();

  299. 		for (int i = 0; i < plVector.size(); i++) {

  300. 		    Permission pp = (Permission) plVector.elementAt(i);

  301. 		    if (pdp.getClass().isInstance(pp)) {

  302. 			// The equals() method on some permissions

  303. 			// have some side effects so this manual 

  304. 			// comparison is sufficient.

  305. 			if (pdp.getName().equals(pp.getName()) &&

  306. 			    pdp.getActions().equals(pp.getActions())) {

  307. 			    plVector.remove(i);

  308. 			    break;

  309. 			} 

  310. 		    }

  311. 		}

  312. 	    }

  313. 	}

  314.                 

  315. 	if (perms !=null) {

  316. 	    // the order of adding to merged perms and permissions

  317. 	    // needs to preserve the bugfix 4301064

  318.                 

  319. 	    for (int i = plVector.size()-1; i >= 0; i--) {

  320. 		mergedPerms.add((Permission)plVector.elementAt(i));

  321. 	    }

  322. 	}

  323. 	if (permissions != null) {

  324. 	    for (int i = pdVector.size()-1; i >= 0; i--) {

  325. 		mergedPerms.add((Permission)pdVector.elementAt(i));

  326. 	    }

  327. 	}

  328. 

  329. 	return mergedPerms;

  330.     }

  331.     

  332. }