Package org.apache.batik.util
Class ApplicationSecurityEnforcer
- java.lang.Object
-
- org.apache.batik.util.ApplicationSecurityEnforcer
-
public class ApplicationSecurityEnforcer extends java.lang.ObjectThis is a helper class which helps applications enforce secure script execution.
It is used by the Squiggle browser as well as the rasterizer.
This class can install aSecurityManagerfor an application and resolves whether the application runs in a development environment or from a jar file (in other words, it resolves code-base issues for the application).- Version:
- $Id: ApplicationSecurityEnforcer.java 1808888 2017-09-19 14:22:11Z ssteiner $
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringAPP_MAIN_CLASS_DIRDirectory where classes are expanded in the development versionprotected java.lang.ClassappMainClassThe application's main entry pointprotected java.lang.StringappMainClassRelativeURLThe resource name for the application's main classstatic java.lang.StringEXCEPTION_ALIEN_SECURITY_MANAGERMessage for the SecurityException thrown when there is already a SecurityManager installed at the time Squiggle tries to install its own security settings.static java.lang.StringEXCEPTION_NO_POLICY_FILEMessage for the NullPointerException thrown when no policy file can be found.static java.lang.StringJAR_PROTOCOLFiles in a jar file have a URL with the jar protocolstatic java.lang.StringJAR_URL_FILE_SEPARATORUsed in jar file urls to separate the jar file name from the referenced fileprotected BatikSecurityManagerlastSecurityManagerInstalledKeeps track of the last SecurityManager installedstatic java.lang.StringPROPERTY_APP_DEV_BASESystem property for App's development base directorystatic java.lang.StringPROPERTY_APP_JAR_BASESystem property for App's jars base directorystatic java.lang.StringPROPERTY_JAVA_SECURITY_POLICYSystem property for specifying an additional policy file.protected java.lang.StringsecurityPolicyThe application's security policy
-
Constructor Summary
Constructors Constructor Description ApplicationSecurityEnforcer(java.lang.Class appMainClass, java.lang.String securityPolicy)Creates a new ApplicationSecurityEnforcer.ApplicationSecurityEnforcer(java.lang.Class appMainClass, java.lang.String securityPolicy, java.lang.String appJarFile)Deprecated.This constructor is now deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidenforceSecurity(boolean enforce)Enforces security by installing aSecurityManager.java.net.URLgetPolicyURL()Returns the url for the default policy.voidinstallSecurityManager()Installs a SecurityManager on behalf of the applicationprivate voidsetDevBase(java.lang.String expandedMainClassName)Position the app.dev.base property for expansion in the policy file used when App is running in its development versionprivate voidsetJarBase(java.lang.String expandedMainClassName)
-
-
-
Field Detail
-
EXCEPTION_ALIEN_SECURITY_MANAGER
public static final java.lang.String EXCEPTION_ALIEN_SECURITY_MANAGER
Message for the SecurityException thrown when there is already a SecurityManager installed at the time Squiggle tries to install its own security settings.- See Also:
- Constant Field Values
-
EXCEPTION_NO_POLICY_FILE
public static final java.lang.String EXCEPTION_NO_POLICY_FILE
Message for the NullPointerException thrown when no policy file can be found.- See Also:
- Constant Field Values
-
PROPERTY_JAVA_SECURITY_POLICY
public static final java.lang.String PROPERTY_JAVA_SECURITY_POLICY
System property for specifying an additional policy file.- See Also:
- Constant Field Values
-
JAR_PROTOCOL
public static final java.lang.String JAR_PROTOCOL
Files in a jar file have a URL with the jar protocol- See Also:
- Constant Field Values
-
JAR_URL_FILE_SEPARATOR
public static final java.lang.String JAR_URL_FILE_SEPARATOR
Used in jar file urls to separate the jar file name from the referenced file- See Also:
- Constant Field Values
-
PROPERTY_APP_DEV_BASE
public static final java.lang.String PROPERTY_APP_DEV_BASE
System property for App's development base directory- See Also:
- Constant Field Values
-
PROPERTY_APP_JAR_BASE
public static final java.lang.String PROPERTY_APP_JAR_BASE
System property for App's jars base directory- See Also:
- Constant Field Values
-
APP_MAIN_CLASS_DIR
public static final java.lang.String APP_MAIN_CLASS_DIR
Directory where classes are expanded in the development version- See Also:
- Constant Field Values
-
appMainClass
protected java.lang.Class appMainClass
The application's main entry point
-
securityPolicy
protected java.lang.String securityPolicy
The application's security policy
-
appMainClassRelativeURL
protected java.lang.String appMainClassRelativeURL
The resource name for the application's main class
-
lastSecurityManagerInstalled
protected BatikSecurityManager lastSecurityManagerInstalled
Keeps track of the last SecurityManager installed
-
-
Constructor Detail
-
ApplicationSecurityEnforcer
public ApplicationSecurityEnforcer(java.lang.Class appMainClass, java.lang.String securityPolicy, java.lang.String appJarFile)Deprecated.This constructor is now deprecated. Use the two argument constructor instead as this version will be removed after the 1.5beta4 release.Creates a new ApplicationSecurityEnforcer.- Parameters:
appMainClass- class of the applications's main entry pointsecurityPolicy- resource for the security policy which should be enforced for the application.appJarFile- the Jar file into which the application is packaged.
-
ApplicationSecurityEnforcer
public ApplicationSecurityEnforcer(java.lang.Class appMainClass, java.lang.String securityPolicy)Creates a new ApplicationSecurityEnforcer.- Parameters:
appMainClass- class of the applications's main entry pointsecurityPolicy- resource for the security policy which should be enforced for the application.
-
-
Method Detail
-
enforceSecurity
public void enforceSecurity(boolean enforce)
Enforces security by installing aSecurityManager. This will throw aSecurityExceptionif installing aSecurityManagerrequires overriding an existingSecurityManager. In other words, this method will not install a newSecurityManagerif there is already one it did not install in place.
-
getPolicyURL
public java.net.URL getPolicyURL()
Returns the url for the default policy. This never returns null, but it may throw a NullPointerException
-
installSecurityManager
public void installSecurityManager()
Installs a SecurityManager on behalf of the application
-
setJarBase
private void setJarBase(java.lang.String expandedMainClassName)
-
setDevBase
private void setDevBase(java.lang.String expandedMainClassName)
Position the app.dev.base property for expansion in the policy file used when App is running in its development version
-
-