public class XMLPolicyFile extends Policy implements JAASConstants {
private Document doc = null;
//private CodeSource noCertCodeSource=null;
/*
* constructor
* refresh()
*/ public XMLPolicyFile(){
refresh();
} public PermissionCollection getPermissions(CodeSource arg
// TODO Auto
return null;
}
/*
* Creates a DOM tree document from the default XML file or
* from the file specified by the system property
* <code>com
* DOM tree document is then used by the
* <code>getPermissions()</code> in searching for permissions
*
* @see javax
*/ public void refresh() {
FileInputStream fis = null;
try {
// Set up a DOM tree to query
fis = new FileInputStream(AUTH_SECURITY_POLICYXMLFILE);
InputSource in = new InputSource(fis);
DocumentBuilderFactory dfactory = DocumentBuilderFactory
dfactory
doc = dfactory
} catch (Exception e) {
e
throw new RuntimeException(e
} finally {
if(fis != null) {
try { fis
}
}
} public PermissionCollection getPermissions(Subject subject
ResourcePermissionCollection collection = new ResourcePermissionCollection();
try {
// Iterate through all of the subjects principals
Iterator principalIterator = subject
while(principalIterator
Principal principal = (Principal)principalIterator
// Set up the xpath string to retrieve all the relevant permissions
// Sample xpath string:
StringBuffer xpath = new StringBuffer();
xpath
xpath
xpath
xpath
xpath
//System
NodeIterator nodeIter = XPathAPI
Node node = null;
while( (node = nodeIter
//here
CodeSource codebase=getCodebase(node
if (codebase!=null || codebase
Permission permission = getPermission(node);
collection
}
}
}
} catch (Exception e) {
e
throw new RuntimeException(e
}
if(collection != null)
return collection;
else {
// If the permission is not found here then delegate it
// to the standard java Policy class instance
Policy policy = Policy
return policy
}
}
/**
* Returns a Permission instance defined by the provided
* permission Node attributes
*/
private Permission getPermission(Node node) throws Exception {
NamedNodeMap map = node
Attr attrClassname = (Attr) map
Attr attrName = (Attr) map
Attr attrActions = (Attr) map
Attr attrRelationship = (Attr) map
if(attrClassname == null)
throw new RuntimeException();
Class[] types = null;
Object[] args = null;
// Check if the name is specified
// if no name is specified then because
// the types and the args variables above
// are null the default constructor is used
if(attrName != null) {
String name = attrName
// Check if actions are specified
// then setup the array sizes accordingly
if(attrActions != null) {
String actions = attrActions
// Check if a relationship is specified
// then setup the array sizes accordingly
if(attrRelationship == null) {
types = new Class[
args = new Object[
} else {
types = new Class[
args = new Object[
String relationship = attrRelationship
types[
args[
}
types[
args[
} else {
types = new Class[
args = new Object[
}
types[
args[
} String classname = attrClassname
Class permissionClass = Class
Constructor constructor = permissionClass
return (Permission) constructor
}
/**
* Returns a CodeSource object defined by the provided
* grant Node attributes
*/
private java
Certificate[] certs = null;
URL location;
if(node
NamedNodeMap map = node
Attr attrCodebase = (Attr) map
if(attrCodebase != null) {
String codebaseValue = attrCodebase
location = new URL(codebaseValue);
return new CodeSource(location
}
}
return null;
}
}
public class PrincipalUser implements Principal {
private String name;
/**
*
* @param name the name for this principal
*
* @exception InvalidParameterException if the <code>name</code>
* is <code>null</code>
*/ public PrincipalUser(String name) {
if (name == null)
throw new InvalidParameterException(
//search role of this name
this
}
/**
* Returns the name for this <code>PrincipalUser</code>
*
* @return the name for this <code>PrincipalUser</code>
*/
public String getName() {
return name;
}
/**
*
*/ public int hashCode() {
return name
}
}
public class ResourcePermission extends Permission {
static final public String OWNER_RELATIONSHIP =
static private int READ =
static private int WRITE =
static private int EXECUTE =
static private int CREATE =
static private int DELETE =
static private int DEPLOY =
static private int CONFIRM =
static final public String READ_ACTION =
static final public String WRITE_ACTION =
static final public String EXECUTE_ACTION =
static final public String CREATE_ACTION =
static final public String DELETE_ACTION =
static final public String DEPLOY_ACTION =
static final public String CONFIRM_ACTION =
protected int mask; protected Resource resource;
protected Subject subject;
/**
* Constructor for ResourcePermission
*/
public ResourcePermission(String name
super(name);
this
From:http://tw.wingwit.com/Article/program/Java/ky/201311/27893.html