org.apache.batik.util

Class ApplicationSecurityEnforcer

public class ApplicationSecurityEnforcer extends Object

This is a helper class which helps applications enforce secure script execution.
It is used by the Squiggle browser as well as the rasterizer.
This class can install a SecurityManager for an application and resolves whether the application runs in a development environment or from a jar file (in other words, it resolves code-base issues for the application).
Field Summary
static StringAPP_MAIN_CLASS_DIR
Directory where classes are expanded in the development version
protected ClassappMainClass
The application's main entry point
protected StringappMainClassRelativeURL
The resource name for the application's main class
static StringEXCEPTION_ALIEN_SECURITY_MANAGER
Message for the SecurityException thrown when there is already a SecurityManager installed at the time Squiggle tries to install its own security settings.
static StringEXCEPTION_NO_POLICY_FILE
Message for the NullPointerException thrown when no policy file can be found.
static StringJAR_PROTOCOL
Files in a jar file have a URL with the jar protocol
static StringJAR_URL_FILE_SEPARATOR
Used in jar file urls to separate the jar file name from the referenced file
protected BatikSecurityManagerlastSecurityManagerInstalled
Keeps track of the last SecurityManager installed
static StringPROPERTY_APP_DEV_BASE
System property for App's development base directory
static StringPROPERTY_APP_JAR_BASE
System property for App's jars base directory
static StringPROPERTY_JAVA_SECURITY_POLICY
System property for specifying an additional policy file.
protected StringsecurityPolicy
The application's security policy
Constructor Summary
ApplicationSecurityEnforcer(Class appMainClass, String securityPolicy, String appJarFile)
Creates a new ApplicationSecurityEnforcer.
ApplicationSecurityEnforcer(Class appMainClass, String securityPolicy)
Creates a new ApplicationSecurityEnforcer.
Method Summary
voidenforceSecurity(boolean enforce)
Enforces security by installing a SecurityManager.
URLgetPolicyURL()
Returns the url for the default policy.
voidinstallSecurityManager()
Installs a SecurityManager on behalf of the application

Field Detail

APP_MAIN_CLASS_DIR

public static final String APP_MAIN_CLASS_DIR
Directory where classes are expanded in the development version

appMainClass

protected Class appMainClass
The application's main entry point

appMainClassRelativeURL

protected String appMainClassRelativeURL
The resource name for the application's main class

EXCEPTION_ALIEN_SECURITY_MANAGER

public static final String EXCEPTION_ALIEN_SECURITY_MANAGER
Message for the SecurityException thrown when there is already a SecurityManager installed at the time Squiggle tries to install its own security settings.

EXCEPTION_NO_POLICY_FILE

public static final String EXCEPTION_NO_POLICY_FILE
Message for the NullPointerException thrown when no policy file can be found.

JAR_PROTOCOL

public static final String JAR_PROTOCOL
Files in a jar file have a URL with the jar protocol

JAR_URL_FILE_SEPARATOR

public static final String JAR_URL_FILE_SEPARATOR
Used in jar file urls to separate the jar file name from the referenced file

lastSecurityManagerInstalled

protected BatikSecurityManager lastSecurityManagerInstalled
Keeps track of the last SecurityManager installed

PROPERTY_APP_DEV_BASE

public static final String PROPERTY_APP_DEV_BASE
System property for App's development base directory

PROPERTY_APP_JAR_BASE

public static final String PROPERTY_APP_JAR_BASE
System property for App's jars base directory

PROPERTY_JAVA_SECURITY_POLICY

public static final String PROPERTY_JAVA_SECURITY_POLICY
System property for specifying an additional policy file.

securityPolicy

protected String securityPolicy
The application's security policy

Constructor Detail

ApplicationSecurityEnforcer

public ApplicationSecurityEnforcer(Class appMainClass, String securityPolicy, String appJarFile)

Deprecated: This constructor is now deprecated. Use the two argument constructor instead as this version will be removed after the 1.5beta4 release.

Creates a new ApplicationSecurityEnforcer.

Parameters: appMainClass class of the applications's main entry point securityPolicy resource for the security policy which should be enforced for the application. appJarFile the Jar file into which the application is packaged.

ApplicationSecurityEnforcer

public ApplicationSecurityEnforcer(Class appMainClass, String securityPolicy)
Creates a new ApplicationSecurityEnforcer.

Parameters: appMainClass class of the applications's main entry point securityPolicy resource for the security policy which should be enforced for the application.

Method Detail

enforceSecurity

public void enforceSecurity(boolean enforce)
Enforces security by installing a SecurityManager. This will throw a SecurityException if installing a SecurityManager requires overriding an existing SecurityManager. In other words, this method will not install a new SecurityManager if there is already one it did not install in place.

getPolicyURL

public URL getPolicyURL()
Returns the url for the default policy. This never returns null, but it may throw a NullPointerException

installSecurityManager

public void installSecurityManager()
Installs a SecurityManager on behalf of the application
Copyright B) 2007 Apache Software Foundation. All Rights Reserved.