alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

What this is

This file is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Other links

The source code

// $Id: ArgoSecurityManager.java,v 1.18 2004/09/11 09:25:57 mvw Exp $
// Copyright (c) 1996-2004 The Regents of the University of California. All
// Rights Reserved. Permission to use, copy, modify, and distribute this
// software and its documentation without fee, and without a written
// agreement is hereby granted, provided that the above copyright notice
// and this paragraph appear in all copies.  This software program and
// documentation are copyrighted by The Regents of the University of
// California. The software program and documentation are supplied "AS
// IS", without any accompanying services from The Regents. The Regents
// does not warrant that the operation of the program will be
// uninterrupted or error-free. The end-user understands that the program
// was developed for research purposes and is advised not to rely
// exclusively on the program for any reason.  IN NO EVENT SHALL THE
// UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT,
// SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS,
// ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF
// THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF
// SUCH DAMAGE. THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE
// PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND THE UNIVERSITY OF
// CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT,
// UPDATES, ENHANCEMENTS, OR MODIFICATIONS.

package org.argouml.application.security;

// Import the following classes fully qualified to ensure that
// no one can short-circuit our intended inheritance.
import java.util.PropertyPermission;
import java.security.Permission;

import org.apache.log4j.Logger;
import org.argouml.util.osdep.OsUtil;

/**
 * The Argo custom security manager.
 *
 *  Since Argo is an open-source product, the concept of a
 *  security manager may seem odd.  This class is not intended
 *  to provide security in the standard way that Java programmers
 *  think of, in the context of Applets, for example.
 *
 *  Rather, it is intended to protect Argo from accidental modifications
 *  to its own environment by external modules.
 *
 *  One of the areas this is necessary is to protect from the
 *  {@link java.lang.System#exit(int)} or
 *  {@link java.lang.Runtime#exit(int)} calls.
 *
 *  Another is to prevent modules from replacing the awt exception
 *  trapping hook so that we are able to properly catch any
 *  ArgoSecurityExceptions and prevent the stack trace when
 *  we desire.
 *
 *  @author Thierry Lach
 *  @since 0.9.4
 *  @stereotype singleton
 */
public final class ArgoSecurityManager extends SecurityManager
{
    private static final Logger LOG =
	Logger.getLogger(ArgoSecurityManager.class);

    /**
     * true if we are allowed to exit.

     *
     * This is set to false from main() just before we start the ball rolling
     * for the GUI.

     *
     * This means that all applications that doesn't start from main i.e.
     * when running JUnit test cases and batch commands, are allowed to
     * exit immediatly.
     */
    private boolean allowExit = true;

    /** The only allowed instance. */
    private static final ArgoSecurityManager SINGLETON =
	new ArgoSecurityManager();

    /**
     * Accessor for the instance.
     *
     * @return the signleton
     */
    public static final ArgoSecurityManager getInstance() {
        return SINGLETON;
    }

    /** Don't allow it to be instantiated from the outside. */
    private ArgoSecurityManager() {
    }

    /**
     * @see java.lang.SecurityManager#checkPermission(java.security.Permission)
     */
    public void checkPermission(Permission perm) {
        // TODO:  
	// Don't allow write access to sun.awt.exception.handler
	if (perm.getClass().equals(PropertyPermission.class)) {
	    if ("sun.awt.exception.handler".equals(perm.getName())) {
	        PropertyPermission pp = (PropertyPermission) perm;
		if ("write".equals(pp.getActions())
		    && (!OsUtil.isMac())) {
		    // Don't allow this one to be trapped
		    // by using ArgoSecurityException.
		    LOG.debug("Violating Permission Name: " + pp.getName());
		    throw new SecurityException();
		}
	    }
	}
	// Don't allow anything to exit that we don't know about.
	else if (perm.getClass().equals(java.lang.RuntimePermission.class)) {
	    RuntimePermission rp = (RuntimePermission) perm;
            // Uncomment for more information about what happens...
	    LOG.debug("RuntimePermission: " + rp.getName() 
		      + " - '" + rp.getActions() + "'");
	    if ("exitVM".equals(rp.getName())) {
		if (!getInstance().getAllowExit()) {
		    throw new ArgoSecurityException(true);
		}
	    }
	}
    }

    /**
     * @return true if we may exit
     */
    public boolean getAllowExit() {
        return allowExit;
    }

    /**
     * @param myAllowExit true if we may exit
     */
    public void setAllowExit(boolean myAllowExit) {
        allowExit = myAllowExit;
    }
}
... this post is sponsored by my books ...

#1 New Release!
FP Best Seller

 

new blog posts

 

Copyright 1998-2024 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.