net.sf.container.imp
Class CertificateAuthorityFactory

java.lang.Object
  extended by net.sf.container.imp.AbstractParseListener
      extended by net.sf.container.imp.AbstractPolicyFactory
          extended by net.sf.container.imp.CertificateAuthorityFactory
All Implemented Interfaces:
ContainerFactory, PolicyParseListener

public class CertificateAuthorityFactory
extends AbstractPolicyFactory

Container factory providing Container creation where container policies are based on certificates issued by "signedBy" aliases.

When a certificate is passed to newContainer(), it is checked against all available certificates (in java.security.CodeSource) to being issued by some of them.
Then the permission set of that certificate is used for the container.

Example:

 if the policy file contains:
 keystore "build.ks";

 grant signedBy "sandboxCa" {
                permission java.util.PropertyPermission "java.version", "read";
 };
 grant signedBy "trustedCa" {
                permission java.util.PropertyPermission "java.path", "read";
                permission java.util.PropertyPermission "java.version", "read";
 };

 containerFactory.newContainer( keystore.getCertificate("sandboxedUser") )
 would result in "sandboxCa" permissions set.

 containerFactory.newContainer( keystore.getCertificate("trustedUser") ) would
 result in "trustedCa" permissions set.

 containerFactory.newContainer(null) would
 result in no permissions as there wasn't any default permissions set defined.
 
created on Jun 10, 2005

Since:
Version:
$Revision: 1.1 $
Author:
fiykov

Nested Class Summary
 
Nested classes/interfaces inherited from class net.sf.container.imp.AbstractParseListener
AbstractParseListener.GrantEntry
 
Constructor Summary
CertificateAuthorityFactory()
          instantiate a factory with policies defined in the policy file
CertificateAuthorityFactory(java.net.URL policyFile)
          instantiate a factory with policies defined in the policy file
CertificateAuthorityFactory(java.net.URL policyFile, PolicyParser parser)
          instantiate a factory with policies defined in the policy file
 
Method Summary
 ContainerFactory getContainerFactory()
           
 Container newContainer(java.security.cert.Certificate cert)
          create new container having all permission sets of these certificate aliases (given in the policy file) which have issued that particular certificate.
 Container newContainer(java.lang.Object permissionsCriteria)
          create new container based on certificateIssuedBy permission set criteria
 
Methods inherited from class net.sf.container.imp.AbstractPolicyFactory
newContainer, setPolicies, setPolicies
 
Methods inherited from class net.sf.container.imp.AbstractParseListener
beginParsing, endGrant, endParsing, endPolicyFile, getAllKeyStores, getAllPolicies, getKeyStores, getProtectionDomains, lookupCertificate, lookupCertificatesList, newGrant, newKeystore, newPermission, newPolicyFile, newUrlInputSteam, parseEnvVars, replaceCurrentUrlPosition, resolveKsInputSteam, spreadDefaultGrants, toExternalForm
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CertificateAuthorityFactory

public CertificateAuthorityFactory()
instantiate a factory with policies defined in the policy file

See Also:
AbstractPolicyFactory.AbstractPolicyFactory()

CertificateAuthorityFactory

public CertificateAuthorityFactory(java.net.URL policyFile)
                            throws java.io.FileNotFoundException,
                                   PolicyParseException,
                                   java.io.IOException
instantiate a factory with policies defined in the policy file

Parameters:
policyFile -
Throws:
java.io.FileNotFoundException
PolicyParseException
java.io.IOException
See Also:
AbstractPolicyFactory.AbstractPolicyFactory(URL)

CertificateAuthorityFactory

public CertificateAuthorityFactory(java.net.URL policyFile,
                                   PolicyParser parser)
                            throws java.io.FileNotFoundException,
                                   PolicyParseException,
                                   java.io.IOException
instantiate a factory with policies defined in the policy file

Parameters:
policyFile -
parser -
Throws:
java.io.FileNotFoundException
PolicyParseException
java.io.IOException
See Also:
AbstractPolicyFactory.AbstractPolicyFactory(URL,PolicyParser)
Method Detail

getContainerFactory

public ContainerFactory getContainerFactory()
Returns:
the associated with this listener container factory

newContainer

public Container newContainer(java.lang.Object permissionsCriteria)
create new container based on certificateIssuedBy permission set criteria

Parameters:
permissionsCriteria - is a certificate
Returns:
new Container object

newContainer

public Container newContainer(java.security.cert.Certificate cert)
create new container having all permission sets of these certificate aliases (given in the policy file) which have issued that particular certificate.

if certificate is null, default permissions are added. if no default permissions exists container is created with no permissions at all.

Parameters:
cert -
Returns:
new Container object


Copyright © 2007 Nikolay Fiykov. All Rights Reserved.