[jboss-cvs] JBossAS SVN: r80610 - in trunk: system/src/main/org/jboss/system/server and 1 other directories.

[jboss-cvs-commits at lists.jboss.org]

Author: adrian at jboss.org
Date: 2008-11-06 14:15:09 -0500 (Thu, 06 Nov 2008)
New Revision: 80610

Added:
   trunk/server/src/etc/conf/default/java.policy
   trunk/server/src/etc/conf/default/security.xml
   trunk/system/src/main/org/jboss/system/server/security/
   trunk/system/src/main/org/jboss/system/server/security/SecurityPolicy.java
Log:
Experimental installation of security policy in the bootstrap

Added: trunk/server/src/etc/conf/default/java.policy
===================================================================
--- trunk/server/src/etc/conf/default/java.policy	                        (rev 0)
+++ trunk/server/src/etc/conf/default/java.policy	2008-11-06 19:15:09 UTC (rev 80610)
@@ -0,0 +1,4 @@
+grant {
+        // Allow everything for now
+        permission java.security.AllPermission;
+};

Added: trunk/server/src/etc/conf/default/security.xml
===================================================================
--- trunk/server/src/etc/conf/default/security.xml	                        (rev 0)
+++ trunk/server/src/etc/conf/default/security.xml	2008-11-06 19:15:09 UTC (rev 80610)
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+   The JMX Subsystem
+-->
+<deployment xmlns="urn:jboss:bean-deployer:2.0">
+
+   <classloader><inject bean="security-classloader:0.0.0"/></classloader>
+
+   <classloader name="security-classloader" xmlns="urn:jboss:classloader:1.0" export-all="NON_EMPTY" import-all="true"/>
+
+   <!-- The legacy JMX kernel -->
+   <bean name="SecurityPolicy" class="org.jboss.system.server.security.SecurityPolicy">
+      <property name="securityManager"><javabean xmlns="urn:jboss:javabean:2.0" class="java.lang.SecurityManager"/></property>
+      <property name="policyURL">${jboss.server.config.url}/java.policy</property>
+   </bean>
+   
+</deployment>

Added: trunk/system/src/main/org/jboss/system/server/security/SecurityPolicy.java
===================================================================
--- trunk/system/src/main/org/jboss/system/server/security/SecurityPolicy.java	                        (rev 0)
+++ trunk/system/src/main/org/jboss/system/server/security/SecurityPolicy.java	2008-11-06 19:15:09 UTC (rev 80610)
@@ -0,0 +1,99 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2008, Red Hat Middleware LLC, and individual contributors
+* as indicated by the @author tags. See the copyright.txt file in the
+* distribution for a full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.system.server.security;
+
+import java.net.URL;
+import java.security.Policy;
+
+import org.jboss.beans.metadata.api.annotations.Start;
+
+/**
+ * SecurityPolicy.
+ * 
+ * @author <a href="adrian at jboss.com">Adrian Brock</a>
+ * @version $Revision: 1.1 $
+ */
+public class SecurityPolicy
+{
+   /** Whether to install the security manager */
+   private SecurityManager securityManager;
+   
+   /** The policy url */
+   private URL policyURL;
+
+   /**
+    * Get the securityManager.
+    * 
+    * @return the securityManager.
+    */
+   public SecurityManager getSecurityManager()
+   {
+      return securityManager;
+   }
+
+   /**
+    * Set the securityManager.
+    * 
+    * @param securityManager the securityManager.
+    */
+   public void setSecurityManager(SecurityManager securityManager)
+   {
+      this.securityManager = securityManager;
+   }
+
+   /**
+    * Get the policyURL.
+    * 
+    * @return the policyURL.
+    */
+   public URL getPolicyURL()
+   {
+      return policyURL;
+   }
+
+   /**
+    * Set the policyURL.
+    * 
+    * @param policyURL the policyURL.
+    */
+   public void setPolicyURL(URL policyURL)
+   {
+      this.policyURL = policyURL;
+   }
+   
+   @Start
+   public void start()
+   {
+      if (policyURL != null)
+         System.setProperty("java.security.policy", policyURL.toExternalForm());
+      Policy.getPolicy().refresh();
+      
+      if (securityManager != null)
+         System.setSecurityManager(securityManager);
+   }
+   
+   public void stop()
+   {
+      if (securityManager != null)
+         System.setSecurityManager(null);
+   }
+}