Examples of com.sun.jini.tool.DebugDynamicPolicyProvider$Request

• gnu.x11.Request
  Defines a {@link DynamicPolicy} that logs information about missingpermissions, and optionally grants all permissions, which is FOR DEBUGGING ONLY. Do not use this security policy provider to grant all permissions in a production environment.

  This class is intended to simplify the process of deciding what security permissions to grant to run an application. While it is generally acceptable to grant all permissions to local, trusted code, downloaded code should typically be granted the least permission possible.

  The usual approach to choosing which permissions to grant is to start by running the application with a security policy file that grants all permissions to local, trusted code. When the application fails with an exception message that identifies a missing permission, add that permission to the security policy file, and repeat the process. Although straight forward, this process can be time consuming if the application requires many permission grants.

  Another approach is to set the value of the "java.security.debug" system property to "access,failure", which produces debugging output that describes permission grants and failures. Unfortunately, this approach produces voluminous output, making it difficult to determine which permission grants are needed.

  This security policy provider permits another, hopefully more convenient, approach. When this class is specified as the security policy provider, and granting all permissions is enabled, it uses the standard dynamic security policy to determine what permissions are granted. If a permission is not granted by the standard policy, though, then rather than denying permission, this class logs the missing permission in the form required by the security policy file, and grants the permission, allowing the program to continue. In this way, developers can determine the complete set of security permissions required by the application.

  Note that the information printed by this security policy provider may not be in the form you wish to use in your policy file. In particular, using system property substitutions and KeyStore aliases may produce a more portable file than one containing the exact entries logged. Note, too, that the information printed for signedBy fields specifies the principal name for X.509 certificates, rather than the KeyStore alias, which is not a valid security policy file format.

  Using this security policy provider without granting all permissions is also useful since it prints information about security exceptions that were caught, but that might have an affect on program behavior.

  This class uses uses the {@link Logger} namednet.jini.security.policy to log information at the following levels:

  • {@link Level#WARNING WARNING} - Permissions that were needed but notgranted by the policy file.
  • {@link Level#FINE FINE} - Also include stack traces.
  • {@link Level#FINER FINER} - All permissions granted, with stack tracesfor ones not granted by the policy file, and dynamic grants.
  • {@link Level#FINEST FINEST} - All permissions granted, with all stacktraces, and dynamic grants.

  To use this security policy provider, do the following:

  • Copy the jsk-policy.jar file from the lib-ext subdirectory of the Apache River release installation to the extensions directory of the Java(TM) 2 SDK (or JRE) installation, and copy the jsk-debug-policy.jar file from the lib subdirectory of the Apache River release installation to the extensions directory of the Java 2 SDK (or JRE) installation.
  • Specify this class as the security policy provider. Create a copy of the file jre/lib/security/security/java.security, modify the file to contain the line:

     policy.provider=com.sun.jini.tool.DebugDynamicPolicyProvider 

    and then specify this new file as the value of the java.security.properties system property.
  • Specify whether all permissions should be granted by setting the com.sun.jini.tool.DebugDynamicPolicyProvider.grantAll security property to true by adding the following line to the security properties file:

     com.sun.jini.tool.DebugDynamicPolicyProvider.grantAll=true 

  Granting all permissions is disabled by default.

  Make sure to specify a security manager, either by setting the java.security.manager system property, or putting the following code in the main method of the application:

   if (System.getSecurityManager() == null) { System.setSecurityManager(new SecurityManager()); } 

  This provider can be used in conjunction with the provider com.sun.jini.start.AggregatePolicyProvider by setting the com.sun.jini.start.AggregatePolicyProvider.mainPolicyClass system property to the fully qualified name of this class. If this provider is used with the AggregatePolicyProvider, then the JAR file jsk-debug-policy.jar needs to be in the application's class path, and this class needs to be granted all permissions. @author Sun Microsystems, Inc.

     */
    private static UnitAction convertMethodToUnitAction(final Method method,
        final Resource resource, final String path) {
        String id = method.getId();
        String methodName = method.getName();
        Request request = method.getRequest();

        List<Parameter> parameters = new ArrayList<Parameter>();
        if (request != null) {
            List<Param> params = request.getParamList();
            if (params != null) {
                for (Param param : params) {
                    Parameter parameter = convertParameter(param);
                    parameter.setStyle(Parameter.ParameterStyle.QUERY);
                    parameters.add(parameter);

  // These extension requests expect replies
  XProtocolInfo.extensionRequestExpectsReply(major_opcode, 0, 32); // QueryVersion
  XProtocolInfo.extensionRequestExpectsReply(major_opcode, 7, 32); // GetOverlayWindow

  // check version before any other operations
  Request request = new Request (display, major_opcode, 0, 3);
  request.write4 (CLIENT_MAJOR_VERSION);
  request.write4 (CLIENT_MINOR_VERSION);

  Data reply = display.read_reply (request);
  server_major_version = reply.read4 (8);
  server_minor_version = reply.read4 (12);
    }

    /**
     * Composite opcode 1 - redirect window
     */
    public void redirectWindow(Window window, int update) {
  Request request = new Request (display, major_opcode, 1, 3);
  request.write4 (window.id);
  request.write1 (update);
  request.write1 (0);
  request.write2 (0);
  display.send_request (request);
    }

    /**
     * Composite opcode 2 - redirect subwindows
     */
    public void redirectSubwindows(Window window, int update) {
  Request request = new Request (display, major_opcode, 2, 3);
  request.write4 (window.id);
  request.write1 (update);
  request.write1 (0);
  request.write2 (0);
  display.send_request (request);
    }

    /**
     * Composite opcode 3 - unredirect window
     */
    public void unredirectWindow(Window window, int update) {
  Request request = new Request (display, major_opcode, 3, 3);
  request.write4 (window.id);
  request.write1 (update);
  request.write1 (0);
  request.write2 (0);
  display.send_request (request);
    }

    /**
     * Composite opcode 4 - unredirect subwindows
     */
    public void unredirectSubwindows(Window window, int update) {
  Request request = new Request (display, major_opcode, 4, 3);
  request.write4 (window.id);
  request.write1 (update);
  request.write1 (0);
  request.write2 (0);
  display.send_request (request);
    }

    /**
     * Composite opcode 7 - GetOverlayWindow
     */
    public long getOverlayWindow (Window win) {
  Request request = new Request (display, major_opcode, 7, 2);
  request.write4 (win.id);

  Data reply = display.read_reply (request);
  if (reply == null) {
      return -1;
  }

    // These extension requests expect replies
    XProtocolInfo.extensionRequestExpectsReply(major_opcode, 0, 32); // QueryVersion

    // check version before any other operations
    Request request = new Request (display, major_opcode, 0, 3);
    request.write4 (CLIENT_MAJOR_VERSION);
    request.write4 (CLIENT_MINOR_VERSION);

    Data reply = display.read_reply (request);
    server_major_version = reply.read2 (8);
    server_minor_version = reply.read2 (10);
  }

#define sz_xXFixesCreateRegionReq  8
*/
  public int X11FixesCreateRegion (Rectangle[] rect, int nrrect) {
    int region = display.allocate_id(this);
    Request request = new Request (display, major_opcode, 5,2 + (nrrect<<2));
    request.write4 (region);
    if(rect != null)
    {
        for(int i=0; i < nrrect; i++)
        {
           request.write2 (rect[i].x);
           request.write2 (rect[i].y);
           request.write2 (rect[i].width);
           request.write2 (rect[i].height);
        }
    }
    display.send_request (request);
    return region;
  }

#define sz_xXFixesCreateRegionFromBitmapReq  12
*/
   public int X11FixesCreateRegionFromBitmap (Pixmap pixmap) {
    int region = display.allocate_id(this);
    Request request = new Request (display, major_opcode, 6,3);
    request.write4 (region);
    request.write4 (pixmap.id);

    display.send_request (request);
    return region;
  }