Examples of SecurityManager

• com.bradmcevoy.http.SecurityManager
• com.dbxml.db.core.security.SecurityManager
  SecurityManager manages Users, Roles, and Access Control Lists for dbXML.
• com.eaglegenomics.simlims.core.manager.SecurityManager
• com.sun.enterprise.SecurityManager
  This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface. @author Harish Prabandham
• com.sun.enterprise.security.SecurityManager
  This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface. @author Harish Prabandham
• com.sun.org.apache.xerces.internal.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java,v 1.2 2005/08/16 22:49:14 jeffsuttor Exp $
• java.lang.SecurityManager
  The security manager is a class that allows applications to implement a security policy. It allows an application to determine, before performing a possibly unsafe or sensitive operation, what the operation is and whether it is being attempted in a security context that allows the operation to be performed. The application can allow or disallow the operation.

  The SecurityManager class contains many methods with names that begin with the word check. These methods are called by various methods in the Java libraries before those methods perform certain potentially sensitive operations. The invocation of such a check method typically looks like this:

   SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkXXX(argument,  . . . ); } 

  The security manager is thereby given an opportunity to prevent completion of the operation by throwing an exception. A security manager routine simply returns if the operation is permitted, but throws a SecurityException if the operation is not permitted. The only exception to this convention is checkTopLevelWindow, which returns a boolean value.

  The current security manager is set by the setSecurityManager method in class System. The current security manager is obtained by the getSecurityManager method.

  The special method {@link SecurityManager#checkPermission(java.security.Permission)}determines whether an access request indicated by a specified permission should be granted or denied. The default implementation calls

   AccessController.checkPermission(perm); 

  If a requested access is allowed, checkPermission returns quietly. If denied, a SecurityException is thrown.

  As of Java 2 SDK v1.2, the default implementation of each of the other check methods in SecurityManager is to call the SecurityManager checkPermission method to determine if the calling thread has permission to perform the requested operation.

  Note that the checkPermission method with just a single permission argument always performs security checks within the context of the currently executing thread. Sometimes a security check that should be made within a given context will actually need to be done from within a different context (for example, from within a worker thread). The {@link SecurityManager#getSecurityContext getSecurityContext} method and the {@link SecurityManager#checkPermission(java.security.Permission,java.lang.Object) checkPermission}method that includes a context argument are provided for this situation. The getSecurityContext method returns a "snapshot" of the current calling context. (The default implementation returns an AccessControlContext object.) A sample call is the following:

   Object context = null; SecurityManager sm = System.getSecurityManager(); if (sm != null) context = sm.getSecurityContext();  

  The checkPermission method that takes a context object in addition to a permission makes access decisions based on that context, rather than on that of the current execution thread. Code within a different context can thus call that method, passing the permission and the previously-saved context object. A sample call, using the SecurityManager sm obtained as in the previous example, is the following:

   if (sm != null) sm.checkPermission(permission, context); 

  Permissions fall into these categories: File, Socket, Net, Security, Runtime, Property, AWT, Reflect, and Serializable. The classes managing these various permission categories are java.io.FilePermission, java.net.SocketPermission, java.net.NetPermission, java.security.SecurityPermission, java.lang.RuntimePermission, java.util.PropertyPermission, java.awt.AWTPermission, java.lang.reflect.ReflectPermission, and java.io.SerializablePermission.

  All but the first two (FilePermission and SocketPermission) are subclasses of java.security.BasicPermission, which itself is an abstract subclass of the top-level class for permissions, which is java.security.Permission. BasicPermission defines the functionality needed for all permissions that contain a name that follows the hierarchical property naming convention (for example, "exitVM", "setFactory", "queuePrintJob", etc). An asterisk may appear at the end of the name, following a ".", or by itself, to signify a wildcard match. For example: "a.*" or "*" is valid, "*a" or "a*b" is not valid.

  FilePermission and SocketPermission are subclasses of the top-level class for permissions (java.security.Permission). Classes like these that have a more complicated name syntax than that used by BasicPermission subclass directly from Permission rather than from BasicPermission. For example, for a java.io.FilePermission object, the permission name is the path name of a file (or directory).

  Some of the permission classes have an "actions" list that tells the actions that are permitted for the object. For example, for a java.io.FilePermission object, the actions list (such as "read, write") specifies which actions are granted for the specified file (or for files in the specified directory).

  Other permission classes are for "named" permissions - ones that contain a name but no actions list; you either have the named permission or you don't.

  Note: There is also a java.security.AllPermission permission that implies all permissions. It exists to simplify the work of system administrators who might need to perform multiple tasks that require all (or numerous) permissions.

  See Permissions in the JDK for permission-related information. This document includes, for example, a table listing the various SecurityManager check methods and the permission(s) the default implementation of each such method requires. It also contains a table of all the version 1.2 methods that require permissions, and for each such method tells which permission it requires.

  For more information about SecurityManager changes made in the JDK and advice regarding porting of 1.1-style security managers, see the security documentation. @author Arthur van Hoff @author Roland Schemers @version 1.139, 04/21/06 @see java.lang.ClassLoader @see java.lang.SecurityException @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object) checkTopLevelWindow @see java.lang.System#getSecurityManager() getSecurityManager @see java.lang.System#setSecurityManager(java.lang.SecurityManager) setSecurityManager @see java.security.AccessController AccessController @see java.security.AccessControlContext AccessControlContext @see java.security.AccessControlException AccessControlException @see java.security.Permission @see java.security.BasicPermission @see java.io.FilePermission @see java.net.SocketPermission @see java.util.PropertyPermission @see java.lang.RuntimePermission @see java.awt.AWTPermission @see java.security.Policy Policy @see java.security.SecurityPermission SecurityPermission @see java.security.ProtectionDomain @since JDK1.0

• mf.org.apache.xerces.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java 447241 2006-09-18 05:12:57Z mrglavas $
• org.apache.qpid.server.security.SecurityManager
• org.apache.sandesha2.security.SecurityManager
  SecurityManager interface. This manages the link between the RM layer and Security, so that the CreateSequence message can be secured using a SecurityTokenReference. Once the sequence is secured using the STR, each inbound messgae must be checked to ensure the sender has demonstrated proof-of-possession of the referenced token. See the WS-RM 1.0 spec for details.
• org.apache.shiro.mgt.SecurityManager
  A {@code SecurityManager} executes all security operations for all Subjects (aka users) across asingle application.

  The interface itself primarily exists as a convenience - it extends the {@link org.apache.shiro.authc.Authenticator}, {@link Authorizer}, and {@link SessionManager} interfaces, thereby consolidatingthese behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and tends to be a more convenient approach than referencing {@code Authenticator}, {@code Authorizer}, and {@code SessionManager} instances separately; instead one only needs to interact with a single{@code SecurityManager} instance.

  In addition to the above three interfaces, this interface provides a number of methods supporting {@link Subject} behavior. A {@link org.apache.shiro.subject.Subject Subject} executesauthentication, authorization, and session operations for a single user, and as such can only be managed by {@code A SecurityManager} which is aware of all three functions. The three parent interfaces on theother hand do not 'know' about {@code Subject}s to ensure a clean separation of concerns.

  Usage Note: In actuality the large majority of application programmers won't interact with a SecurityManager very often, if at all. Most application programmers only care about security operations for the currently executing user, usually attained by calling {@link org.apache.shiro.SecurityUtils#getSubject() SecurityUtils.getSubject()}.

  Framework developers on the other hand might find working with an actual SecurityManager useful. @author Les Hazlewood @see org.apache.shiro.mgt.DefaultSecurityManager @since 0.2

• org.apache.xerces.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java 319859 2004-03-23 01:23:41Z mrglavas $
• org.exist.security.SecurityManager
  SecurityManager is responsible for managing users and groups. There's only one SecurityManager for each database instance, which may be obtained by {@link BrokerPool#getSecurityManager()}.
• org.jboss.jms.server.SecurityManager
  @author Ovidiu Feodorov @version $Revision: 2257 $$Id: SecurityManager.java 2257 2007-02-11 01:07:47Z ovidiu.feodorov@jboss.com $
• org.jdesktop.wonderland.server.security.SecurityManager
  Interface for handling security checks. @author jkaplan
• org.mule.api.security.SecurityManager
  SecurityManager is responsible for managing one or more security providers.
• railo.runtime.security.SecurityManager
  interface for Security Manager

Examples of org.apache.sandesha2.security.SecurityManager

    }

    // Check that the create sequence response message proves possession of the correct token
    String tokenData = rmsBean.getSecurityTokenData();
    if(tokenData != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      MessageContext crtSeqResponseCtx = createSeqResponseRMMsgCtx.getMessageContext();
      OMElement body = crtSeqResponseCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(tokenData);
      secManager.checkProofOfPossession(token, body, crtSeqResponseCtx);
    }

    String internalSequenceId = rmsBean.getInternalSequenceID();
    if (internalSequenceId == null || "".equals(internalSequenceId)) {
      String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.tempSeqIdNotSet);

Examples of org.apache.sandesha2.security.SecurityManager

    createSeqRMMsg.setMessagePart(Sandesha2Constants.MessageParts.CREATE_SEQ, createSequencePart);

    // Find the token that should be used to secure this new sequence. If there is a token, then we
    // save it in the properties so that the caller can store the token within the create sequence
    // bean.
    SecurityManager secMgr = SandeshaUtil.getSecurityManager(context);
    SecurityToken token = secMgr.getSecurityToken(applicationMsgContext);
    if(token != null) {
      OMElement str = secMgr.createSecurityTokenReference(token, createSeqmsgContext);
      createSequencePart.setSecurityTokenReference(str);
      createSeqRMMsg.setProperty(Sandesha2Constants.MessageContextProperties.SECURITY_TOKEN, token);

      // If we are using token based security, and the 1.1 spec level, then we
      // should introduce a UsesSequenceSTR header into the message.
      if(createSequencePart.getNamespaceValue().equals(Sandesha2Constants.SPEC_2007_02.NS_URI)) {
        UsesSequenceSTR header = new UsesSequenceSTR(null, Sandesha2Constants.SPEC_2007_02.NS_URI);
        header.toSOAPEnvelope(createSeqmsgContext.getEnvelope());
      }

      // Ensure that the correct token will be used to secure the outbound create sequence message.
      // We cannot use the normal helper method as we have not stored the token into the sequence bean yet.
      secMgr.applySecurityToken(token, createSeqRMMsg.getMessageContext());
    }

    createSeqRMMsg.setAction(SpecSpecificConstants.getCreateSequenceAction(rmsBean.getRMVersion()));
    createSeqRMMsg.setSOAPAction(SpecSpecificConstants.getCreateSequenceSOAPAction(rmsBean.getRMVersion()));

Examples of org.apache.sandesha2.security.SecurityManager

    ConfigurationContext configCtx = message.getConfigurationContext();

    if(rmBean.getSecurityTokenData() != null) {
      if(log.isDebugEnabled()) log.debug("Securing outbound message");
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      SecurityToken token = secManager.recoverSecurityToken(rmBean.getSecurityTokenData());
      secManager.applySecurityToken(token, message);
    }

    if(log.isDebugEnabled()) log.debug("Exit: RMMsgCreator::secureOutboundMessage");
  }

Examples of org.apache.sandesha2.security.SecurityManager

    // Check that the sender of this AckRequest holds the correct token
    RMDBean rmdBean = SandeshaUtil.getRMDBeanFromSequenceId(storageManager, sequenceId);

    if(rmdBean != null && rmdBean.getSecurityTokenData() != null) {;
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configurationContext);
      SecurityToken token = secManager.recoverSecurityToken(rmdBean.getSecurityTokenData());

      secManager.checkProofOfPossession(token, soapHeader, msgContext);
    }

    // Check that the sequence requested exists
    if (FaultManager.checkForUnknownSequence(rmMsgCtx, sequenceId, storageManager, piggybackedAckRequest)) {
      if (log.isDebugEnabled())

Examples of org.apache.sandesha2.security.SecurityManager

    }

    // Check that the sender of this Ack holds the correct token
    String internalSequenceId = rmsBean.getInternalSequenceID();
    if(rmsBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      SecurityToken token = secManager.recoverSecurityToken(rmsBean.getSecurityTokenData());

      secManager.checkProofOfPossession(token, soapHeader, msgCtx);
    }

    if(log.isDebugEnabled()) log.debug("Got Ack for RM Sequence: " + outSequenceId + ", internalSeqId: " + internalSequenceId);
    Iterator ackRangeIterator = sequenceAck.getAcknowledgementRanges().iterator();

Examples of org.apache.sandesha2.security.SecurityManager

    createSequencePart.setAcksTo(acksTo);

    // Find the token that should be used to secure this new sequence. If there is a token, then we
    // save it in the properties so that the caller can store the token within the create sequence
    // bean.
    SecurityManager secMgr = SandeshaUtil.getSecurityManager(context);
    SecurityToken token = secMgr.getSecurityToken(createSeqmsgContext);
    if(token != null) {
      OMElement str = secMgr.createSecurityTokenReference(token, createSeqmsgContext);
      createSequencePart.setSecurityTokenReference(str);
      createSeqRMMsg.setProperty(Sandesha2Constants.SequenceProperties.SECURITY_TOKEN, token);

      //adding the UseSequenceSTR header
      SOAPFactory createSeqFactory = (SOAPFactory) createSeqRMMsg.getSOAPEnvelope().getOMFactory();

Examples of org.apache.sandesha2.security.SecurityManager

    String sequencePropertyKey = internalSequenceId;

    // Check that the sender of this Ack holds the correct token
    SequencePropertyBean tokenBean = seqPropMgr.retrieve(outSequenceId, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
    if(tokenBean != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());

      secManager.checkProofOfPossession(token, soapHeader, msgCtx);
    }

    Iterator ackRangeIterator = sequenceAck.getAcknowledgementRanges().iterator();
    Iterator nackIterator = sequenceAck.getNackList().iterator();

Examples of org.apache.sandesha2.security.SecurityManager

    }

    // Check that the create sequence response message proves possession of the correct token
    String tokenData = rmsBean.getSecurityTokenData();
    if(tokenData != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      MessageContext crtSeqResponseCtx = createSeqResponseRMMsgCtx.getMessageContext();
      OMElement body = crtSeqResponseCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(tokenData);
      secManager.checkProofOfPossession(token, body, crtSeqResponseCtx);
    }

    String internalSequenceId = rmsBean.getInternalSequenceID();
    if (internalSequenceId == null || "".equals(internalSequenceId)) {
      String message = SandeshaMessageHelper.getMessage(SandeshaMessageKeys.tempSeqIdNotSet);

Examples of org.apache.sandesha2.security.SecurityManager

    return sequenceID;
  }

  public static SecurityManager getSecurityManager(ConfigurationContext context) throws SandeshaException {
    SecurityManager util = (SecurityManager) context.getProperty(Sandesha2Constants.SECURITY_MANAGER);
    if (util != null) return util;

    //Currently module policies are used to find the security impl. These cant be overriden
    String securityManagerClassStr = getDefaultPropertyBean(context.getAxisConfiguration()).getSecurityManagerClass();
    util = getSecurityManagerInstance(securityManagerClassStr,context);

Examples of org.apache.sandesha2.security.SecurityManager

    String sequencePropertyKey = sequenceId;

    // Check that the sender of this AckRequest holds the correct token
    SequencePropertyBean tokenBean = seqPropMgr.retrieve(sequencePropertyKey, Sandesha2Constants.SequenceProperties.SECURITY_TOKEN);
    if(tokenBean != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configurationContext);
      SecurityToken token = secManager.recoverSecurityToken(tokenBean.getValue());

      secManager.checkProofOfPossession(token, soapHeader, msgContext);
    }

    // Setting the ack depending on AcksTo.
    SequencePropertyBean acksToBean = seqPropMgr.retrieve(sequencePropertyKey,
        Sandesha2Constants.SequenceProperties.ACKS_TO_EPR);