Examples of java.security.AccessControlContext.checkPermission()

Class java.security.AccessControlContext

Examples of java.security.AccessControlContext.checkPermission()

java.security.AccessControlContext.checkPermission()
Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect, and the context in this object. The request is allowed only if every ProtectionDomain in the context implies the permission. Otherwise the request is denied.
This method quietly returns if the access request is permitted, or throws a suitable AccessControlException otherwise. @param perm the requested permission. @exception AccessControlException if the specified permissionis not permitted, based on the current security policy and the context encapsulated by this object. @exception NullPointerException if the permission to check for is null.

            ServletHttpRequest servletHttpRequest = (ServletHttpRequest) request.getWrapper();


            /**
             * JACC v1.0 secion 4.1.1
             */
            acc.checkPermission(new WebUserDataPermission(servletHttpRequest));


            /**
             * JACC v1.0 secion 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(servletHttpRequest));

View Full Code Here

            acc.checkPermission(new WebUserDataPermission(servletHttpRequest));


            /**
             * JACC v1.0 secion 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(servletHttpRequest));
        } catch (HttpException he) {
            response.sendError(he.getCode(), he.getReason());
            return false;
        } catch (AccessControlException ace) {
            response.sendError(HttpResponse.__403_Forbidden);

View Full Code Here

    }


    public boolean isUserInRole(Principal user, String role) {
        AccessControlContext acc = ContextManager.getCurrentContext();
        try {
            acc.checkPermission(new WebRoleRefPermission(JettyServletHolder.getJettyServletHolder().getName(), role));
        } catch (AccessControlException e) {
            return false;
        }
        return true;
    }

View Full Code Here


                ProtectionDomain[] context = new ProtectionDomain[] { domain };
                AccessControlContext accContext = new AccessControlContext(
                        context);


                accContext.checkPermission(permission);
            }
        };


        System.setSecurityManager(sm);

View Full Code Here


            Permission permission = new EJBMethodPermission(ejbName, name, method);


            AccessControlContext accessContext = ContextManager.getCurrentContext();


            if (permission != null) accessContext.checkPermission(permission);


        } catch (AccessControlException e) {
            return false;
        }
        return true;

View Full Code Here


  @Test
  public void testSecuritySanity() throws Exception {
    AccessControlContext acc = provider.getAccessControlContext();
    try {
      acc.checkPermission(new PropertyPermission("*", "read"));
      fail("Acc should not have any permissions");
    } catch (SecurityException se) {
      // expected
    }

View Full Code Here

            // JACC v1.0 secion B.19
            String servletName = JettyServletHolder.getCurrentServletName();
            if (servletName.equals("jsp")) {
                servletName = "";
            }
            acc.checkPermission(new WebRoleRefPermission(servletName, role));
        } catch (AccessControlException e) {
            return false;
        }
        return true;
    }

View Full Code Here

                transportType = "INTEGRAL";
            } else {
                transportType = "NONE";
            }
            WebUserDataPermission wudp = new WebUserDataPermission(servletHttpRequest.getServletPath(), new String[]{servletHttpRequest.getMethod()}, transportType);
            acc.checkPermission(wudp);


            /**
             * JACC v1.0 secion 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(servletHttpRequest));

View Full Code Here

            acc.checkPermission(wudp);


            /**
             * JACC v1.0 secion 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(servletHttpRequest));
        } catch (HttpException he) {
            response.sendError(he.getCode(), he.getReason());
            return false;
        } catch (AccessControlException ace) {
            response.sendError(HttpResponse.__403_Forbidden);

View Full Code Here

                //What about INTEGRAL?? Does Tomcat support it??
            } else {
                transportType = "NONE";
            }
            WebUserDataPermission wudp = new WebUserDataPermission(request.getServletPath(), new String[]{request.getMethod()}, transportType);
            acc.checkPermission(wudp);


        } catch (AccessControlException ace) {
            response.sendError(Response.SC_FORBIDDEN);
            return false;
        }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.