org.eclipse.jetty.policy
Class JettyPolicy
java.lang.Object
java.security.Policy
org.eclipse.jetty.policy.JettyPolicy
public class JettyPolicy
- extends Policy
Policy implementation that will load a set of policy files and manage the mapping of permissions and protection domains
The reason I created this class and added this mechanism are:
1) I wanted a way to be able to follow the startup mechanic that jetty uses with jetty-start using OPTIONS=policy,default
to be able to startup a security manager and policy implementation without have to rely on the existing JVM cli options
2) establish a starting point to add on further functionality to permissions based security with jetty like jmx enabled
permission tweaking or runtime creation and specification of policies for specific webapps
3) I wanted to have support for specifying multiple policy files to source permissions from
Possible additions are:
- directories of policy file support
- jmx enabled a la #2 above
- proxying of system security policy where we can proxy access to the system policy should the jvm have been started with
one, I had support for this but ripped it out to add in again later
- merging of protection domains if process multiple policy files that declare permissions for the same codebase
- an xml policy file parser, had originally added this using modello but tore it out since it would have been
a nightmare to get its dependencies through IP validation, could do this with jvm xml parser instead sometime
- check performance of the synch'd map I am using for the protection domain mapping
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JettyPolicy
public JettyPolicy(Set<String> policies,
Map<String,String> properties)
getPermissions
public PermissionCollection getPermissions(ProtectionDomain domain)
- Overrides:
getPermissions
in class Policy
getPermissions
public PermissionCollection getPermissions(CodeSource codesource)
- Specified by:
getPermissions
in class Policy
refresh
public void refresh()
- Specified by:
refresh
in class Policy
Copyright © 1995-2009 Mort Bay Consulting. All Rights Reserved.