javolution.context

Class SecurityContext

java.lang.Object

javolution.context.Context

javolution.context.SecurityContext

All Implemented Interfaces:

java.io.Serializable, XMLSerializable

public abstract class SecurityContext
extends Context

This class represents a high-level security context (low level security being addressed by the system security manager).

Applications may extend this base class to address specific security requirements. For example:

     // This class defines custom policy with regards to database access.
     public abstract class DatabaseAccess extends SecurityContext  {
         public static boolean isReadAllowed(Table table) {
             SecurityContext policy = SecurityContext.current();
             return (policy instanceof DatabaseAccess.Permission) ?
                 ((DatabaseAccess.Permission)policy).isReadable(table) : false;
         }
         public interface Permission {
             boolean isReadable(Table table);
             boolean isWritable(Table table);
         }
     }

The use of interfaces (such as Permission above) makes it easy for custom policies to support any security actions. For example:

     class Policy extends SecurityContext implements DatabaseAccess.Permission, FileAccess.Permission {
          public boolean isReadable(Table table) {
              return !table.isPrivate();
          }
          public boolean isWritable(Table table) {
              return Session.getSession().getUser().isAdministrator();
          }
          public boolean isReadable(File file) {
              return true;
          }
          public boolean isWritable(File file) {
              return false;
          }
     }
     ...
     Policy localPolicy = new Policy();
     SecurityContext.enter(localPolicy); // Current thread overrides default policy (configurable)
     try {                               // (if allowed, ref. SecurityContext.isReplaceable())
         ...
         DatabaseAccess.isReadAllowed(table);
         ...
         FileAccess.isWriteAllowed(file);
         ...
     } finally {
         SecurityContext.exit();
     }

The default permissions managed by the DEFAULT implementation are the permission to replace the current security context by default) and the permission to configure the application.

Version:

5.2, August 5, 2007

Author:

Jean-Marie Dautelle

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static Configurable<java.lang.Class<? extends SecurityContext>>	DEFAULT Holds the default security context implementation (configurable).

Fields inherited from class javolution.context.Context

ROOT

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	SecurityContext() Default constructor.

Method Summary

Modifier and Type	Method and Description
protected void	enterAction() The action to be performed after this context becomes the current context.
protected void	exitAction() The action to be performed before this context is no more the current context.
static SecurityContext	getCurrentSecurityContext() Returns the current security context.
static SecurityContext	getDefault() Returns the default instance (DEFAULT implementation).
boolean	isConfigurable(Configurable cfg) Indicates if this security context allows changes in the specified Configurable (default true).
boolean	isReplaceable() Indicates if a new security context can be entered (default true).

Methods inherited from class javolution.context.Context

enter, enter, exit, exit, getCurrentContext, getOuter, getOwner, setConcurrentContext, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

DEFAULT

public static final Configurable<java.lang.Class<? extends SecurityContext>> DEFAULT

Holds the default security context implementation (configurable).

Constructor Detail

SecurityContext

protected SecurityContext()

Default constructor.

Method Detail

getCurrentSecurityContext

public static SecurityContext getCurrentSecurityContext()

Returns the current security context. If the current thread has not entered any security context then getDefault() is returned.

Returns:

the current security context.

getDefault

public static SecurityContext getDefault()

Returns the default instance (DEFAULT implementation).

Returns:

the default instance.

enterAction

protected final void enterAction()

Description copied from class: Context

The action to be performed after this context becomes the current context.

Specified by:

enterAction in class Context

exitAction

protected final void exitAction()

Description copied from class: Context

The action to be performed before this context is no more the current context.

Specified by:

exitAction in class Context

isReplaceable

public boolean isReplaceable()

Indicates if a new security context can be entered (default true). Applications may return false and prevent untrusted code to increase their privileges. Usually, such security setting should also prevent reconfiguring of the default security context by making DEFAULT not replaceable.

Returns:

true if a new security context can be entered; false otherwise.

isConfigurable

public boolean isConfigurable(Configurable cfg)

Indicates if this security context allows changes in the specified Configurable (default true). Applications may override this method to return false and prevent untrusted code to update the some or all configuration parameters.

Parameters:

cfg - the configurable to check if changes are allowed.

Returns:

true if the specified configurable can be modified; false otherwise.