Class DynSecurityPolicy

  extended by java.security.Policy
      extended by jxl.enclosure.security.DynSecurityPolicy

public final class DynSecurityPolicy
extends java.security.Policy

DynSecurityPolicy is a policy implementation that requests and persists user input regarding permission grants and denies.

Alex Lynch

Field Summary
static java.security.Permission ENCLOSURE_PERM
Constructor Summary
          Creates a new instance of DynSecurityPolicy
Method Summary
static void checkEnclosure()
          First calls install() then, checks the current call stack for AllPermission.
 java.security.PermissionCollection getPermissions(java.security.CodeSource codeSource)
          Returns a empty Permissions object.
 java.security.PermissionCollection getPermissions(java.security.ProtectionDomain domain)
          returns getPermissions(domain.getCodeSource());
 boolean implies(java.security.ProtectionDomain domain, java.security.Permission permission)
          This method does the actual permission check work.
static void install()
          Install a DynSecurityPolicy (and a SecurityManager) if one is not installed.
 void refresh()
          Silent no op.
Methods inherited from class java.security.Policy
getPolicy, setPolicy
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail


public static final java.security.Permission ENCLOSURE_PERM
Constructor Detail


public DynSecurityPolicy()
Creates a new instance of DynSecurityPolicy

Method Detail


public static void install()
Install a DynSecurityPolicy (and a SecurityManager) if one is not installed. This activates the Enclosure security system.


public static void checkEnclosure()
                           throws java.lang.SecurityException
First calls install() then, checks the current call stack for AllPermission. This permission is only granted to Enclosure classes and there dependencies, thus we check if this call is being made by Enclosure.

java.lang.SecurityException - If this call is not being made by Enclosure (does not have AllPermission)


public java.security.PermissionCollection getPermissions(java.security.CodeSource codeSource)
Returns a empty Permissions object. This is because no permissions are granted to any module by default.

Specified by:
getPermissions in class java.security.Policy


public java.security.PermissionCollection getPermissions(java.security.ProtectionDomain domain)
returns getPermissions(domain.getCodeSource());

getPermissions in class java.security.Policy


public boolean implies(java.security.ProtectionDomain domain,
                       java.security.Permission permission)
This method does the actual permission check work. The checking proccess is as follows.

First - Check to see if the class-loader of domain is not an instance of jxl.enclosure.loader.DynClassLoader.InternalLoader. If it is not then the permission is granted. This is because Enclosure only secures what it controls. The vm class loaders are beyond control. Also by not specifically checking to see if the loader is the System ClassLoader, we allow the vm t use a seperate class-loader to load extentions (as does the sun 1.5 jvm).

Second - Check to see if permission is listed in ForbidenPermissions. If it is emit a stack trace, of a SecurityException explaining the attempted access, and deny the permission. The printed stack trace is to thwart any attemp by the caller to catch the subsequent SecurityException that the AccessController will throw.

Third - Get the CodeSigners of the domain. If the signers are null or empty (no signatures) then emit a small warning and deny the permission.

Forth - Check the persistent permission data for the signers. If any of the signers has previously been granted this permission grant it now. If all have been denied, deny it now.

Fifth - If none of the signers has been granted permission, but not all have been denied, that is one or more of the signers has an undefined state for this permission, then display a security gui asking the user to grant or deny the permission to any or all of the undefied signers. Once the user has given his input the data is persisted, and this method is called recursively to evaluate the new data.

implies in class java.security.Policy
domain - The PermissionDomain of the caller
permission - the permission to check
true it this permission is granted, otherwise false


public void refresh()
Silent no op.

Specified by:
refresh in class java.security.Policy