Jar files that include a META-INF/PERMISSIONS.LIST file, allow a
ProxyPreparer to grant these permissions dynamically.
A CachingSecurityManager caches the result of check permission calls for AccessControlContexts.
Parser of policy syntax.
RemotePolicy is a service api that can be implemented by a distributed Policy service, allowing local Policy providers to be updated remotely by a djinn group administrator.
RevocablePolicy, is a Java Security Policy Provider that supports Runtime Dynamic addition and removal of PermissionGrant's Warning: Not all Permission's are truly revocable, while any Permission can be dynamically added and later removed from this policy, many JVM Permission implementations are used in ways that allow references to escape To quote Tim Blackman, from river-dev: I remember talking with Bob and Mike Warres about this.
Policy providers can implement this interface to provide nested policies a common interface to allow delayed creation of PermissionCollection instances until all after all Permission objects are collected, allowing the implementer to add Permission objects to a PermissionCollection in an order that avoids unnecessary reverse DNS calls for example.
A common superclass with utility methods for policy providers.
Utility class to make working with PERMISSIONS.LIST files easier.
CombinerSecurityManager, is intended to be a highly scalable SecurityManager implementation that caches the results of security checks for each context, which may be an instance of SecurityContext or AccessControlContext.
Concurrent Policy implementation based on policy configuration URL's, it is intended to provide concurrent implies() for greatly improved throughput.
This is a basic loader of policy files.
Permissions such as SocketPermission or FilePermission guard a resource but allow that resource to escape the control of the SecurityManager and Policy provider, this prevents them from being revoked.
The DelegateSecurityManager is designed to enable the use of Delegate decorators to encapsulate security sensitive objects using Li Gong's method guard pattern.
A Comparator for Permission that avoids using equals and hashCode() on Permission implementations.
PermissionGrant implementations are expected to be immutable, non blocking,
thread safe and have a good hashCode implementation to perform well in
The PermissionGrantBuilder creates Dynamic PermissionGrant's based on information provided by the user.
A "remote" or "REMOTE" PolicyPermission is allows updating a RemotePolicy
An implementation of RemotePolicy.
Disk access of policy files is performed serially.
Copyright © 2016–2018 The Apache Software Foundation. All rights reserved.