org.licas.security

Class SecurityWebManager

java.lang.Object

org.licas.security.SecurityWebManager

public class SecurityWebManager
extends java.lang.Object

This manages permissions to files or resources running on a licas server. This stores and handles permissions separately from the System security manager, but it also tries to use those permissions, as part of the security process. Different to the System security manager, any declared folder automatically assigns to any of its files, or files in any sub-folders, the same permissions. So it is an inclusive permission for all contained files and folders.

For direct file retrieval, the process might work as follows: The user types something like: http://127.0.0.1:8080/htmlFolder/file.html The system parses this and gets 'htmlFolder/file.html' as the instruction. It retrieves all of its allowed base directories, adds this and then checks if there is an existing file with that name. If for example, the default C:/DCS/web folder is assumed, it will check if C:/DCS/web/htmlFolder/file.html allowed. If however, you also add something like C:/Users/You/Documents as allowed, then it can look for a file at C:/Users/You/Documents/htmlFolder/file.html as well. The first match will be returned so duplication is not advised. There is also a websearch folder inside the web folder. You can use this to place text documents that you allow to be searched for and analysed for actual content to be matched to. It might be useful for distributed queries, for example. The System security manager might change read/write permissions on this.

Author:

Kieran Greer

Method Summary

Modifier and Type	Method and Description
boolean	addPermission(java.lang.String type, java.lang.String key, java.lang.String value) Add a new permission of the specified type.
Permission	checkPermission(java.lang.String type, java.lang.String key, java.lang.String value) Check if the specified permission allowed.
void	clearPermissions(java.lang.String permissionsType) Clear the permissions list for the specified permissions type.
static SecurityWebManager	getInstance() Get the instance of the security manager.
java.util.HashMap<java.lang.String,PermissionsList<java.lang.String,?>>	getLocalPermissions() Get the list of permissions for this security/web manager only.
boolean	removePermission(java.lang.String type, java.lang.String key, java.lang.String value) Remove a permission of the specified type.
static void	setInstance(SecurityWebManager swManager) Set the instance of the security manager.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getInstance

public static SecurityWebManager getInstance()

Get the instance of the security manager.

Returns:

the single instance of the security manager.

setInstance

public static void setInstance(SecurityWebManager swManager)

Set the instance of the security manager. This is done automatically, so you only need to set if using a different manager. This can only be set if the manager is currently empty.

Parameters:

swManager - the new security web manager.

clearPermissions

public void clearPermissions(java.lang.String permissionsType)

Clear the permissions list for the specified permissions type. This might perform other operations for default settings.

Parameters:

permissionsType - the permissions type.

checkPermission

public Permission checkPermission(java.lang.String type,
                                  java.lang.String key,
                                  java.lang.String value)

Check if the specified permission allowed. The System security manager is also considered, but the file path should be covered by the licas security manager.

Parameters:

type - the permission type. Currently only MetaConst.FILEPERMISSION.

key - the permission key or description. For a file access, for example, it is the additional file path that gets added to the default folder locations.

value - the permission value. For a folder access for example, it is the access right - read / write, etc.

Returns:

the permission reply if allowed, or null if access is denied.

addPermission

public boolean addPermission(java.lang.String type,
                             java.lang.String key,
                             java.lang.String value)

Add a new permission of the specified type. The permission is added locally only. The system security manager might also have the same permission.

Parameters:

type - the permission type. Currently only MetaConst.FILEPERMISSION.

key - the permission key or description. For a folder access for example, it is the folder path.

value - the permission value. For a folder access for example, it is the access right - read / write, etc.

Returns:

true if added OK or it already allowed, false if there is an error.

removePermission

public boolean removePermission(java.lang.String type,
                                java.lang.String key,
                                java.lang.String value)

Remove a permission of the specified type. The permission is removed locally only. The system security manager might also have the same permission.

Parameters:

type - the permission type. Currently only MetaConst.FILEPERMISSION.

key - the permission key or description. For a folder access for example, it is the folder path.

value - the permission value. For a folder access for example, it is the read / write access permission, etc. MetaConst.ALL means to remove the permission completely and not just a specific case.

Returns:

true if removed completely, false if it is still a base security manager permission, even if it has been removed locally.

getLocalPermissions

public java.util.HashMap<java.lang.String,PermissionsList<java.lang.String,?>> getLocalPermissions()

Get the list of permissions for this security/web manager only. Any permissions for the parent System SecurityManager are not returned.

Returns:

the value of swPermissions.