Produced by Araxis Merge on 9/25/2018 2:13:12 PM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
# | Location | File | Last Modified |
---|---|---|---|
1 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\javax\security\auth\kerberos | ServicePermission.java | Mon Jan 22 14:46:54 2018 UTC |
2 | build 3.zip\build 3\MHLTH_YS_137_Source\JavaScript\resources\javaJDF-1.8.0\src\javax\security\auth\kerberos | ServicePermission.java | Wed Sep 12 17:23:22 2018 UTC |
Description | Between Files 1 and 2 |
|
---|---|---|
Text Blocks | Lines | |
Unchanged | 4 | 1226 |
Changed | 3 | 6 |
Inserted | 0 | 0 |
Removed | 0 | 0 |
Whitespace | |
---|---|
Character case | Differences in character case are significant |
Line endings | Differences in line endings (CR and LF characters) are ignored |
CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
1 | /* | |
2 | * Copyrig ht (c) 200 0, 2013, O racle and/ or its aff iliates. A ll rights reserved. | |
3 | * DO NOT ALTER OR R EMOVE COPY RIGHT NOTI CES OR THI S FILE HEA DER. | |
4 | * | |
5 | * This co de is free software; you can r edistribut e it and/o r modify i t | |
6 | * under t he terms o f the GNU General Pu blic Licen se version 2 only, a s | |
7 | * publish ed by the Free Softw are Founda tion. Ora cle design ates this | |
8 | * particu lar file a s subject to the "Cl asspath" e xception a s provided | |
9 | * by Orac le in the LICENSE fi le that ac companied this code. | |
10 | * | |
11 | * This co de is dist ributed in the hope that it wi ll be usef ul, but WI THOUT | |
12 | * ANY WAR RANTY; wit hout even the implie d warranty of MERCHA NTABILITY or | |
13 | * FITNESS FOR A PAR TICULAR PU RPOSE. Se e the GNU General Pu blic Licen se | |
14 | * version 2 for mor e details (a copy is included in the LIC ENSE file that | |
15 | * accompa nied this code). | |
16 | * | |
17 | * You sho uld have r eceived a copy of th e GNU Gene ral Public License v ersion | |
18 | * 2 along with this work; if not, write to the Fr ee Softwar e Foundati on, | |
19 | * Inc., 5 1 Franklin St, Fifth Floor, Bo ston, MA 0 2110-1301 USA. | |
20 | * | |
21 | * Please contact Or acle, 500 Oracle Par kway, Redw ood Shores , CA 94065 USA | |
22 | * or visi t www.orac le.com if you need a dditional informatio n or have any | |
23 | * questio ns. | |
24 | */ | |
25 | ||
26 | package ja vax.securi ty.auth.ke rberos; | |
27 | ||
28 | import jav a.util.*; | |
29 | import jav a.security .Permissio n; | |
30 | import jav a.security .Permissio nCollectio n; | |
31 | import jav a.io.Objec tStreamFie ld; | |
32 | import jav a.io.Objec tOutputStr eam; | |
33 | import jav a.io.Objec tInputStre am; | |
34 | import jav a.io.IOExc eption; | |
35 | ||
36 | /** | |
37 | * This cl ass is use d to prote ct Kerbero s services and the | |
38 | * credent ials neces sary to ac cess those services. There is a one to | |
39 | * one map ping of a service pr incipal an d the cred entials ne cessary | |
40 | * to acce ss the ser vice. Ther efore gran ting acces s to a ser vice | |
41 | * princip al implici tly grants access to the crede ntial nece ssary to | |
42 | * establi sh a secur ity contex t with the service p rincipal. This | |
43 | * applies regardles s of wheth er the cre dentials a re in a ca che | |
44 | * or acqu ired via a n exchange with the KDC. The c redential can | |
45 | * be eith er a ticke t granting ticket, a service t icket or a PW | |
46 | * key fro m a key ta ble. | |
47 | * <p> | |
48 | * A Servi cePermissi on contain s a servic e principa l name and | |
49 | * a list of actions which spe cify the c ontext the credentia l can be | |
50 | * used wi thin. | |
51 | * <p> | |
52 | * The ser vice princ ipal name is the can onical nam e of the | |
53 | * {@code KerberosPr incipal} s upplying t he service , that is | |
54 | * the Ker berosPrinc ipal repre sents a Ke rberos ser vice | |
55 | * princip al. This n ame is tre ated in a case sensi tive manne r. | |
56 | * An aste risk may a ppear by i tself, to signify an y service principal. | |
57 | * <p> | |
58 | * Grantin g this per mission im plies that the calle r can use a cached | |
59 | * credent ial (TGT, service ti cket or PW key) withi n the cont ext | |
60 | * designa ted by the action. I n the case of the TG T, grantin g this | |
61 | * permiss ion also i mplies tha t the TGT can be obt ained by a n | |
62 | * Authent ication Se rvice exch ange. | |
63 | * <p> | |
64 | * The pos sible acti ons are: | |
65 | * | |
66 | * <pre> | |
67 | * init iate - allow the caller to use the cr edential t o | |
68 | * initiate a security context wi th a servi ce | |
69 | * principal. | |
70 | * | |
71 | * acce pt - allow the caller to use the cr edential t o | |
72 | * accept sec urity cont ext as a p articular | |
73 | * principal. | |
74 | * </pre> | |
75 | * | |
76 | * For exa mple, to s pecify the permissio n to acces s to the T GT to | |
77 | * initiat e a securi ty context the permi ssion is c onstructed as follow s: | |
78 | * | |
79 | * <pre> | |
80 | * Ser vicePermis sion("krbt gt/EXAMPLE .COM@EXAMP LE.COM", " initiate") ; | |
81 | * </pre> | |
82 | * <p> | |
83 | * To obta in a servi ce ticket to initiat e a contex t with the "host" | |
84 | * service the permi ssion is c onstructed as follow s: | |
85 | * <pre> | |
86 | * Ser vicePermis sion("host /foo.examp le.com@EXA MPLE.COM", "initiate "); | |
87 | * </pre> | |
88 | * <p> | |
89 | * For a K erberized server the action is "accept". For examp le, the pe rmission | |
90 | * necessa ry to acce ss and use the PW key of the Kerberized "host" | |
91 | * service (telnet a nd the lik es) would be constr ucted as f ollows: | |
92 | * | |
93 | * <pre> | |
94 | * Ser vicePermis sion("host /foo.examp le.com@EXA MPLE.COM", "accept") ; | |
95 | * </pre> | |
96 | * | |
97 | * @since 1.4 | |
98 | */ | |
99 | ||
100 | public fin al class S ervicePerm ission ext ends Permi ssion | |
101 | implem ents java. io.Seriali zable { | |
102 | ||
103 | privat e static f inal long serialVers ionUID = - 1227585031 618624935L ; | |
104 | ||
105 | /** | |
106 | * Ini tiate a se curity con text to th e specifie d service | |
107 | */ | |
108 | privat e final st atic int I NITIATE = 0x1; | |
109 | ||
110 | /** | |
111 | * Acc ept a secu rity conte xt | |
112 | */ | |
113 | privat e final st atic int A CCEPT = 0x2; | |
114 | ||
115 | /** | |
116 | * All actions | |
117 | */ | |
118 | privat e final st atic int A LL = INITIATE |ACCEPT; | |
119 | ||
120 | /** | |
121 | * No actions. | |
122 | */ | |
123 | privat e final st atic int N ONE = 0 x0; | |
124 | ||
125 | // the actions m ask | |
126 | privat e transien t int mask ; | |
127 | ||
128 | /** | |
129 | * the actions s tring. | |
130 | * | |
131 | * @se rial | |
132 | */ | |
133 | ||
134 | privat e String a ctions; // Left null as long a s possible , then | |
135 | // created a nd re-used in the ge tAction fu nction. | |
136 | ||
137 | /** | |
138 | * Cre ate a new {@code Ser vicePermis sion} | |
139 | * wit h the spec ified {@co de service Principal} | |
140 | * and {@code ac tion}. | |
141 | * | |
142 | * @pa ram servic ePrincipal the name of the ser vice princ ipal. | |
143 | * An asterisk m ay appear by itself, to signif y any serv ice princi pal. | |
144 | * <p> | |
145 | * @pa ram action the actio n string | |
146 | */ | |
147 | public ServicePe rmission(S tring serv icePrincip al, String action) { | |
148 | // Note: ser vicePrinci pal can be "@REALM" which mean s any prin cipal in | |
149 | // this real m implies it. action can be "- " which me ans any | |
150 | // action im plies it. | |
151 | su per(servic ePrincipal ); | |
152 | in it(service Principal, getMask(a ction)); | |
153 | } | |
154 | ||
155 | ||
156 | /** | |
157 | * Ini tialize th e ServiceP ermission object. | |
158 | */ | |
159 | privat e void ini t(String s ervicePrin cipal, int mask) { | |
160 | ||
161 | if (serviceP rincipal = = null) | |
162 | thro w new Null PointerExc eption("se rvice prin cipal can' t be null" ); | |
163 | ||
164 | if ((mask & ALL) != ma sk) | |
165 | throw ne w IllegalA rgumentExc eption("in valid acti ons mask") ; | |
166 | ||
167 | th is.mask = mask; | |
168 | } | |
169 | ||
170 | ||
171 | /** | |
172 | * Che cks if thi s Kerberos service p ermission object "im plies" the | |
173 | * spe cified per mission. | |
174 | * <P> | |
175 | * If none of th e above ar e true, {@ code impli es} return s false. | |
176 | * @pa ram p the permission to check against. | |
177 | * | |
178 | * @re turn true if the spe cified per mission is implied b y this obj ect, | |
179 | * fal se if not. | |
180 | */ | |
181 | public boolean i mplies(Per mission p) { | |
182 | if (!(p inst anceof Ser vicePermis sion)) | |
183 | return f alse; | |
184 | ||
185 | Se rvicePermi ssion that = (Servic ePermissio n) p; | |
186 | ||
187 | re turn ((thi s.mask & t hat.mask) == that.ma sk) && | |
188 | impliesI gnoreMask( that); | |
189 | } | |
190 | ||
191 | ||
192 | boolea n impliesI gnoreMask( ServicePer mission p) { | |
193 | re turn ((thi s.getName( ).equals(" *")) || | |
194 | this .getName() .equals(p. getName()) || | |
195 | (p.g etName().s tartsWith( "@") && | |
196 | this.g etName().e ndsWith(p. getName()) )); | |
197 | } | |
198 | ||
199 | /** | |
200 | * Che cks two Se rvicePermi ssion obje cts for eq uality. | |
201 | * <P> | |
202 | * @pa ram obj th e object t o test for equality with this object. | |
203 | * | |
204 | * @re turn true if <i>obj< /i> is a S ervicePerm ission, an d has the | |
205 | * sa me service principal , and acti ons as thi s | |
206 | * Ser vicePermis sion objec t. | |
207 | */ | |
208 | public boolean e quals(Obje ct obj) { | |
209 | if (obj == t his) | |
210 | return t rue; | |
211 | ||
212 | if (! (obj i nstanceof ServicePer mission)) | |
213 | return f alse; | |
214 | ||
215 | Se rvicePermi ssion that = (Servic ePermissio n) obj; | |
216 | re turn ((thi s.mask & t hat.mask) == that.ma sk) && | |
217 | this.get Name().equ als(that.g etName()); | |
218 | ||
219 | ||
220 | } | |
221 | ||
222 | /** | |
223 | * Ret urns the h ash code v alue for t his object . | |
224 | * | |
225 | * @re turn a has h code val ue for thi s object. | |
226 | */ | |
227 | ||
228 | public int hashC ode() { | |
229 | re turn (getN ame().hash Code() ^ m ask); | |
230 | } | |
231 | ||
232 | ||
233 | /** | |
234 | * Ret urns the " canonical string rep resentatio n" of the actions in the | |
235 | * spe cified mas k. | |
236 | * Alw ays return s present actions in the follo wing order : | |
237 | * ini tiate, acc ept. | |
238 | * | |
239 | * @pa ram mask a specific integer ac tion mask to transla te into a string | |
240 | * @re turn the c anonical s tring repr esentation of the ac tions | |
241 | */ | |
242 | privat e static S tring getA ctions(int mask) | |
243 | { | |
244 | St ringBuilde r sb = new StringBui lder(); | |
245 | bo olean comm a = false; | |
246 | ||
247 | if ((mask & INITIATE) == INITIAT E) { | |
248 | if (comm a) sb.appe nd(','); | |
249 | else com ma = true; | |
250 | sb.appen d("initiat e"); | |
251 | } | |
252 | ||
253 | if ((mask & ACCEPT) == ACCEPT) { | |
254 | if (comm a) sb.appe nd(','); | |
255 | else com ma = true; | |
256 | sb.appen d("accept" ); | |
257 | } | |
258 | ||
259 | re turn sb.to String(); | |
260 | } | |
261 | ||
262 | /** | |
263 | * Ret urns the c anonical s tring repr esentation of the ac tions. | |
264 | * Alw ays return s present actions in the follo wing order : | |
265 | * ini tiate, acc ept. | |
266 | */ | |
267 | public String ge tActions() { | |
268 | if (actions == null) | |
269 | actions = getActio ns(this.ma sk); | |
270 | ||
271 | re turn actio ns; | |
272 | } | |
273 | ||
274 | ||
275 | /** | |
276 | * Ret urns a Per missionCol lection ob ject for s toring | |
277 | * Ser vicePermis sion objec ts. | |
278 | * <br > | |
279 | * Ser vicePermis sion objec ts must be stored in a manner that | |
280 | * all ows them t o be inser ted into t he collect ion in any order, bu t | |
281 | * tha t also ena bles the P ermissionC ollection implies me thod to | |
282 | * be implemente d in an ef ficient (a nd consist ent) manne r. | |
283 | * | |
284 | * @re turn a new Permissio nCollectio n object s uitable fo r storing | |
285 | * Ser vicePermis sions. | |
286 | */ | |
287 | public Permissio nCollectio n newPermi ssionColle ction() { | |
288 | re turn new K rbServiceP ermissionC ollection( ); | |
289 | } | |
290 | ||
291 | /** | |
292 | * Ret urn the cu rrent acti on mask. | |
293 | * | |
294 | * @re turn the a ctions mas k. | |
295 | */ | |
296 | int ge tMask() { | |
297 | re turn mask; | |
298 | } | |
299 | ||
300 | /** | |
301 | * Con vert an ac tion strin g to an in teger acti ons mask. | |
302 | * | |
303 | * Not e: if acti on is "-", action wi ll be NONE , which me ans any | |
304 | * act ion implie s it. | |
305 | * | |
306 | * @pa ram action the actio n string. | |
307 | * @re turn the a ction mask | |
308 | */ | |
309 | privat e static i nt getMask (String ac tion) { | |
310 | ||
311 | if (action = = null) { | |
312 | throw ne w NullPoin terExcepti on("action can't be null"); | |
313 | } | |
314 | ||
315 | if (action.e quals("")) { | |
316 | throw ne w IllegalA rgumentExc eption("ac tion can't be empty" ); | |
317 | } | |
318 | ||
319 | in t mask = N ONE; | |
320 | ||
321 | ch ar[] a = a ction.toCh arArray(); | |
322 | ||
323 | if (a.length == 1 && a [0] == '-' ) { | |
324 | return m ask; | |
325 | } | |
326 | ||
327 | in t i = a.le ngth - 1; | |
328 | ||
329 | wh ile (i != -1) { | |
330 | char c; | |
331 | ||
332 | // skip whitespace | |
333 | while (( i!=-1) && ((c = a[i] ) == ' ' | | | |
334 | c == '\r' || | |
335 | c == '\n' || | |
336 | c == '\f' || | |
337 | c == '\t' )) | |
338 | i--; | |
339 | ||
340 | // check for the k nown strin gs | |
341 | int matc hlen; | |
342 | ||
343 | if (i >= 7 && (a[i -7] == 'i' || a[i-7] == 'I') & & | |
344 | (a[i -6] == 'n' || a[i-6] == 'N') & & | |
345 | (a[i -5] == 'i' || a[i-5] == 'I') & & | |
346 | (a[i -4] == 't' || a[i-4] == 'T') & & | |
347 | (a[i -3] == 'i' || a[i-3] == 'I') & & | |
348 | (a[i -2] == 'a' || a[i-2] == 'A') & & | |
349 | (a[i -1] == 't' || a[i-1] == 'T') & & | |
350 | (a[i ] == 'e' | | a[i] == 'E')) | |
351 | { | |
352 | matc hlen = 8; | |
353 | mask |= INITIA TE; | |
354 | ||
355 | } else i f (i >= 5 && (a[i-5] == 'a' || a[i-5] == 'A') && | |
356 | (a[i-4] == 'c' || a[i-4] == 'C') && | |
357 | (a[i-3] == 'c' || a[i-3] == 'C') && | |
358 | (a[i-2] == 'e' || a[i-2] == 'E') && | |
359 | (a[i-1] == 'p' || a[i-1] == 'P') && | |
360 | (a[i] = = 't' || a [i] == 'T' )) | |
361 | { | |
362 | matc hlen = 6; | |
363 | mask |= ACCEPT ; | |
364 | ||
365 | } else { | |
366 | // p arse error | |
367 | thro w new Ille galArgumen tException ( | |
368 | "inval id permiss ion: " + a ction); | |
369 | } | |
370 | ||
371 | // make sure we di dn't just match the tail of a word | |
372 | // like "ackbarfac cept". Al so, skip t o the comm a. | |
373 | boolean seencomma = false; | |
374 | while (i >= matchl en && !see ncomma) { | |
375 | swit ch(a[i-mat chlen]) { | |
376 | case ',': | |
377 | seencomma = true; | |
378 | break; | |
379 | case ' ': case '\r': cas e '\n': | |
380 | case '\f': cas e '\t': | |
381 | break; | |
382 | defa ult: | |
383 | throw new IllegalArg umentExcep tion( | |
384 | "i nvalid per mission: " + action) ; | |
385 | } | |
386 | i--; | |
387 | } | |
388 | ||
389 | // point i at the location o f the comm a minus on e (or -1). | |
390 | i -= mat chlen; | |
391 | } | |
392 | ||
393 | re turn mask; | |
394 | } | |
395 | ||
396 | ||
397 | /** | |
398 | * Wri teObject i s called t o save the state of the Servic ePermissio n | |
399 | * to a stream. The action s are seri alized, an d the supe rclass | |
400 | * tak es care of the name. | |
401 | */ | |
402 | privat e void wri teObject(j ava.io.Obj ectOutputS tream s) | |
403 | th rows IOExc eption | |
404 | { | |
405 | // Write out the actio ns. The su perclass t akes care of the nam e | |
406 | // call getA ctions to make sure actions fi eld is ini tialized | |
407 | if (actions == null) | |
408 | getActio ns(); | |
409 | s. defaultWri teObject() ; | |
410 | } | |
411 | ||
412 | /** | |
413 | * rea dObject is called to restore t he state o f the | |
414 | * Ser vicePermis sion from a stream. | |
415 | */ | |
416 | privat e void rea dObject(ja va.io.Obje ctInputStr eam s) | |
417 | t hrows IOEx ception, C lassNotFou ndExceptio n | |
418 | { | |
419 | // Read in t he action, then init ialize the rest | |
420 | s. defaultRea dObject(); | |
421 | in it(getName (),getMask (actions)) ; | |
422 | } | |
423 | ||
424 | ||
425 | /* | |
426 | publ ic static void main( String arg s[]) throw s Exceptio n { | |
427 | Serv icePermiss ion this_ = | |
428 | new ServicePer mission(ar gs[0], "ac cept"); | |
429 | Serv icePermiss ion that_ = | |
430 | new ServicePer mission(ar gs[1], "ac cept,initi ate"); | |
431 | Syst em.out.pri ntln("---- -\n"); | |
432 | Syst em.out.pri ntln("this .implies(t hat) = " + this_.imp lies(that_ )); | |
433 | Syst em.out.pri ntln("---- -\n"); | |
434 | Syst em.out.pri ntln("this = "+this_ ); | |
435 | Syst em.out.pri ntln("---- -\n"); | |
436 | Syst em.out.pri ntln("that = "+that_ ); | |
437 | Syst em.out.pri ntln("---- -\n"); | |
438 | ||
439 | KrbS ervicePerm issionColl ection nps = | |
440 | new KrbService Permission Collection (); | |
441 | nps. add(this_) ; | |
442 | nps. add(new Se rvicePermi ssion("nfs /example.c om@EXAMPLE .COM", | |
443 | "acc ept")); | |
444 | nps. add(new Se rvicePermi ssion("hos t/example. com@EXAMPL E.COM", | |
445 | "ini tiate")); | |
446 | Syst em.out.pri ntln("nps. implies(th at) = " + nps.implie s(that_)); | |
447 | Syst em.out.pri ntln("---- -\n"); | |
448 | ||
449 | Enum eration e = nps.elem ents(); | |
450 | ||
451 | whil e (e.hasMo reElements ()) { | |
452 | Serv icePermiss ion x = | |
453 | (Ser vicePermis sion) e.ne xtElement( ); | |
454 | Syst em.out.pri ntln("nps. e = " + x) ; | |
455 | } | |
456 | ||
457 | } | |
458 | */ | |
459 | ||
460 | } | |
461 | ||
462 | ||
463 | final clas s KrbServi cePermissi onCollecti on extends Permissio nCollectio n | |
464 | implem ents java. io.Seriali zable { | |
465 | ||
466 | // Not serialize d; see ser ialization section a t end of c lass | |
467 | privat e transien t List<Per mission> p erms; | |
468 | ||
469 | public KrbServic ePermissio nCollectio n() { | |
470 | pe rms = new ArrayList< Permission >(); | |
471 | } | |
472 | ||
473 | /** | |
474 | * Che ck and see if this c ollection of permiss ions impli es the per missions | |
475 | * exp ressed in "permissio n". | |
476 | * | |
477 | * @pa ram permis sion the P ermission object to compare | |
478 | * | |
479 | * @re turn true if "permis sion" is a proper su bset of a permission in | |
480 | * the collectio n, false i f not. | |
481 | */ | |
482 | public boolean i mplies(Per mission pe rmission) { | |
483 | if (! (permi ssion inst anceof Ser vicePermis sion)) | |
484 | retu rn false; | |
485 | ||
486 | Se rvicePermi ssion np = (ServiceP ermission) permissio n; | |
487 | in t desired = np.getMa sk(); | |
488 | ||
489 | if (desired == 0) { | |
490 | for (Per mission p: perms) { | |
491 | Serv icePermiss ion sp = ( ServicePer mission)p; | |
492 | if ( sp.implies IgnoreMask (np)) { | |
493 | return tru e; | |
494 | } | |
495 | } | |
496 | return f alse; | |
497 | } | |
498 | ||
499 | in t effectiv e = 0; | |
500 | in t needed = desired; | |
501 | ||
502 | sy nchronized (this) { | |
503 | int len = perms.si ze(); | |
504 | ||
505 | // need to deal wi th the cas e where th e needed p ermission has | |
506 | // more than one a ction and the collec tion has i ndividual permission s | |
507 | // that sum up to the needed . | |
508 | ||
509 | for (int i = 0; i < len; i++ ) { | |
510 | Serv icePermiss ion x = (S ervicePerm ission) pe rms.get(i) ; | |
511 | ||
512 | //Sy stem.out.p rintln(" trying "+x ); | |
513 | if ( ((needed & x.getMask ()) != 0) && x.impli esIgnoreMa sk(np)) { | |
514 | effective |= x.getM ask(); | |
515 | if ((effec tive & des ired) == d esired) | |
516 | return true; | |
517 | needed = ( desired ^ effective) ; | |
518 | } | |
519 | } | |
520 | } | |
521 | re turn false ; | |
522 | } | |
523 | ||
524 | /** | |
525 | * Add s a permis sion to th e ServiceP ermissions . The key for | |
526 | * the hash is t he name. | |
527 | * | |
528 | * @pa ram permis sion the P ermission object to add. | |
529 | * | |
530 | * @ex ception Il legalArgum entExcepti on - if th e permissi on is not a | |
531 | * Servi cePermissi on | |
532 | * | |
533 | * @ex ception Se curityExce ption - if this Perm issionColl ection obj ect | |
534 | * ha s been mar ked readon ly | |
535 | */ | |
536 | public void add( Permission permissio n) { | |
537 | if (! (permi ssion inst anceof Ser vicePermis sion)) | |
538 | throw ne w IllegalA rgumentExc eption("in valid perm ission: "+ | |
539 | per mission); | |
540 | if (isReadOn ly()) | |
541 | throw ne w Security Exception( "attempt t o add a Pe rmission t o a readon ly Permiss ionCollect ion"); | |
542 | ||
543 | sy nchronized (this) { | |
544 | perms.ad d(0, permi ssion); | |
545 | } | |
546 | } | |
547 | ||
548 | /** | |
549 | * Ret urns an en umeration of all the ServicePe rmission o bjects | |
550 | * in the contai ner. | |
551 | * | |
552 | * @re turn an en umeration of all the ServicePe rmission o bjects. | |
553 | */ | |
554 | ||
555 | public Enumerati on<Permiss ion> eleme nts() { | |
556 | // Convert I terator in to Enumera tion | |
557 | sy nchronized (this) { | |
558 | return C ollections .enumerati on(perms); | |
559 | } | |
560 | } | |
561 | ||
562 | privat e static f inal long serialVers ionUID = - 4118834211 490102011L ; | |
563 | ||
564 | // Nee d to maint ain serial ization in teroperabi lity with earlier re leases, | |
565 | // whi ch had the serializa ble field: | |
566 | // pri vate Vecto r permissi ons; | |
567 | ||
568 | /** | |
569 | * @se rialField permission s java.uti l.Vector | |
570 | * A list of ServicePe rmission o bjects. | |
571 | */ | |
572 | privat e static f inal Objec tStreamFie ld[] seria lPersisten tFields = { | |
573 | ne w ObjectSt reamField( "permissio ns", Vecto r.class), | |
574 | }; | |
575 | ||
576 | /** | |
577 | * @se rialData " permission s" field ( a Vector c ontaining the Servic ePermissio ns). | |
578 | */ | |
579 | /* | |
580 | * Wri tes the co ntents of the perms field out as a Vecto r for | |
581 | * ser ialization compatibi lity with earlier re leases. | |
582 | */ | |
583 | privat e void wri teObject(O bjectOutpu tStream ou t) throws IOExceptio n { | |
584 | // Don't cal l out.defa ultWriteOb ject() | |
585 | ||
586 | // Write out Vector | |
587 | Ve ctor<Permi ssion> per missions = new Vecto r<>(perms. size()); | |
588 | ||
589 | sy nchronized (this) { | |
590 | permissi ons.addAll (perms); | |
591 | } | |
592 | ||
593 | Ob jectOutput Stream.Put Field pfie lds = out. putFields( ); | |
594 | pf ields.put( "permissio ns", permi ssions); | |
595 | ou t.writeFie lds(); | |
596 | } | |
597 | ||
598 | /* | |
599 | * Rea ds in a Ve ctor of Se rvicePermi ssions and saves the m in the p erms field . | |
600 | */ | |
601 | @Suppr essWarning s("uncheck ed") | |
602 | privat e void rea dObject(Ob jectInputS tream in) | |
603 | th rows IOExc eption, Cl assNotFoun dException | |
604 | { | |
605 | // Don't cal l defaultR eadObject( ) | |
606 | ||
607 | // Read in s erialized fields | |
608 | Ob jectInputS tream.GetF ield gfiel ds = in.re adFields() ; | |
609 | ||
610 | // Get the o ne we want | |
611 | Ve ctor<Permi ssion> per missions = | |
612 | (Vec tor<Permis sion>)gfie lds.get("p ermissions ", null); | |
613 | pe rms = new ArrayList< Permission >(permissi ons.size() ); | |
614 | pe rms.addAll (permissio ns); | |
615 | } | |
616 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.