Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/javax/security/auth/Policy.java
changeset 7291 9fefa2786251
parent 7179 4afb81e50183
child 14775 2ed01c760aea 
--- a/jdk/src/share/classes/javax/security/auth/Policy.java	Mon Nov 15 15:11:04 2010 +0000
+++ b/jdk/src/share/classes/javax/security/auth/Policy.java	Mon Nov 22 10:16:07 2010 -0500
@@ -25,6 +25,9 @@
 
 package javax.security.auth;
 
+import java.security.Security;
+import sun.security.util.Debug;
+
 /**
  * <p> This is an abstract class for representing the system policy for
  * Subject-based authorization.  A subclass implementation
@@ -159,6 +162,10 @@
     private static Policy policy;
     private static ClassLoader contextClassLoader;
 
+    // true if a custom (not com.sun.security.auth.PolicyFile) system-wide
+    // policy object is set
+    private static boolean isCustomPolicy;
+
     static {
         contextClassLoader = java.security.AccessController.doPrivileged
                 (new java.security.PrivilegedAction<ClassLoader>() {
@@ -234,6 +241,8 @@
                                         contextClassLoader).newInstance();
                             }
                         });
+                        isCustomPolicy =
+                            !finalClass.equals("com.sun.security.auth.PolicyFile");
                     } catch (Exception e) {
                         throw new SecurityException
                                 (sun.security.util.ResourcesMgr.getString
@@ -265,6 +274,46 @@
         java.lang.SecurityManager sm = System.getSecurityManager();
         if (sm != null) sm.checkPermission(new AuthPermission("setPolicy"));
         Policy.policy = policy;
+        // all non-null policy objects are assumed to be custom
+        isCustomPolicy = policy != null ? true : false;
+    }
+
+    /**
+     * Returns true if a custom (not com.sun.security.auth.PolicyFile)
+     * system-wide policy object has been set or installed. This method is
+     * called by SubjectDomainCombiner to provide backwards compatibility for
+     * developers that provide their own javax.security.auth.Policy
+     * implementations.
+     *
+     * @return true if a custom (not com.sun.security.auth.PolicyFile)
+     * system-wide policy object has been set; false otherwise
+     */
+    static boolean isCustomPolicySet(Debug debug) {
+        if (policy != null) {
+            if (debug != null && isCustomPolicy) {
+                debug.println("Providing backwards compatibility for " +
+                              "javax.security.auth.policy implementation: " +
+                              policy.toString());
+            }
+            return isCustomPolicy;
+        }
+        // check if custom policy has been set using auth.policy.provider prop
+        String policyClass = java.security.AccessController.doPrivileged
+            (new java.security.PrivilegedAction<String>() {
+                public String run() {
+                    return Security.getProperty("auth.policy.provider");
+                }
+        });
+        if (policyClass != null
+            && !policyClass.equals("com.sun.security.auth.PolicyFile")) {
+            if (debug != null) {
+                debug.println("Providing backwards compatibility for " +
+                              "javax.security.auth.policy implementation: " +
+                              policyClass);
+            }
+            return true;
+        }
+        return false;
     }
 
     /**
jdk-sandbox