List of usage examples for java.net SocketPermission getName
public final String getName()
From source file:org.pepstock.jem.ant.tasks.AntBatchSecurityManager.java
@Override public void checkPermission(Permission perm) { // checks if someone add a security manager if (perm instanceof RuntimePermission && "setSecurityManager".equalsIgnoreCase(perm.getName())) { if (!isAllowedSetSecurityManager()) { LogAppl.getInstance().emit(NodeMessage.JEMC274E); throw new SecurityException(NodeMessage.JEMC274E.toMessage().getMessage()); }//ww w . java 2 s . c o m return; } // this check is necessary to avoid that someone // set jem properties, accessing outside of GFS if (perm instanceof PropertyPermission && "write".equalsIgnoreCase(perm.getActions()) && perm.getName().startsWith("jem")) { LogAppl.getInstance().emit(NodeMessage.JEMC127E); throw new SecurityException(NodeMessage.JEMC127E.toMessage().getMessage()); } // checks is administrator. if true return. if (isAdministrator() || isInternalAction()) { return; } // checks the file access // calling the right method, in according // with the action of permission if (perm instanceof FilePermission) { if ("read".equalsIgnoreCase(perm.getActions())) { checkRead(perm.getName()); } else if ("write".equalsIgnoreCase(perm.getActions())) { checkWrite(perm.getName()); } else if ("delete".equalsIgnoreCase(perm.getActions())) { checkDelete(perm.getName()); } else { checkRead(perm.getName()); } } else if (perm instanceof SocketPermission) { // checks the RMI access. // checks to RMI is not allowed if you're not a admin SocketPermission sperm = (SocketPermission) perm; int port = Parser.parseInt(StringUtils.substringAfter(sperm.getName(), ":"), Integer.MAX_VALUE); int portRmi = Parser.parseInt(System.getProperty(RmiKeys.JEM_RMI_PORT), Integer.MIN_VALUE); // if is going to RMI port and // is not executing JEM code and is not grantor if (port == portRmi && !isInternalAction() && !isGrantor()) { // extracts host name String hostname = StringUtils.substringBefore(sperm.getName(), ":"); try { // gets hostname and localhost String resolved = InetAddress.getByName(hostname).getHostAddress(); String localhost = InetAddress.getLocalHost().getHostAddress(); // if they are equals and the user // desn't have the internal service permission // EXCEPTION!! if (resolved.equalsIgnoreCase(localhost) && !checkBatchPermission(Permissions.INTERNAL_SERVICES)) { LogAppl.getInstance().emit(NodeMessage.JEMC128E); throw new SecurityException(NodeMessage.JEMC128E.toMessage().getMessage()); } } catch (UnknownHostException e) { // if there is an error on resolving the hostname LogAppl.getInstance().emit(NodeMessage.JEMC128E); throw new SecurityException(NodeMessage.JEMC128E.toMessage().getMessage(), e); } } } }
From source file:org.pepstock.jem.jbpm.tasks.JBpmBatchSecurityManager.java
@Override public void checkPermission(Permission perm) { // checks if someone add a security manager // if yes, exception if (perm instanceof RuntimePermission && "setSecurityManager".equalsIgnoreCase(perm.getName())) { LogAppl.getInstance().emit(NodeMessage.JEMC274E); throw new SecurityException(NodeMessage.JEMC274E.toMessage().getMessage()); }// ww w.ja va 2 s . c om // this check is necessary to avoid that someone // set jem properties, accessing outside of GFS if (perm instanceof PropertyPermission && "write".equalsIgnoreCase(perm.getActions()) && perm.getName().startsWith("jem")) { LogAppl.getInstance().emit(NodeMessage.JEMC127E); throw new SecurityException(NodeMessage.JEMC127E.toMessage().getMessage()); } // checks is administrator. if true return. // checks if we are inside a code no custom but of JEM // necessary to be executed (internalAction) if (isAdministrator() || isInternalAction()) { return; } // checks the file access if (perm instanceof FilePermission) { if ("read".equalsIgnoreCase(perm.getActions())) { checkRead(perm.getName()); } else if ("write".equalsIgnoreCase(perm.getActions())) { checkWrite(perm.getName()); } else if ("delete".equalsIgnoreCase(perm.getActions())) { checkDelete(perm.getName()); } else { checkRead(perm.getName()); } } else if (perm instanceof SocketPermission) { // checks the RMI access. // accessing to RMI locally, you could creates some inconsistent situation // for JEM and this is not secured // checks to RMI is not allowed if you're not a admin SocketPermission sperm = (SocketPermission) perm; int port = Parser.parseInt(StringUtils.substringAfter(sperm.getName(), ":"), Integer.MAX_VALUE); int portRmi = Parser.parseInt(System.getProperty(RmiKeys.JEM_RMI_PORT), Integer.MIN_VALUE); // checks if it's going to RMI port if (port == portRmi && !isInternalAction() && !isGrantor()) { String hostname = StringUtils.substringBefore(sperm.getName(), ":"); try { String resolved = InetAddress.getByName(hostname).getHostAddress(); String localhost = InetAddress.getLocalHost().getHostAddress(); // if you're accessing to RMI port // and locally, an exception will be launched // if you don't have the INTERNAL services authorization. if (resolved.equalsIgnoreCase(localhost) && !checkBatchPermission(Permissions.INTERNAL_SERVICES)) { LogAppl.getInstance().emit(NodeMessage.JEMC128E); throw new SecurityException(NodeMessage.JEMC128E.toMessage().getMessage()); } } catch (UnknownHostException e) { LogAppl.getInstance().emit(NodeMessage.JEMC128E); throw new SecurityException(NodeMessage.JEMC128E.toMessage().getMessage(), e); } } } }
From source file:org.pepstock.jem.springbatch.tasks.SpringBatchSecurityManager.java
@Override public void checkPermission(Permission perm) { // checks if someone add a security manager if (perm instanceof RuntimePermission && "setSecurityManager".equalsIgnoreCase(perm.getName())) { LogAppl.getInstance().emit(NodeMessage.JEMC274E); throw new SecurityException(NodeMessage.JEMC274E.toMessage().getMessage()); }//from www . ja v a 2s . co m // this check is necessary to avoid that someone // set jem properties, accessing outside of GFS if (perm instanceof PropertyPermission && "write".equalsIgnoreCase(perm.getActions()) && perm.getName().startsWith("jem")) { LogAppl.getInstance().emit(NodeMessage.JEMC127E); throw new SecurityException(NodeMessage.JEMC127E.toMessage().getMessage()); } // checks is administrator. if true return. if (isAdministrator() || isInternalAction()) { return; } // checks the file access // calling the right method, in according // with the action of permission if (perm instanceof FilePermission) { if ("read".equalsIgnoreCase(perm.getActions())) { checkRead(perm.getName()); } else if ("write".equalsIgnoreCase(perm.getActions())) { checkWrite(perm.getName()); } else if ("delete".equalsIgnoreCase(perm.getActions())) { checkDelete(perm.getName()); } else { checkRead(perm.getName()); } } else if (perm instanceof SocketPermission) { // checks the RMI access. // checks to RMI is not allowed if you're not a admin SocketPermission sperm = (SocketPermission) perm; int port = Parser.parseInt(StringUtils.substringAfter(sperm.getName(), ":"), Integer.MAX_VALUE); int portRmi = Parser.parseInt(System.getProperty(RmiKeys.JEM_RMI_PORT), Integer.MIN_VALUE); // if is going to RMI port and // is not executing JEM code and is not grantor if (port == portRmi && !isInternalAction() && !isGrantor()) { // extracts host name String hostname = StringUtils.substringBefore(sperm.getName(), ":"); try { // gets hostname and localhost String resolved = InetAddress.getByName(hostname).getHostAddress(); String localhost = InetAddress.getLocalHost().getHostAddress(); // if they are equals and the user // desn't have the internal service permission // EXCEPTION!! if (resolved.equalsIgnoreCase(localhost) && !checkBatchPermission(Permissions.INTERNAL_SERVICES)) { LogAppl.getInstance().emit(NodeMessage.JEMC128E); throw new SecurityException(NodeMessage.JEMC128E.toMessage().getMessage()); } } catch (UnknownHostException e) { // if there is an error on resolving the hostname LogAppl.getInstance().emit(NodeMessage.JEMC128E); throw new SecurityException(NodeMessage.JEMC128E.toMessage().getMessage(), e); } } } }