예제 #1
1
  /**
   * Load the policies from the specified file. Also checks that the policies are correctly signed.
   */
  private static void loadPolicies(
      File jarPathName, CryptoPermissions defaultPolicy, CryptoPermissions exemptPolicy)
      throws Exception {

    JarFile jf = new JarFile(jarPathName);

    Enumeration<JarEntry> entries = jf.entries();
    while (entries.hasMoreElements()) {
      JarEntry je = entries.nextElement();
      InputStream is = null;
      try {
        if (je.getName().startsWith("default_")) {
          is = jf.getInputStream(je);
          defaultPolicy.load(is);
        } else if (je.getName().startsWith("exempt_")) {
          is = jf.getInputStream(je);
          exemptPolicy.load(is);
        } else {
          continue;
        }
      } finally {
        if (is != null) {
          is.close();
        }
      }

      // Enforce the signer restraint, i.e. signer of JCE framework
      // jar should also be the signer of the two jurisdiction policy
      // jar files.
      JarVerifier.verifyPolicySigned(je.getCertificates());
    }
    // Close and nullify the JarFile reference to help GC.
    jf.close();
    jf = null;
  }
예제 #2
0
  private static void initialize() {
    props = new Properties();
    boolean loadedProps = false;
    boolean overrideAll = false;

    // first load the system properties file
    // to determine the value of security.overridePropertiesFile
    File propFile = securityPropFile("java.security");
    if (propFile.exists()) {
      try {
        FileInputStream fis = new FileInputStream(propFile);
        InputStream is = new BufferedInputStream(fis);
        props.load(is);
        is.close();
        loadedProps = true;

        if (sdebug != null) {
          sdebug.println("reading security properties file: " + propFile);
        }
      } catch (IOException e) {
        if (sdebug != null) {
          sdebug.println("unable to load security properties from " + propFile);
          e.printStackTrace();
        }
      }
    }

    if ("true".equalsIgnoreCase(props.getProperty("security.overridePropertiesFile"))) {

      String extraPropFile = System.getProperty("java.security.properties");
      if (extraPropFile != null && extraPropFile.startsWith("=")) {
        overrideAll = true;
        extraPropFile = extraPropFile.substring(1);
      }

      if (overrideAll) {
        props = new Properties();
        if (sdebug != null) {
          sdebug.println("overriding other security properties files!");
        }
      }

      // now load the user-specified file so its values
      // will win if they conflict with the earlier values
      if (extraPropFile != null) {
        try {
          URL propURL;

          extraPropFile = PropertyExpander.expand(extraPropFile);
          propFile = new File(extraPropFile);
          if (propFile.exists()) {
            propURL = new URL("file:" + propFile.getCanonicalPath());
          } else {
            propURL = new URL(extraPropFile);
          }
          BufferedInputStream bis = new BufferedInputStream(propURL.openStream());
          props.load(bis);
          bis.close();
          loadedProps = true;

          if (sdebug != null) {
            sdebug.println("reading security properties file: " + propURL);
            if (overrideAll) {
              sdebug.println("overriding other security properties files!");
            }
          }
        } catch (Exception e) {
          if (sdebug != null) {
            sdebug.println("unable to load security properties from " + extraPropFile);
            e.printStackTrace();
          }
        }
      }
    }

    if (!loadedProps) {
      initializeStatic();
      if (sdebug != null) {
        sdebug.println("unable to load security properties " + "-- using defaults");
      }
    }
  }