/portal-impl/src/com/liferay/portal/security/pacl/checker/NetChecker.java

https://github.com/lululiferay/liferay-portal · Java · 92 lines · 51 code · 24 blank · 17 comment · 9 complexity · 14c95d37afc270c894c927b41f2f5665 MD5 · raw file 

    

  1. /**
    2. 

  2.  * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
    3. 

  3.  *
    4. 

  4.  * This library is free software; you can redistribute it and/or modify it under
    5. 

  5.  * the terms of the GNU Lesser General Public License as published by the Free
    6. 

  6.  * Software Foundation; either version 2.1 of the License, or (at your option)
    7. 

  7.  * any later version.
    8. 

  8.  *
    9. 

  9.  * This library is distributed in the hope that it will be useful, but WITHOUT
    10. 

  10.  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
    11. 

  11.  * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
    12. 

  12.  * details.
    13. 

  13.  */
    14. 

  14. 

  15. package com.liferay.portal.security.pacl.checker;
    16. 

  16. 

  17. import com.liferay.portal.kernel.log.Log;
    18. 

  18. import com.liferay.portal.kernel.log.LogFactoryUtil;
    19. 

  19. import com.liferay.portal.kernel.util.JavaDetector;
    20. 

  20. 

  21. import java.security.Permission;
    22. 

  22. 

  23. import sun.reflect.Reflection;
    24. 

  24. 

  25. /**
    26. 

  26.  * @author Brian Wing Shun Chan
    27. 

  27.  */
    28. 

  28. public class NetChecker extends BaseChecker {
    29. 

  29. 

  30. 	public void afterPropertiesSet() {
    31. 

  31. 	}
    32. 

  32. 

  33. 	public void checkPermission(Permission permission) {
    34. 

  34. 		String name = permission.getName();
    35. 

  35. 

  36. 		if (name.equals(NET_PERMISSION_GET_PROXY_SELECTOR)) {
    37. 

  37. 			if (!hasGetProxySelector()) {
    38. 

  38. 				throwSecurityException(_log, "Attempted to get proxy selector");
    39. 

  39. 			}
    40. 

  40. 		}
    41. 

  41. 		else if (name.equals(NET_PERMISSION_SPECIFY_STREAM_HANDLER)) {
    42. 

  42. 

  43. 			// TODO
    44. 

  44. 

  45. 		}
    46. 

  46. 	}
    47. 

  47. 

  48. 	protected boolean hasGetProxySelector() {
    49. 

  49. 		if (JavaDetector.isJDK7()) {
    50. 

  50. 			Class<?> callerClass8 = Reflection.getCallerClass(8);
    51. 

  51. 

  52. 			String className8 = callerClass8.getName();
    53. 

  53. 

  54. 			if (className8.startsWith(_CLASS_NAME_SOCKS_SOCKET_IMPL) &&
    55. 

  55. 				CheckerUtil.isAccessControllerDoPrivileged(9)) {
    56. 

  56. 

  57. 				logGetProxySelector(callerClass8, 8);
    58. 

  58. 

  59. 				return true;
    60. 

  60. 			}
    61. 

  61. 		}
    62. 

  62. 		else {
    63. 

  63. 			Class<?> callerClass7 = Reflection.getCallerClass(7);
    64. 

  64. 

  65. 			String className7 = callerClass7.getName();
    66. 

  66. 

  67. 			if (className7.startsWith(_CLASS_NAME_SOCKS_SOCKET_IMPL) &&
    68. 

  68. 				CheckerUtil.isAccessControllerDoPrivileged(8)) {
    69. 

  69. 

  70. 				logGetProxySelector(callerClass7, 7);
    71. 

  71. 

  72. 				return true;
    73. 

  73. 			}
    74. 

  74. 		}
    75. 

  75. 

  76. 		return false;
    77. 

  77. 	}
    78. 

  78. 

  79. 	protected void logGetProxySelector(Class<?> callerClass, int frame) {
    80. 

  80. 		if (_log.isInfoEnabled()) {
    81. 

  81. 			_log.info(
    82. 

  82. 				"Allowing frame " + frame + " with caller " + callerClass +
    83. 

  83. 					" to get the proxy selector");
    84. 

  84. 		}
    85. 

  85. 	}
    86. 

  86. 

  87. 	private static final String _CLASS_NAME_SOCKS_SOCKET_IMPL =
    88. 

  88. 		"java.net.SocksSocketImpl$";
    89. 

  89. 

  90. 	private static Log _log = LogFactoryUtil.getLog(NetChecker.class);
    91. 

  91. 

  92. }
    93.