1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.policy;
20
21 import java.io.File;
22 import java.security.KeyStore;
23 import java.security.Principal;
24 import java.security.cert.Certificate;
25 import java.security.cert.X509Certificate;
26 import java.util.HashMap;
27 import java.util.Map;
28
29 public class PolicyContext
30 {
31 private Map<String, String> properties = new HashMap<String, String>();
32
33 private Principal[] principals;
34 private KeyStore keystore;
35
36 public PolicyContext()
37 {
38
39 properties.put( "/", File.separator );
40 }
41
42 public void addProperty( String name, String value )
43 {
44 this.properties.put( name, value );
45 }
46
47 public void setProperties( Map<String,String> properties )
48 {
49 this.properties.putAll( properties );
50 }
51
52 public KeyStore getKeystore()
53 {
54 return keystore;
55 }
56
57 public void setKeystore( KeyStore keystore )
58 {
59 this.keystore = keystore;
60 }
61
62 public Principal[] getPrincipals()
63 {
64 return principals;
65 }
66
67 public void setPrincipals( Principal[] principals )
68 {
69 this.principals = principals;
70 }
71
72 public String evaluate(String s) throws PolicyException
73 {
74 s = processProtocols( s );
75
76 int i1=0;
77 int i2=0;
78
79 while (s!=null)
80 {
81 i1=s.indexOf("${");
82 if (i1<0)
83 {
84 break;
85 }
86
87 i2=s.indexOf("}",i1+2);
88 if (i2<0)
89 {
90 break;
91 }
92
93 String property=getProperty(s.substring(i1+2,i2));
94
95 s=s.substring(0,i1)+property+s.substring(i2+1);
96 }
97
98 return s;
99 }
100
101 private String processProtocols( String s ) throws PolicyException
102 {
103 int i1=0;
104 int i2=0;
105
106 while (s!=null)
107 {
108 i1=s.indexOf("${{");
109 if (i1<0)
110 {
111 break;
112 }
113
114 i2=s.indexOf("}}",i1+2);
115 if (i2<0)
116 {
117 break;
118 }
119
120 String property;
121 String target = s.substring(i1+3,i2);
122
123 if ( target.indexOf( ":" ) >= 0 )
124 {
125 String[] resolve = target.split( ":" );
126 property = resolve(resolve[0], resolve[1] );
127 }
128 else
129 {
130 property = resolve( target, null );
131 }
132 s=s.substring(0,i1)+property+s.substring(i2+2);
133 }
134
135 return s;
136 }
137
138
139 public String getProperty(String name)
140 {
141 if (properties.containsKey(name))
142 {
143 return properties.get(name);
144 }
145
146 return System.getProperty(name);
147 }
148
149 private String resolve( String protocol, String data ) throws PolicyException
150 {
151
152 if ( "self".equals( protocol ) )
153 {
154
155 if ( principals != null && principals.length != 0 )
156 {
157 StringBuilder sb = new StringBuilder();
158 for ( int i = 0; i < principals.length; ++i )
159 {
160 sb.append( principals[i].getClass().getName() );
161 sb.append( " \"" );
162 sb.append( principals[i].getName() );
163 sb.append( "\" " );
164 }
165 return sb.toString();
166 }
167 else
168 {
169 throw new PolicyException( "self can not be expanded, missing principals" );
170 }
171 }
172 if ( "alias".equals( protocol ) )
173 {
174 try
175 {
176 Certificate cert = keystore.getCertificate(data);
177
178 if ( cert instanceof X509Certificate )
179 {
180 Principal principal = ((X509Certificate) cert).getSubjectX500Principal();
181 StringBuilder sb = new StringBuilder();
182 sb.append( principal.getClass().getName() );
183 sb.append( " \"" );
184 sb.append( principal.getName() );
185 sb.append( "\" " );
186 return sb.toString();
187 }
188 else
189 {
190 throw new PolicyException( "alias can not be expanded, bad cert" );
191 }
192 }
193 catch ( Exception e )
194 {
195 throw new PolicyException( "alias can not be expanded: " + data );
196 }
197 }
198 throw new PolicyException( "unknown protocol: " + protocol );
199 }
200 }