/* * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package sun.security.tools.policytool; import java.io.*; import java.util.LinkedList; import java.util.ListIterator; import java.util.Vector; import java.util.Enumeration; import java.net.URL; import java.net.MalformedURLException; import java.lang.reflect.*; import java.text.Collator; import java.text.MessageFormat; import sun.security.util.PropertyExpander; import sun.security.util.PropertyExpander.ExpandException; import java.awt.*; import java.awt.event.*; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.*; import sun.security.provider.*; import sun.security.util.PolicyUtil; import javax.security.auth.x500.X500Principal; /** * PolicyTool may be used by users and administrators to configure the * overall java security policy (currently stored in the policy file). * Using PolicyTool administators may add and remove policies from * the policy file.

* * @see java.security.Policy * @since 1.2 */ public class PolicyTool { // for i18n static final java.util.ResourceBundle rb = java.util.ResourceBundle.getBundle("sun.security.util.Resources"); static final Collator collator = Collator.getInstance(); static { // this is for case insensitive string comparisons collator.setStrength(Collator.PRIMARY); }; // anyone can add warnings Vector warnings; boolean newWarning = false; // set to true if policy modified. // this way upon exit we know if to ask the user to save changes boolean modified = false; private static final boolean testing = false; private static final Class[] TWOPARAMS = { String.class, String.class }; private static final Class[] ONEPARAMS = { String.class }; private static final Class[] NOPARAMS = {}; /* * All of the policy entries are read in from the * policy file and stored here. Updates to the policy entries * using addEntry() and removeEntry() are made here. To ultimately save * the policy entries back to the policy file, the SavePolicy button * must be clicked. **/ private static String policyFileName = null; private Vector policyEntries = null; private PolicyParser parser = null; /* The public key alias information is stored here. */ private KeyStore keyStore = null; private String keyStoreName = " "; private String keyStoreType = " "; private String keyStoreProvider = " "; private String keyStorePwdURL = " "; /* standard PKCS11 KeyStore type */ private static final String P11KEYSTORE = "PKCS11"; /* reserved word for PKCS11 KeyStores */ private static final String NONE = "NONE"; /** * default constructor */ private PolicyTool() { policyEntries = new Vector(); parser = new PolicyParser(); warnings = new Vector(); } /** * get the PolicyFileName */ String getPolicyFileName() { return policyFileName; } /** * set the PolicyFileName */ void setPolicyFileName(String policyFileName) { this.policyFileName = policyFileName; } /** * clear keyStore info */ void clearKeyStoreInfo() { this.keyStoreName = null; this.keyStoreType = null; this.keyStoreProvider = null; this.keyStorePwdURL = null; this.keyStore = null; } /** * get the keyStore URL name */ String getKeyStoreName() { return keyStoreName; } /** * get the keyStore Type */ String getKeyStoreType() { return keyStoreType; } /** * get the keyStore Provider */ String getKeyStoreProvider() { return keyStoreProvider; } /** * get the keyStore password URL */ String getKeyStorePwdURL() { return keyStorePwdURL; } /** * Open and read a policy file */ void openPolicy(String filename) throws FileNotFoundException, PolicyParser.ParsingException, KeyStoreException, CertificateException, InstantiationException, MalformedURLException, IOException, NoSuchAlgorithmException, IllegalAccessException, NoSuchMethodException, UnrecoverableKeyException, NoSuchProviderException, ClassNotFoundException, PropertyExpander.ExpandException, InvocationTargetException { newWarning = false; // start fresh - blow away the current state policyEntries = new Vector(); parser = new PolicyParser(); warnings = new Vector(); setPolicyFileName(null); clearKeyStoreInfo(); // see if user is opening a NEW policy file if (filename == null) { modified = false; return; } // Read in the policy entries from the file and // populate the parser vector table. The parser vector // table only holds the entries as strings, so it only // guarantees that the policies are syntactically // correct. setPolicyFileName(filename); parser.read(new FileReader(filename)); // open the keystore openKeyStore(parser.getKeyStoreUrl(), parser.getKeyStoreType(), parser.getKeyStoreProvider(), parser.getStorePassURL()); // Update the local vector with the same policy entries. // This guarantees that the policy entries are not only // syntactically correct, but semantically valid as well. Enumeration enum_ = parser.grantElements(); while (enum_.hasMoreElements()) { PolicyParser.GrantEntry ge = enum_.nextElement(); // see if all the signers have public keys if (ge.signedBy != null) { String signers[] = parseSigners(ge.signedBy); for (int i = 0; i < signers.length; i++) { PublicKey pubKey = getPublicKeyAlias(signers[i]); if (pubKey == null) { newWarning = true; MessageFormat form = new MessageFormat(rb.getString ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.")); Object[] source = {signers[i]}; warnings.addElement(form.format(source)); } } } // check to see if the Principals are valid ListIterator prinList = ge.principals.listIterator(0); while (prinList.hasNext()) { PolicyParser.PrincipalEntry pe = prinList.next(); try { verifyPrincipal(pe.getPrincipalClass(), pe.getPrincipalName()); } catch (ClassNotFoundException fnfe) { newWarning = true; MessageFormat form = new MessageFormat(rb.getString ("Warning.Class.not.found.class")); Object[] source = {pe.getPrincipalClass()}; warnings.addElement(form.format(source)); } } // check to see if the Permissions are valid Enumeration perms = ge.permissionElements(); while (perms.hasMoreElements()) { PolicyParser.PermissionEntry pe = perms.nextElement(); try { verifyPermission(pe.permission, pe.name, pe.action); } catch (ClassNotFoundException fnfe) { newWarning = true; MessageFormat form = new MessageFormat(rb.getString ("Warning.Class.not.found.class")); Object[] source = {pe.permission}; warnings.addElement(form.format(source)); } catch (InvocationTargetException ite) { newWarning = true; MessageFormat form = new MessageFormat(rb.getString ("Warning.Invalid.argument.s.for.constructor.arg")); Object[] source = {pe.permission}; warnings.addElement(form.format(source)); } // see if all the permission signers have public keys if (pe.signedBy != null) { String signers[] = parseSigners(pe.signedBy); for (int i = 0; i < signers.length; i++) { PublicKey pubKey = getPublicKeyAlias(signers[i]); if (pubKey == null) { newWarning = true; MessageFormat form = new MessageFormat(rb.getString ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.")); Object[] source = {signers[i]}; warnings.addElement(form.format(source)); } } } } PolicyEntry pEntry = new PolicyEntry(this, ge); policyEntries.addElement(pEntry); } // just read in the policy -- nothing has been modified yet modified = false; } /** * Save a policy to a file */ void savePolicy(String filename) throws FileNotFoundException, IOException { // save the policy entries to a file parser.setKeyStoreUrl(keyStoreName); parser.setKeyStoreType(keyStoreType); parser.setKeyStoreProvider(keyStoreProvider); parser.setStorePassURL(keyStorePwdURL); parser.write(new FileWriter(filename)); modified = false; } /** * Open the KeyStore */ void openKeyStore(String name, String type, String provider, String pwdURL) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IOException, CertificateException, NoSuchProviderException, ExpandException { if (name == null && type == null && provider == null && pwdURL == null) { // policy did not specify a keystore during open // or use wants to reset keystore values this.keyStoreName = null; this.keyStoreType = null; this.keyStoreProvider = null; this.keyStorePwdURL = null; // caller will set (tool.modified = true) if appropriate return; } URL policyURL = null; if (policyFileName != null) { File pfile = new File(policyFileName); policyURL = new URL("file:" + pfile.getCanonicalPath()); } // although PolicyUtil.getKeyStore may properly handle // defaults and property expansion, we do it here so that // if the call is successful, we can set the proper values // (PolicyUtil.getKeyStore does not return expanded values) if (name != null && name.length() > 0) { name = PropertyExpander.expand(name).replace (File.separatorChar, '/'); } if (type == null || type.length() == 0) { type = KeyStore.getDefaultType(); } if (pwdURL != null && pwdURL.length() > 0) { pwdURL = PropertyExpander.expand(pwdURL).replace (File.separatorChar, '/'); } try { this.keyStore = PolicyUtil.getKeyStore(policyURL, name, type, provider, pwdURL, null); } catch (IOException ioe) { // copied from sun.security.pkcs11.SunPKCS11 String MSG = "no password provided, and no callback handler " + "available for retrieving password"; Throwable cause = ioe.getCause(); if (cause != null && cause instanceof javax.security.auth.login.LoginException && MSG.equals(cause.getMessage())) { // throw a more friendly exception message throw new IOException(MSG); } else { throw ioe; } } this.keyStoreName = name; this.keyStoreType = type; this.keyStoreProvider = provider; this.keyStorePwdURL = pwdURL; // caller will set (tool.modified = true) } /** * Add a Grant entry to the overall policy at the specified index. * A policy entry consists of a CodeSource. */ boolean addEntry(PolicyEntry pe, int index) { if (index < 0) { // new entry -- just add it to the end policyEntries.addElement(pe); parser.add(pe.getGrantEntry()); } else { // existing entry -- replace old one PolicyEntry origPe = policyEntries.elementAt(index); parser.replace(origPe.getGrantEntry(), pe.getGrantEntry()); policyEntries.setElementAt(pe, index); } return true; } /** * Add a Principal entry to an existing PolicyEntry at the specified index. * A Principal entry consists of a class, and name. * * If the principal already exists, it is not added again. */ boolean addPrinEntry(PolicyEntry pe, PolicyParser.PrincipalEntry newPrin, int index) { // first add the principal to the Policy Parser entry PolicyParser.GrantEntry grantEntry = pe.getGrantEntry(); if (grantEntry.contains(newPrin) == true) return false; LinkedList prinList = grantEntry.principals; if (index != -1) prinList.set(index, newPrin); else prinList.add(newPrin); modified = true; return true; } /** * Add a Permission entry to an existing PolicyEntry at the specified index. * A Permission entry consists of a permission, name, and actions. * * If the permission already exists, it is not added again. */ boolean addPermEntry(PolicyEntry pe, PolicyParser.PermissionEntry newPerm, int index) { // first add the permission to the Policy Parser Vector PolicyParser.GrantEntry grantEntry = pe.getGrantEntry(); if (grantEntry.contains(newPerm) == true) return false; Vector permList = grantEntry.permissionEntries; if (index != -1) permList.setElementAt(newPerm, index); else permList.addElement(newPerm); modified = true; return true; } /** * Remove a Permission entry from an existing PolicyEntry. */ boolean removePermEntry(PolicyEntry pe, PolicyParser.PermissionEntry perm) { // remove the Permission from the GrantEntry PolicyParser.GrantEntry ppge = pe.getGrantEntry(); modified = ppge.remove(perm); return modified; } /** * remove an entry from the overall policy */ boolean removeEntry(PolicyEntry pe) { parser.remove(pe.getGrantEntry()); modified = true; return (policyEntries.removeElement(pe)); } /** * retrieve all Policy Entries */ PolicyEntry[] getEntry() { if (policyEntries.size() > 0) { PolicyEntry entries[] = new PolicyEntry[policyEntries.size()]; for (int i = 0; i < policyEntries.size(); i++) entries[i] = policyEntries.elementAt(i); return entries; } return null; } /** * Retrieve the public key mapped to a particular name. * If the key has expired, a KeyException is thrown. */ PublicKey getPublicKeyAlias(String name) throws KeyStoreException { if (keyStore == null) { return null; } Certificate cert = keyStore.getCertificate(name); if (cert == null) { return null; } PublicKey pubKey = cert.getPublicKey(); return pubKey; } /** * Retrieve all the alias names stored in the certificate database */ String[] getPublicKeyAlias() throws KeyStoreException { int numAliases = 0; String aliases[] = null; if (keyStore == null) { return null; } Enumeration enum_ = keyStore.aliases(); // first count the number of elements while (enum_.hasMoreElements()) { enum_.nextElement(); numAliases++; } if (numAliases > 0) { // now copy them into an array aliases = new String[numAliases]; numAliases = 0; enum_ = keyStore.aliases(); while (enum_.hasMoreElements()) { aliases[numAliases] = new String(enum_.nextElement()); numAliases++; } } return aliases; } /** * This method parses a single string of signers separated by commas * ("jordan, duke, pippen") into an array of individual strings. */ String[] parseSigners(String signedBy) { String signers[] = null; int numSigners = 1; int signedByIndex = 0; int commaIndex = 0; int signerNum = 0; // first pass thru "signedBy" counts the number of signers while (commaIndex >= 0) { commaIndex = signedBy.indexOf(',', signedByIndex); if (commaIndex >= 0) { numSigners++; signedByIndex = commaIndex + 1; } } signers = new String[numSigners]; // second pass thru "signedBy" transfers signers to array commaIndex = 0; signedByIndex = 0; while (commaIndex >= 0) { if ((commaIndex = signedBy.indexOf(',', signedByIndex)) >= 0) { // transfer signer and ignore trailing part of the string signers[signerNum] = signedBy.substring(signedByIndex, commaIndex).trim(); signerNum++; signedByIndex = commaIndex + 1; } else { // we are at the end of the string -- transfer signer signers[signerNum] = signedBy.substring(signedByIndex).trim(); } } return signers; } /** * Check to see if the Principal contents are OK */ void verifyPrincipal(String type, String name) throws ClassNotFoundException, InstantiationException { if (type.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) || type.equals(PolicyParser.REPLACE_NAME)) { return; }; Class PRIN = Class.forName("java.security.Principal"); Class pc = Class.forName(type, true, Thread.currentThread().getContextClassLoader()); if (!PRIN.isAssignableFrom(pc)) { MessageFormat form = new MessageFormat(rb.getString ("Illegal.Principal.Type.type")); Object[] source = {type}; throw new InstantiationException(form.format(source)); } if (ToolDialog.X500_PRIN_CLASS.equals(pc.getName())) { // PolicyParser checks validity of X500Principal name // - PolicyTool needs to as well so that it doesn't store // an invalid name that can't be read in later // // this can throw an IllegalArgumentException X500Principal newP = new X500Principal(name); } } /** * Check to see if the Permission contents are OK */ void verifyPermission(String type, String name, String actions) throws ClassNotFoundException, InstantiationException, IllegalAccessException, NoSuchMethodException, InvocationTargetException { //XXX we might want to keep a hash of created factories... Class pc = Class.forName(type, true, Thread.currentThread().getContextClassLoader()); Constructor c = null; Vector objects = new Vector(2); if (name != null) objects.add(name); if (actions != null) objects.add(actions); switch (objects.size()) { case 0: try { c = pc.getConstructor(NOPARAMS); break; } catch (NoSuchMethodException ex) { // proceed to the one-param constructor objects.add(null); } case 1: try { c = pc.getConstructor(ONEPARAMS); break; } catch (NoSuchMethodException ex) { // proceed to the two-param constructor objects.add(null); } case 2: c = pc.getConstructor(TWOPARAMS); break; } Object parameters[] = objects.toArray(); Permission p = (Permission)c.newInstance(parameters); } /* * Parse command line arguments. */ static void parseArgs(String args[]) { /* parse flags */ int n = 0; for (n=0; (n < args.length) && args[n].startsWith("-"); n++) { String flags = args[n]; if (collator.compare(flags, "-file") == 0) { if (++n == args.length) usage(); policyFileName = args[n]; } else { MessageFormat form = new MessageFormat(rb.getString ("Illegal.option.option")); Object[] source = { flags }; System.err.println(form.format(source)); usage(); } } } static void usage() { System.out.println(rb.getString("Usage.policytool.options.")); System.out.println(); System.out.println(rb.getString (".file.file.policy.file.location")); System.out.println(); System.exit(1); } /** * run the PolicyTool */ public static void main(String args[]) { parseArgs(args); ToolWindow tw = new ToolWindow(new PolicyTool()); tw.displayToolWindow(args); } // split instr to words according to capitalization, // like, AWTControl -> A W T Control // this method is for easy pronounciation static String splitToWords(String instr) { return instr.replaceAll("([A-Z])", " $1"); } } /** * Each entry in the policy configuration file is represented by a * PolicyEntry object. * * A PolicyEntry is a (CodeSource,Permission) pair. The * CodeSource contains the (URL, PublicKey) that together identify * where the Java bytecodes come from and who (if anyone) signed * them. The URL could refer to localhost. The URL could also be * null, meaning that this policy entry is given to all comers, as * long as they match the signer field. The signer could be null, * meaning the code is not signed. * * The Permission contains the (Type, Name, Action) triplet. * */ class PolicyEntry { private CodeSource codesource; private PolicyTool tool; private PolicyParser.GrantEntry grantEntry; private boolean testing = false; /** * Create a PolicyEntry object from the information read in * from a policy file. */ PolicyEntry(PolicyTool tool, PolicyParser.GrantEntry ge) throws MalformedURLException, NoSuchMethodException, ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException { this.tool = tool; URL location = null; // construct the CodeSource if (ge.codeBase != null) location = new URL(ge.codeBase); this.codesource = new CodeSource(location, (java.security.cert.Certificate[]) null); if (testing) { System.out.println("Adding Policy Entry:"); System.out.println(" CodeBase = " + location); System.out.println(" Signers = " + ge.signedBy); System.out.println(" with " + ge.principals.size() + " Principals"); } this.grantEntry = ge; } /** * get the codesource associated with this PolicyEntry */ CodeSource getCodeSource() { return codesource; } /** * get the GrantEntry associated with this PolicyEntry */ PolicyParser.GrantEntry getGrantEntry() { return grantEntry; } /** * convert the header portion, i.e. codebase, signer, principals, of * this policy entry into a string */ String headerToString() { String pString = principalsToString(); if (pString.length() == 0) { return codebaseToString(); } else { return codebaseToString() + ", " + pString; } } /** * convert the Codebase/signer portion of this policy entry into a string */ String codebaseToString() { String stringEntry = new String(); if (grantEntry.codeBase != null && grantEntry.codeBase.equals("") == false) stringEntry = stringEntry.concat ("CodeBase \"" + grantEntry.codeBase + "\""); if (grantEntry.signedBy != null && grantEntry.signedBy.equals("") == false) stringEntry = ((stringEntry.length() > 0) ? stringEntry.concat(", SignedBy \"" + grantEntry.signedBy + "\"") : stringEntry.concat("SignedBy \"" + grantEntry.signedBy + "\"")); if (stringEntry.length() == 0) return new String("CodeBase "); return stringEntry; } /** * convert the Principals portion of this policy entry into a string */ String principalsToString() { String result = ""; if ((grantEntry.principals != null) && (!grantEntry.principals.isEmpty())) { StringBuffer buffer = new StringBuffer(200); ListIterator list = grantEntry.principals.listIterator(); while (list.hasNext()) { PolicyParser.PrincipalEntry pppe = list.next(); buffer.append(" Principal " + pppe.getDisplayClass() + " " + pppe.getDisplayName(true)); if (list.hasNext()) buffer.append(", "); } result = buffer.toString(); } return result; } /** * convert this policy entry into a PolicyParser.PermissionEntry */ PolicyParser.PermissionEntry toPermissionEntry(Permission perm) { String actions = null; // get the actions if (perm.getActions() != null && perm.getActions().trim() != "") actions = perm.getActions(); PolicyParser.PermissionEntry pe = new PolicyParser.PermissionEntry (perm.getClass().getName(), perm.getName(), actions); return pe; } } /** * The main window for the PolicyTool */ class ToolWindow extends Frame { // use serialVersionUID from JDK 1.2.2 for interoperability private static final long serialVersionUID = 5682568601210376777L; /* external paddings */ public static final Insets TOP_PADDING = new Insets(25,0,0,0); public static final Insets BOTTOM_PADDING = new Insets(0,0,25,0); public static final Insets LITE_BOTTOM_PADDING = new Insets(0,0,10,0); public static final Insets LR_PADDING = new Insets(0,10,0,10); public static final Insets TOP_BOTTOM_PADDING = new Insets(15, 0, 15, 0); public static final Insets L_TOP_BOTTOM_PADDING = new Insets(5,10,15,0); public static final Insets LR_BOTTOM_PADDING = new Insets(0,10,5,10); public static final Insets L_BOTTOM_PADDING = new Insets(0,10,5,0); public static final Insets R_BOTTOM_PADDING = new Insets(0,0,5,10); /* buttons and menus */ public static final String NEW_POLICY_FILE = PolicyTool.rb.getString("New"); public static final String OPEN_POLICY_FILE = PolicyTool.rb.getString("Open"); public static final String SAVE_POLICY_FILE = PolicyTool.rb.getString("Save"); public static final String SAVE_AS_POLICY_FILE = PolicyTool.rb.getString("Save.As"); public static final String VIEW_WARNINGS = PolicyTool.rb.getString("View.Warning.Log"); public static final String QUIT = PolicyTool.rb.getString("Exit"); public static final String ADD_POLICY_ENTRY = PolicyTool.rb.getString("Add.Policy.Entry"); public static final String EDIT_POLICY_ENTRY = PolicyTool.rb.getString("Edit.Policy.Entry"); public static final String REMOVE_POLICY_ENTRY = PolicyTool.rb.getString("Remove.Policy.Entry"); public static final String EDIT_KEYSTORE = PolicyTool.rb.getString("Edit"); public static final String ADD_PUBKEY_ALIAS = PolicyTool.rb.getString("Add.Public.Key.Alias"); public static final String REMOVE_PUBKEY_ALIAS = PolicyTool.rb.getString("Remove.Public.Key.Alias"); /* gridbag index for components in the main window (MW) */ public static final int MW_FILENAME_LABEL = 0; public static final int MW_FILENAME_TEXTFIELD = 1; public static final int MW_PANEL = 2; public static final int MW_ADD_BUTTON = 0; public static final int MW_EDIT_BUTTON = 1; public static final int MW_REMOVE_BUTTON = 2; public static final int MW_POLICY_LIST = 3; // follows MW_PANEL private PolicyTool tool; /** * Constructor */ ToolWindow(PolicyTool tool) { this.tool = tool; } /** * Initialize the PolicyTool window with the necessary components */ private void initWindow() { // create the top menu bar MenuBar menuBar = new MenuBar(); // create a File menu Menu menu = new Menu(PolicyTool.rb.getString("File")); menu.add(NEW_POLICY_FILE); menu.add(OPEN_POLICY_FILE); menu.add(SAVE_POLICY_FILE); menu.add(SAVE_AS_POLICY_FILE); menu.add(VIEW_WARNINGS); menu.add(QUIT); menu.addActionListener(new FileMenuListener(tool, this)); menuBar.add(menu); setMenuBar(menuBar); // create a KeyStore menu menu = new Menu(PolicyTool.rb.getString("KeyStore")); menu.add(EDIT_KEYSTORE); menu.addActionListener(new MainWindowListener(tool, this)); menuBar.add(menu); setMenuBar(menuBar); // policy entry listing Label label = new Label(PolicyTool.rb.getString("Policy.File.")); addNewComponent(this, label, MW_FILENAME_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, TOP_BOTTOM_PADDING); TextField tf = new TextField(50); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Policy.File.")); tf.setEditable(false); addNewComponent(this, tf, MW_FILENAME_TEXTFIELD, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, TOP_BOTTOM_PADDING); // add ADD/REMOVE/EDIT buttons in a new panel Panel panel = new Panel(); panel.setLayout(new GridBagLayout()); Button button = new Button(ADD_POLICY_ENTRY); button.addActionListener(new MainWindowListener(tool, this)); addNewComponent(panel, button, MW_ADD_BUTTON, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, LR_PADDING); button = new Button(EDIT_POLICY_ENTRY); button.addActionListener(new MainWindowListener(tool, this)); addNewComponent(panel, button, MW_EDIT_BUTTON, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, LR_PADDING); button = new Button(REMOVE_POLICY_ENTRY); button.addActionListener(new MainWindowListener(tool, this)); addNewComponent(panel, button, MW_REMOVE_BUTTON, 2, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, LR_PADDING); addNewComponent(this, panel, MW_PANEL, 0, 2, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH, BOTTOM_PADDING); String policyFile = tool.getPolicyFileName(); if (policyFile == null) { String userHome; userHome = java.security.AccessController.doPrivileged( new sun.security.action.GetPropertyAction("user.home")); policyFile = userHome + File.separatorChar + ".java.policy"; } try { // open the policy file tool.openPolicy(policyFile); // display the policy entries via the policy list textarea List list = new List(40, false); list.addActionListener(new PolicyListListener(tool, this)); PolicyEntry entries[] = tool.getEntry(); if (entries != null) { for (int i = 0; i < entries.length; i++) list.add(entries[i].headerToString()); } TextField newFilename = (TextField) getComponent(MW_FILENAME_TEXTFIELD); newFilename.setText(policyFile); initPolicyList(list); } catch (FileNotFoundException fnfe) { // add blank policy listing List list = new List(40, false); list.addActionListener(new PolicyListListener(tool, this)); initPolicyList(list); tool.setPolicyFileName(null); tool.modified = false; setVisible(true); // just add warning tool.warnings.addElement(fnfe.toString()); } catch (Exception e) { // add blank policy listing List list = new List(40, false); list.addActionListener(new PolicyListListener(tool, this)); initPolicyList(list); tool.setPolicyFileName(null); tool.modified = false; setVisible(true); // display the error MessageFormat form = new MessageFormat(PolicyTool.rb.getString ("Could.not.open.policy.file.policyFile.e.toString.")); Object[] source = {policyFile, e.toString()}; displayErrorDialog(null, form.format(source)); } } /** * Add a component to the PolicyTool window */ void addNewComponent(Container container, Component component, int index, int gridx, int gridy, int gridwidth, int gridheight, double weightx, double weighty, int fill, Insets is) { // add the component at the specified gridbag index container.add(component, index); // set the constraints GridBagLayout gbl = (GridBagLayout)container.getLayout(); GridBagConstraints gbc = new GridBagConstraints(); gbc.gridx = gridx; gbc.gridy = gridy; gbc.gridwidth = gridwidth; gbc.gridheight = gridheight; gbc.weightx = weightx; gbc.weighty = weighty; gbc.fill = fill; if (is != null) gbc.insets = is; gbl.setConstraints(component, gbc); } /** * Add a component to the PolicyTool window without external padding */ void addNewComponent(Container container, Component component, int index, int gridx, int gridy, int gridwidth, int gridheight, double weightx, double weighty, int fill) { // delegate with "null" external padding addNewComponent(container, component, index, gridx, gridy, gridwidth, gridheight, weightx, weighty, fill, null); } /** * Init the policy_entry_list TEXTAREA component in the * PolicyTool window */ void initPolicyList(List policyList) { // add the policy list to the window addNewComponent(this, policyList, MW_POLICY_LIST, 0, 3, 2, 1, 1.0, 1.0, GridBagConstraints.BOTH); } /** * Replace the policy_entry_list TEXTAREA component in the * PolicyTool window with an updated one. */ void replacePolicyList(List policyList) { // remove the original list of Policy Entries // and add the new list of entries List list = (List)getComponent(MW_POLICY_LIST); list.removeAll(); String newItems[] = policyList.getItems(); for (int i = 0; i < newItems.length; i++) list.add(newItems[i]); } /** * display the main PolicyTool window */ void displayToolWindow(String args[]) { setTitle(PolicyTool.rb.getString("Policy.Tool")); setResizable(true); addWindowListener(new ToolWindowListener(this)); setBounds(135, 80, 500, 500); setLayout(new GridBagLayout()); initWindow(); // display it setVisible(true); if (tool.newWarning == true) { displayStatusDialog(this, PolicyTool.rb.getString ("Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.")); } } /** * displays a dialog box describing an error which occurred. */ void displayErrorDialog(Window w, String error) { ToolDialog ed = new ToolDialog (PolicyTool.rb.getString("Error"), tool, this, true); // find where the PolicyTool gui is Point location = ((w == null) ? getLocationOnScreen() : w.getLocationOnScreen()); ed.setBounds(location.x + 50, location.y + 50, 600, 100); ed.setLayout(new GridBagLayout()); Label label = new Label(error); addNewComponent(ed, label, 0, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener(new ErrorOKButtonListener(ed)); addNewComponent(ed, okButton, 1, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL); ed.pack(); ed.setVisible(true); } /** * displays a dialog box describing an error which occurred. */ void displayErrorDialog(Window w, Throwable t) { if (t instanceof NoDisplayException) { return; } displayErrorDialog(w, t.toString()); } /** * displays a dialog box describing the status of an event */ void displayStatusDialog(Window w, String status) { ToolDialog sd = new ToolDialog (PolicyTool.rb.getString("Status"), tool, this, true); // find the location of the PolicyTool gui Point location = ((w == null) ? getLocationOnScreen() : w.getLocationOnScreen()); sd.setBounds(location.x + 50, location.y + 50, 500, 100); sd.setLayout(new GridBagLayout()); Label label = new Label(status); addNewComponent(sd, label, 0, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener(new StatusOKButtonListener(sd)); addNewComponent(sd, okButton, 1, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL); sd.pack(); sd.setVisible(true); } /** * display the warning log */ void displayWarningLog(Window w) { ToolDialog wd = new ToolDialog (PolicyTool.rb.getString("Warning"), tool, this, true); // find the location of the PolicyTool gui Point location = ((w == null) ? getLocationOnScreen() : w.getLocationOnScreen()); wd.setBounds(location.x + 50, location.y + 50, 500, 100); wd.setLayout(new GridBagLayout()); TextArea ta = new TextArea(); ta.setEditable(false); for (int i = 0; i < tool.warnings.size(); i++) { ta.append(tool.warnings.elementAt(i)); ta.append(PolicyTool.rb.getString("NEWLINE")); } addNewComponent(wd, ta, 0, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, BOTTOM_PADDING); ta.setFocusable(false); Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener(new CancelButtonListener(wd)); addNewComponent(wd, okButton, 1, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, LR_PADDING); wd.pack(); wd.setVisible(true); } char displayYesNoDialog(Window w, String title, String prompt, String yes, String no) { final ToolDialog tw = new ToolDialog (title, tool, this, true); Point location = ((w == null) ? getLocationOnScreen() : w.getLocationOnScreen()); tw.setBounds(location.x + 75, location.y + 100, 400, 150); tw.setLayout(new GridBagLayout()); TextArea ta = new TextArea(prompt, 10, 50, TextArea.SCROLLBARS_VERTICAL_ONLY); ta.setEditable(false); addNewComponent(tw, ta, 0, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); ta.setFocusable(false); Panel panel = new Panel(); panel.setLayout(new GridBagLayout()); // StringBuffer to store button press. Must be final. final StringBuffer chooseResult = new StringBuffer(); Button button = new Button(yes); button.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { chooseResult.append('Y'); tw.setVisible(false); tw.dispose(); } }); addNewComponent(panel, button, 0, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, LR_PADDING); button = new Button(no); button.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { chooseResult.append('N'); tw.setVisible(false); tw.dispose(); } }); addNewComponent(panel, button, 1, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, LR_PADDING); addNewComponent(tw, panel, 1, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL); tw.pack(); tw.setVisible(true); if (chooseResult.length() > 0) { return chooseResult.charAt(0); } else { // I did encounter this once, don't why. return 'N'; } } } /** * General dialog window */ class ToolDialog extends Dialog { // use serialVersionUID from JDK 1.2.2 for interoperability private static final long serialVersionUID = -372244357011301190L; /* necessary constants */ public static final int NOACTION = 0; public static final int QUIT = 1; public static final int NEW = 2; public static final int OPEN = 3; public static final String ALL_PERM_CLASS = "java.security.AllPermission"; public static final String FILE_PERM_CLASS = "java.io.FilePermission"; public static final String X500_PRIN_CLASS = "javax.security.auth.x500.X500Principal"; /* popup menus */ public static final String PERM = PolicyTool.rb.getString ("Permission."); public static final String PRIN_TYPE = PolicyTool.rb.getString("Principal.Type."); public static final String PRIN_NAME = PolicyTool.rb.getString("Principal.Name."); /* more popu menus */ public static final String PERM_NAME = PolicyTool.rb.getString ("Target.Name."); /* and more popup menus */ public static final String PERM_ACTIONS = PolicyTool.rb.getString ("Actions."); /* gridbag index for display OverWriteFile (OW) components */ public static final int OW_LABEL = 0; public static final int OW_OK_BUTTON = 1; public static final int OW_CANCEL_BUTTON = 2; /* gridbag index for display PolicyEntry (PE) components */ public static final int PE_CODEBASE_LABEL = 0; public static final int PE_CODEBASE_TEXTFIELD = 1; public static final int PE_SIGNEDBY_LABEL = 2; public static final int PE_SIGNEDBY_TEXTFIELD = 3; public static final int PE_PANEL0 = 4; public static final int PE_ADD_PRIN_BUTTON = 0; public static final int PE_EDIT_PRIN_BUTTON = 1; public static final int PE_REMOVE_PRIN_BUTTON = 2; public static final int PE_PRIN_LABEL = 5; public static final int PE_PRIN_LIST = 6; public static final int PE_PANEL1 = 7; public static final int PE_ADD_PERM_BUTTON = 0; public static final int PE_EDIT_PERM_BUTTON = 1; public static final int PE_REMOVE_PERM_BUTTON = 2; public static final int PE_PERM_LIST = 8; public static final int PE_PANEL2 = 9; public static final int PE_CANCEL_BUTTON = 1; public static final int PE_DONE_BUTTON = 0; /* the gridbag index for components in the Principal Dialog (PRD) */ public static final int PRD_DESC_LABEL = 0; public static final int PRD_PRIN_CHOICE = 1; public static final int PRD_PRIN_TEXTFIELD = 2; public static final int PRD_NAME_LABEL = 3; public static final int PRD_NAME_TEXTFIELD = 4; public static final int PRD_CANCEL_BUTTON = 6; public static final int PRD_OK_BUTTON = 5; /* the gridbag index for components in the Permission Dialog (PD) */ public static final int PD_DESC_LABEL = 0; public static final int PD_PERM_CHOICE = 1; public static final int PD_PERM_TEXTFIELD = 2; public static final int PD_NAME_CHOICE = 3; public static final int PD_NAME_TEXTFIELD = 4; public static final int PD_ACTIONS_CHOICE = 5; public static final int PD_ACTIONS_TEXTFIELD = 6; public static final int PD_SIGNEDBY_LABEL = 7; public static final int PD_SIGNEDBY_TEXTFIELD = 8; public static final int PD_CANCEL_BUTTON = 10; public static final int PD_OK_BUTTON = 9; /* modes for KeyStore */ public static final int EDIT_KEYSTORE = 0; /* the gridbag index for components in the Change KeyStore Dialog (KSD) */ public static final int KSD_NAME_LABEL = 0; public static final int KSD_NAME_TEXTFIELD = 1; public static final int KSD_TYPE_LABEL = 2; public static final int KSD_TYPE_TEXTFIELD = 3; public static final int KSD_PROVIDER_LABEL = 4; public static final int KSD_PROVIDER_TEXTFIELD = 5; public static final int KSD_PWD_URL_LABEL = 6; public static final int KSD_PWD_URL_TEXTFIELD = 7; public static final int KSD_CANCEL_BUTTON = 9; public static final int KSD_OK_BUTTON = 8; /* the gridbag index for components in the User Save Changes Dialog (USC) */ public static final int USC_LABEL = 0; public static final int USC_PANEL = 1; public static final int USC_YES_BUTTON = 0; public static final int USC_NO_BUTTON = 1; public static final int USC_CANCEL_BUTTON = 2; /* gridbag index for the ConfirmRemovePolicyEntryDialog (CRPE) */ public static final int CRPE_LABEL1 = 0; public static final int CRPE_LABEL2 = 1; public static final int CRPE_PANEL = 2; public static final int CRPE_PANEL_OK = 0; public static final int CRPE_PANEL_CANCEL = 1; /* some private static finals */ private static final int PERMISSION = 0; private static final int PERMISSION_NAME = 1; private static final int PERMISSION_ACTIONS = 2; private static final int PERMISSION_SIGNEDBY = 3; private static final int PRINCIPAL_TYPE = 4; private static final int PRINCIPAL_NAME = 5; public static java.util.ArrayList PERM_ARRAY; public static java.util.ArrayList PRIN_ARRAY; PolicyTool tool; ToolWindow tw; static { // set up permission objects PERM_ARRAY = new java.util.ArrayList(); PERM_ARRAY.add(new AllPerm()); PERM_ARRAY.add(new AudioPerm()); PERM_ARRAY.add(new AuthPerm()); PERM_ARRAY.add(new AWTPerm()); PERM_ARRAY.add(new DelegationPerm()); PERM_ARRAY.add(new FilePerm()); PERM_ARRAY.add(new InqSecContextPerm()); PERM_ARRAY.add(new LogPerm()); PERM_ARRAY.add(new MgmtPerm()); PERM_ARRAY.add(new MBeanPerm()); PERM_ARRAY.add(new MBeanSvrPerm()); PERM_ARRAY.add(new MBeanTrustPerm()); PERM_ARRAY.add(new NetPerm()); PERM_ARRAY.add(new PrivCredPerm()); PERM_ARRAY.add(new PropPerm()); PERM_ARRAY.add(new ReflectPerm()); PERM_ARRAY.add(new RuntimePerm()); PERM_ARRAY.add(new SecurityPerm()); PERM_ARRAY.add(new SerialPerm()); PERM_ARRAY.add(new ServicePerm()); PERM_ARRAY.add(new SocketPerm()); PERM_ARRAY.add(new SQLPerm()); PERM_ARRAY.add(new SSLPerm()); PERM_ARRAY.add(new SubjDelegPerm()); // set up principal objects PRIN_ARRAY = new java.util.ArrayList(); PRIN_ARRAY.add(new KrbPrin()); PRIN_ARRAY.add(new X500Prin()); } ToolDialog(String title, PolicyTool tool, ToolWindow tw, boolean modal) { super(tw, modal); setTitle(title); this.tool = tool; this.tw = tw; addWindowListener(new ChildWindowListener(this)); } /** * get the Perm instance based on either the (shortened) class name * or the fully qualified class name */ static Perm getPerm(String clazz, boolean fullClassName) { for (int i = 0; i < PERM_ARRAY.size(); i++) { Perm next = PERM_ARRAY.get(i); if (fullClassName) { if (next.FULL_CLASS.equals(clazz)) { return next; } } else { if (next.CLASS.equals(clazz)) { return next; } } } return null; } /** * get the Prin instance based on either the (shortened) class name * or the fully qualified class name */ static Prin getPrin(String clazz, boolean fullClassName) { for (int i = 0; i < PRIN_ARRAY.size(); i++) { Prin next = PRIN_ARRAY.get(i); if (fullClassName) { if (next.FULL_CLASS.equals(clazz)) { return next; } } else { if (next.CLASS.equals(clazz)) { return next; } } } return null; } /** * ask user if they want to overwrite an existing file */ void displayOverWriteFileDialog(String filename, int nextEvent) { // find where the PolicyTool gui is Point location = tw.getLocationOnScreen(); setBounds(location.x + 75, location.y + 100, 400, 150); setLayout(new GridBagLayout()); // ask the user if they want to over write the existing file MessageFormat form = new MessageFormat(PolicyTool.rb.getString ("OK.to.overwrite.existing.file.filename.")); Object[] source = {filename}; Label label = new Label(form.format(source)); tw.addNewComponent(this, label, OW_LABEL, 0, 0, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.TOP_PADDING); // OK button Button button = new Button(PolicyTool.rb.getString("OK")); button.addActionListener(new OverWriteFileOKButtonListener (tool, tw, this, filename, nextEvent)); tw.addNewComponent(this, button, OW_OK_BUTTON, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_PADDING); // Cancel button // -- if the user hits cancel, do NOT go on to the next event button = new Button(PolicyTool.rb.getString("Cancel")); button.addActionListener(new CancelButtonListener(this)); tw.addNewComponent(this, button, OW_CANCEL_BUTTON, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_PADDING); setVisible(true); } /** * pop up a dialog so the user can enter info to add a new PolicyEntry * - if edit is TRUE, then the user is editing an existing entry * and we should display the original info as well. * * - the other reason we need the 'edit' boolean is we need to know * when we are adding a NEW policy entry. in this case, we can * not simply update the existing entry, because it doesn't exist. * we ONLY update the GUI listing/info, and then when the user * finally clicks 'OK' or 'DONE', then we can collect that info * and add it to the policy. */ void displayPolicyEntryDialog(boolean edit) { int listIndex = 0; PolicyEntry entries[] = null; TaggedList prinList = new TaggedList(3, false); prinList.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Principal.List")); prinList.addActionListener (new EditPrinButtonListener(tool, tw, this, edit)); TaggedList permList = new TaggedList(10, false); permList.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Permission.List")); permList.addActionListener (new EditPermButtonListener(tool, tw, this, edit)); // find where the PolicyTool gui is Point location = tw.getLocationOnScreen(); setBounds(location.x + 75, location.y + 200, 650, 500); setLayout(new GridBagLayout()); setResizable(true); if (edit) { // get the selected item entries = tool.getEntry(); List policyList = (List)tw.getComponent(tw.MW_POLICY_LIST); listIndex = policyList.getSelectedIndex(); // get principal list LinkedList principals = entries[listIndex].getGrantEntry().principals; for (int i = 0; i < principals.size(); i++) { String prinString = null; PolicyParser.PrincipalEntry nextPrin = (PolicyParser.PrincipalEntry)principals.get(i); prinList.addTaggedItem(PrincipalEntryToUserFriendlyString(nextPrin), nextPrin); } // get permission list Vector permissions = entries[listIndex].getGrantEntry().permissionEntries; for (int i = 0; i < permissions.size(); i++) { String permString = null; PolicyParser.PermissionEntry nextPerm = permissions.elementAt(i); permList.addTaggedItem(ToolDialog.PermissionEntryToUserFriendlyString(nextPerm), nextPerm); } } // codebase label and textfield Label label = new Label(PolicyTool.rb.getString("CodeBase.")); tw.addNewComponent(this, label, PE_CODEBASE_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); TextField tf; tf = (edit ? new TextField(entries[listIndex].getGrantEntry().codeBase, 60) : new TextField(60)); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Code.Base")); tw.addNewComponent(this, tf, PE_CODEBASE_TEXTFIELD, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); // signedby label and textfield label = new Label(PolicyTool.rb.getString("SignedBy.")); tw.addNewComponent(this, label, PE_SIGNEDBY_LABEL, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); tf = (edit ? new TextField(entries[listIndex].getGrantEntry().signedBy, 60) : new TextField(60)); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Signed.By.")); tw.addNewComponent(this, tf, PE_SIGNEDBY_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); // panel for principal buttons Panel panel = new Panel(); panel.setLayout(new GridBagLayout()); Button button = new Button(PolicyTool.rb.getString("Add.Principal")); button.addActionListener (new AddPrinButtonListener(tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_ADD_PRIN_BUTTON, 0, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL); button = new Button(PolicyTool.rb.getString("Edit.Principal")); button.addActionListener(new EditPrinButtonListener (tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_EDIT_PRIN_BUTTON, 1, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL); button = new Button(PolicyTool.rb.getString("Remove.Principal")); button.addActionListener(new RemovePrinButtonListener (tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_REMOVE_PRIN_BUTTON, 2, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL); tw.addNewComponent(this, panel, PE_PANEL0, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.HORIZONTAL); // principal label and list label = new Label(PolicyTool.rb.getString("Principals.")); tw.addNewComponent(this, label, PE_PRIN_LABEL, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); tw.addNewComponent(this, prinList, PE_PRIN_LIST, 1, 3, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // panel for permission buttons panel = new Panel(); panel.setLayout(new GridBagLayout()); button = new Button(PolicyTool.rb.getString(".Add.Permission")); button.addActionListener(new AddPermButtonListener (tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_ADD_PERM_BUTTON, 0, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL); button = new Button(PolicyTool.rb.getString(".Edit.Permission")); button.addActionListener(new EditPermButtonListener (tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_EDIT_PERM_BUTTON, 1, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL); button = new Button(PolicyTool.rb.getString("Remove.Permission")); button.addActionListener(new RemovePermButtonListener (tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_REMOVE_PERM_BUTTON, 2, 0, 1, 1, 100.0, 0.0, GridBagConstraints.HORIZONTAL); tw.addNewComponent(this, panel, PE_PANEL1, 0, 4, 2, 1, 0.0, 0.0, GridBagConstraints.HORIZONTAL, tw.LITE_BOTTOM_PADDING); // permission list tw.addNewComponent(this, permList, PE_PERM_LIST, 0, 5, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // panel for Done and Cancel buttons panel = new Panel(); panel.setLayout(new GridBagLayout()); // Done Button button = new Button(PolicyTool.rb.getString("Done")); button.addActionListener (new AddEntryDoneButtonListener(tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_DONE_BUTTON, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_PADDING); // Cancel Button button = new Button(PolicyTool.rb.getString("Cancel")); button.addActionListener(new CancelButtonListener(this)); tw.addNewComponent(panel, button, PE_CANCEL_BUTTON, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_PADDING); // add the panel tw.addNewComponent(this, panel, PE_PANEL2, 0, 6, 2, 1, 0.0, 0.0, GridBagConstraints.VERTICAL); setVisible(true); } /** * Read all the Policy information data in the dialog box * and construct a PolicyEntry object with it. */ PolicyEntry getPolicyEntryFromDialog() throws InvalidParameterException, MalformedURLException, NoSuchMethodException, ClassNotFoundException, InstantiationException, IllegalAccessException, InvocationTargetException, CertificateException, IOException, Exception { // get the Codebase TextField tf = (TextField)getComponent(PE_CODEBASE_TEXTFIELD); String codebase = null; if (tf.getText().trim().equals("") == false) codebase = new String(tf.getText().trim()); // get the SignedBy tf = (TextField)getComponent(PE_SIGNEDBY_TEXTFIELD); String signedby = null; if (tf.getText().trim().equals("") == false) signedby = new String(tf.getText().trim()); // construct a new GrantEntry PolicyParser.GrantEntry ge = new PolicyParser.GrantEntry(signedby, codebase); // get the new Principals LinkedList prins = new LinkedList(); TaggedList prinList = (TaggedList)getComponent(PE_PRIN_LIST); for (int i = 0; i < prinList.getItemCount(); i++) { prins.add((PolicyParser.PrincipalEntry)prinList.getObject(i)); } ge.principals = prins; // get the new Permissions Vector perms = new Vector(); TaggedList permList = (TaggedList)getComponent(PE_PERM_LIST); for (int i = 0; i < permList.getItemCount(); i++) { perms.addElement((PolicyParser.PermissionEntry)permList.getObject(i)); } ge.permissionEntries = perms; // construct a new PolicyEntry object PolicyEntry entry = new PolicyEntry(tool, ge); return entry; } /** * display a dialog box for the user to enter KeyStore information */ void keyStoreDialog(int mode) { // find where the PolicyTool gui is Point location = tw.getLocationOnScreen(); setBounds(location.x + 25, location.y + 100, 500, 300); setLayout(new GridBagLayout()); if (mode == EDIT_KEYSTORE) { // KeyStore label and textfield Label label = new Label (PolicyTool.rb.getString("KeyStore.URL.")); tw.addNewComponent(this, label, KSD_NAME_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); TextField tf = new TextField(tool.getKeyStoreName(), 30); // URL to U R L, so that accessibility reader will pronounce well tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.U.R.L.")); tw.addNewComponent(this, tf, KSD_NAME_TEXTFIELD, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // KeyStore type and textfield label = new Label(PolicyTool.rb.getString("KeyStore.Type.")); tw.addNewComponent(this, label, KSD_TYPE_LABEL, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); tf = new TextField(tool.getKeyStoreType(), 30); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.Type.")); tw.addNewComponent(this, tf, KSD_TYPE_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // KeyStore provider and textfield label = new Label(PolicyTool.rb.getString ("KeyStore.Provider.")); tw.addNewComponent(this, label, KSD_PROVIDER_LABEL, 0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); tf = new TextField(tool.getKeyStoreProvider(), 30); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.Provider.")); tw.addNewComponent(this, tf, KSD_PROVIDER_TEXTFIELD, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // KeyStore password URL and textfield label = new Label(PolicyTool.rb.getString ("KeyStore.Password.URL.")); tw.addNewComponent(this, label, KSD_PWD_URL_LABEL, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); tf = new TextField(tool.getKeyStorePwdURL(), 30); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.Password.U.R.L.")); tw.addNewComponent(this, tf, KSD_PWD_URL_TEXTFIELD, 1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener (new ChangeKeyStoreOKButtonListener(tool, tw, this)); tw.addNewComponent(this, okButton, KSD_OK_BUTTON, 0, 4, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(this)); tw.addNewComponent(this, cancelButton, KSD_CANCEL_BUTTON, 1, 4, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL); } setVisible(true); } /** * display a dialog box for the user to input Principal info * * if editPolicyEntry is false, then we are adding Principals to * a new PolicyEntry, and we only update the GUI listing * with the new Principal. * * if edit is true, then we are editing an existing Policy entry. */ void displayPrincipalDialog(boolean editPolicyEntry, boolean edit) { PolicyParser.PrincipalEntry editMe = null; // get the Principal selected from the Principal List TaggedList prinList = (TaggedList)getComponent(PE_PRIN_LIST); int prinIndex = prinList.getSelectedIndex(); if (edit) { editMe = (PolicyParser.PrincipalEntry)prinList.getObject(prinIndex); } ToolDialog newTD = new ToolDialog (PolicyTool.rb.getString("Principals"), tool, tw, true); newTD.addWindowListener(new ChildWindowListener(newTD)); // find where the PolicyTool gui is Point location = getLocationOnScreen(); newTD.setBounds(location.x + 50, location.y + 100, 650, 190); newTD.setLayout(new GridBagLayout()); newTD.setResizable(true); // description label Label label = (edit ? new Label(PolicyTool.rb.getString(".Edit.Principal.")) : new Label(PolicyTool.rb.getString(".Add.New.Principal."))); tw.addNewComponent(newTD, label, PRD_DESC_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.TOP_BOTTOM_PADDING); // principal choice Choice choice = new Choice(); choice.add(PRIN_TYPE); choice.getAccessibleContext().setAccessibleName(PRIN_TYPE); for (int i = 0; i < PRIN_ARRAY.size(); i++) { Prin next = PRIN_ARRAY.get(i); choice.add(next.CLASS); } choice.addItemListener(new PrincipalTypeMenuListener(newTD)); if (edit) { if (PolicyParser.PrincipalEntry.WILDCARD_CLASS.equals (editMe.getPrincipalClass())) { choice.select(PRIN_TYPE); } else { Prin inputPrin = getPrin(editMe.getPrincipalClass(), true); if (inputPrin != null) { choice.select(inputPrin.CLASS); } } } tw.addNewComponent(newTD, choice, PRD_PRIN_CHOICE, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // principal textfield TextField tf; tf = (edit ? new TextField(editMe.getDisplayClass(), 30) : new TextField(30)); tf.getAccessibleContext().setAccessibleName(PRIN_TYPE); tw.addNewComponent(newTD, tf, PRD_PRIN_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // name label and textfield label = new Label(PRIN_NAME); tf = (edit ? new TextField(editMe.getDisplayName(), 40) : new TextField(40)); tf.getAccessibleContext().setAccessibleName(PRIN_NAME); tw.addNewComponent(newTD, label, PRD_NAME_LABEL, 0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); tw.addNewComponent(newTD, tf, PRD_NAME_TEXTFIELD, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener( new NewPolicyPrinOKButtonListener (tool, tw, this, newTD, edit)); tw.addNewComponent(newTD, okButton, PRD_OK_BUTTON, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_BOTTOM_PADDING); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(newTD)); tw.addNewComponent(newTD, cancelButton, PRD_CANCEL_BUTTON, 1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_BOTTOM_PADDING); newTD.setVisible(true); } /** * display a dialog box for the user to input Permission info * * if editPolicyEntry is false, then we are adding Permissions to * a new PolicyEntry, and we only update the GUI listing * with the new Permission. * * if edit is true, then we are editing an existing Permission entry. */ void displayPermissionDialog(boolean editPolicyEntry, boolean edit) { PolicyParser.PermissionEntry editMe = null; // get the Permission selected from the Permission List TaggedList permList = (TaggedList)getComponent(PE_PERM_LIST); int permIndex = permList.getSelectedIndex(); if (edit) { editMe = (PolicyParser.PermissionEntry)permList.getObject(permIndex); } ToolDialog newTD = new ToolDialog (PolicyTool.rb.getString("Permissions"), tool, tw, true); newTD.addWindowListener(new ChildWindowListener(newTD)); // find where the PolicyTool gui is Point location = getLocationOnScreen(); newTD.setBounds(location.x + 50, location.y + 100, 700, 250); newTD.setLayout(new GridBagLayout()); newTD.setResizable(true); // description label Label label = (edit ? new Label(PolicyTool.rb.getString(".Edit.Permission.")) : new Label(PolicyTool.rb.getString(".Add.New.Permission."))); tw.addNewComponent(newTD, label, PD_DESC_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.TOP_BOTTOM_PADDING); // permission choice (added in alphabetical order) Choice choice = new Choice(); choice.add(PERM); choice.getAccessibleContext().setAccessibleName(PERM); for (int i = 0; i < PERM_ARRAY.size(); i++) { Perm next = PERM_ARRAY.get(i); choice.add(next.CLASS); } choice.addItemListener(new PermissionMenuListener(newTD)); tw.addNewComponent(newTD, choice, PD_PERM_CHOICE, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // permission textfield TextField tf; tf = (edit ? new TextField(editMe.permission, 30) : new TextField(30)); tf.getAccessibleContext().setAccessibleName(PERM); if (edit) { Perm inputPerm = getPerm(editMe.permission, true); if (inputPerm != null) { choice.select(inputPerm.CLASS); } } tw.addNewComponent(newTD, tf, PD_PERM_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // name label and textfield choice = new Choice(); choice.add(PERM_NAME); choice.getAccessibleContext().setAccessibleName(PERM_NAME); choice.addItemListener(new PermissionNameMenuListener(newTD)); tf = (edit ? new TextField(editMe.name, 40) : new TextField(40)); tf.getAccessibleContext().setAccessibleName(PERM_NAME); if (edit) { setPermissionNames(getPerm(editMe.permission, true), choice, tf); } tw.addNewComponent(newTD, choice, PD_NAME_CHOICE, 0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); tw.addNewComponent(newTD, tf, PD_NAME_TEXTFIELD, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // actions label and textfield choice = new Choice(); choice.add(PERM_ACTIONS); choice.getAccessibleContext().setAccessibleName(PERM_ACTIONS); choice.addItemListener(new PermissionActionsMenuListener(newTD)); tf = (edit ? new TextField(editMe.action, 40) : new TextField(40)); tf.getAccessibleContext().setAccessibleName(PERM_ACTIONS); if (edit) { setPermissionActions(getPerm(editMe.permission, true), choice, tf); } tw.addNewComponent(newTD, choice, PD_ACTIONS_CHOICE, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); tw.addNewComponent(newTD, tf, PD_ACTIONS_TEXTFIELD, 1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // signedby label and textfield label = new Label(PolicyTool.rb.getString("Signed.By.")); tw.addNewComponent(newTD, label, PD_SIGNEDBY_LABEL, 0, 4, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); tf = (edit ? new TextField(editMe.signedBy, 40) : new TextField(40)); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Signed.By.")); tw.addNewComponent(newTD, tf, PD_SIGNEDBY_TEXTFIELD, 1, 4, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.LR_PADDING); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener( new NewPolicyPermOKButtonListener (tool, tw, this, newTD, edit)); tw.addNewComponent(newTD, okButton, PD_OK_BUTTON, 0, 5, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_BOTTOM_PADDING); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(newTD)); tw.addNewComponent(newTD, cancelButton, PD_CANCEL_BUTTON, 1, 5, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_BOTTOM_PADDING); newTD.setVisible(true); } /** * construct a Principal object from the Principal Info Dialog Box */ PolicyParser.PrincipalEntry getPrinFromDialog() throws Exception { TextField tf = (TextField)getComponent(PRD_PRIN_TEXTFIELD); String pclass = new String(tf.getText().trim()); tf = (TextField)getComponent(PRD_NAME_TEXTFIELD); String pname = new String(tf.getText().trim()); if (pclass.equals("*")) { pclass = PolicyParser.PrincipalEntry.WILDCARD_CLASS; } if (pname.equals("*")) { pname = PolicyParser.PrincipalEntry.WILDCARD_NAME; } PolicyParser.PrincipalEntry pppe = null; if ((pclass.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS)) && (!pname.equals(PolicyParser.PrincipalEntry.WILDCARD_NAME))) { throw new Exception (PolicyTool.rb.getString("Cannot.Specify.Principal.with.a.Wildcard.Class.without.a.Wildcard.Name")); } else if (pname.equals("")) { throw new Exception (PolicyTool.rb.getString("Cannot.Specify.Principal.without.a.Name")); } else if (pclass.equals("")) { // make this consistent with what PolicyParser does // when it sees an empty principal class pclass = PolicyParser.REPLACE_NAME; tool.warnings.addElement( "Warning: Principal name '" + pname + "' specified without a Principal class.\n" + "\t'" + pname + "' will be interpreted " + "as a key store alias.\n" + "\tThe final principal class will be " + ToolDialog.X500_PRIN_CLASS + ".\n" + "\tThe final principal name will be " + "determined by the following:\n" + "\n" + "\tIf the key store entry identified by '" + pname + "'\n" + "\tis a key entry, then the principal name will be\n" + "\tthe subject distinguished name from the first\n" + "\tcertificate in the entry's certificate chain.\n" + "\n" + "\tIf the key store entry identified by '" + pname + "'\n" + "\tis a trusted certificate entry, then the\n" + "\tprincipal name will be the subject distinguished\n" + "\tname from the trusted public key certificate."); tw.displayStatusDialog(this, "'" + pname + "' will be interpreted as a key " + "store alias. View Warning Log for details."); } return new PolicyParser.PrincipalEntry(pclass, pname); } /** * construct a Permission object from the Permission Info Dialog Box */ PolicyParser.PermissionEntry getPermFromDialog() { TextField tf = (TextField)getComponent(PD_PERM_TEXTFIELD); String permission = new String(tf.getText().trim()); tf = (TextField)getComponent(PD_NAME_TEXTFIELD); String name = null; if (tf.getText().trim().equals("") == false) name = new String(tf.getText().trim()); if (permission.equals("") || (!permission.equals(ALL_PERM_CLASS) && name == null)) { throw new InvalidParameterException(PolicyTool.rb.getString ("Permission.and.Target.Name.must.have.a.value")); } // When the permission is FilePermission, we need to check the name // to make sure it's not escaped. We believe -- // // String name.lastIndexOf("\\\\") // ---------------- ------------------------ // c:\foo\bar -1, legal // c:\\foo\\bar 2, illegal // \\server\share 0, legal // \\\\server\share 2, illegal if (permission.equals(FILE_PERM_CLASS) && name.lastIndexOf("\\\\") > 0) { char result = tw.displayYesNoDialog(this, PolicyTool.rb.getString("Warning"), PolicyTool.rb.getString( "Warning.File.name.may.include.escaped.backslash.characters.It.is.not.necessary.to.escape.backslash.characters.the.tool.escapes"), PolicyTool.rb.getString("Retain"), PolicyTool.rb.getString("Edit") ); if (result != 'Y') { // an invisible exception throw new NoDisplayException(); } } // get the Actions tf = (TextField)getComponent(PD_ACTIONS_TEXTFIELD); String actions = null; if (tf.getText().trim().equals("") == false) actions = new String(tf.getText().trim()); // get the Signed By tf = (TextField)getComponent(PD_SIGNEDBY_TEXTFIELD); String signedBy = null; if (tf.getText().trim().equals("") == false) signedBy = new String(tf.getText().trim()); PolicyParser.PermissionEntry pppe = new PolicyParser.PermissionEntry (permission, name, actions); pppe.signedBy = signedBy; // see if the signers have public keys if (signedBy != null) { String signers[] = tool.parseSigners(pppe.signedBy); for (int i = 0; i < signers.length; i++) { try { PublicKey pubKey = tool.getPublicKeyAlias(signers[i]); if (pubKey == null) { MessageFormat form = new MessageFormat (PolicyTool.rb.getString ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.")); Object[] source = {signers[i]}; tool.warnings.addElement(form.format(source)); tw.displayStatusDialog(this, form.format(source)); } } catch (Exception e) { tw.displayErrorDialog(this, e); } } } return pppe; } /** * confirm that the user REALLY wants to remove the Policy Entry */ void displayConfirmRemovePolicyEntry() { // find the entry to be removed List list = (List)tw.getComponent(tw.MW_POLICY_LIST); int index = list.getSelectedIndex(); PolicyEntry entries[] = tool.getEntry(); // find where the PolicyTool gui is Point location = tw.getLocationOnScreen(); setBounds(location.x + 25, location.y + 100, 600, 400); setLayout(new GridBagLayout()); // ask the user do they really want to do this? Label label = new Label (PolicyTool.rb.getString("Remove.this.Policy.Entry.")); tw.addNewComponent(this, label, CRPE_LABEL1, 0, 0, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); // display the policy entry label = new Label(entries[index].codebaseToString()); tw.addNewComponent(this, label, CRPE_LABEL2, 0, 1, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH); label = new Label(entries[index].principalsToString().trim()); tw.addNewComponent(this, label, CRPE_LABEL2+1, 0, 2, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH); Vector perms = entries[index].getGrantEntry().permissionEntries; for (int i = 0; i < perms.size(); i++) { PolicyParser.PermissionEntry nextPerm = perms.elementAt(i); String permString = ToolDialog.PermissionEntryToUserFriendlyString(nextPerm); label = new Label(" " + permString); if (i == (perms.size()-1)) { tw.addNewComponent(this, label, CRPE_LABEL2 + 2 + i, 1, 3 + i, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.BOTTOM_PADDING); } else { tw.addNewComponent(this, label, CRPE_LABEL2 + 2 + i, 1, 3 + i, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); } } // add OK/CANCEL buttons in a new panel Panel panel = new Panel(); panel.setLayout(new GridBagLayout()); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); okButton.addActionListener (new ConfirmRemovePolicyEntryOKButtonListener(tool, tw, this)); tw.addNewComponent(panel, okButton, CRPE_PANEL_OK, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_PADDING); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(this)); tw.addNewComponent(panel, cancelButton, CRPE_PANEL_CANCEL, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_PADDING); tw.addNewComponent(this, panel, CRPE_LABEL2 + 2 + perms.size(), 0, 3 + perms.size(), 2, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.TOP_BOTTOM_PADDING); pack(); setVisible(true); } /** * perform SAVE AS */ void displaySaveAsDialog(int nextEvent) { // pop up a dialog box for the user to enter a filename. FileDialog fd = new FileDialog (tw, PolicyTool.rb.getString("Save.As"), FileDialog.SAVE); fd.addWindowListener(new WindowAdapter() { public void windowClosing(WindowEvent e) { e.getWindow().setVisible(false); } }); fd.setVisible(true); // see if the user hit cancel if (fd.getFile() == null || fd.getFile().equals("")) return; // get the entered filename String filename = new String(fd.getDirectory() + fd.getFile()); fd.dispose(); // see if the file already exists File saveAsFile = new File(filename); if (saveAsFile.exists()) { // display a dialog box for the user to enter policy info ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Overwrite.File"), tool, tw, true); td.displayOverWriteFileDialog(filename, nextEvent); } else { try { // save the policy entries to a file tool.savePolicy(filename); // display status MessageFormat form = new MessageFormat(PolicyTool.rb.getString ("Policy.successfully.written.to.filename")); Object[] source = {filename}; tw.displayStatusDialog(null, form.format(source)); // display the new policy filename TextField newFilename = (TextField)tw.getComponent (tw.MW_FILENAME_TEXTFIELD); newFilename.setText(filename); tw.setVisible(true); // now continue with the originally requested command // (QUIT, NEW, or OPEN) userSaveContinue(tool, tw, this, nextEvent); } catch (FileNotFoundException fnfe) { if (filename == null || filename.equals("")) { tw.displayErrorDialog(null, new FileNotFoundException (PolicyTool.rb.getString("null.filename"))); } else { tw.displayErrorDialog(null, fnfe); } } catch (Exception ee) { tw.displayErrorDialog(null, ee); } } } /** * ask user if they want to save changes */ void displayUserSave(int select) { if (tool.modified == true) { // find where the PolicyTool gui is Point location = tw.getLocationOnScreen(); setBounds(location.x + 75, location.y + 100, 400, 150); setLayout(new GridBagLayout()); Label label = new Label (PolicyTool.rb.getString("Save.changes.")); tw.addNewComponent(this, label, USC_LABEL, 0, 0, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH, tw.L_TOP_BOTTOM_PADDING); Panel panel = new Panel(); panel.setLayout(new GridBagLayout()); Button yesButton = new Button(PolicyTool.rb.getString("Yes")); yesButton.addActionListener (new UserSaveYesButtonListener(this, tool, tw, select)); tw.addNewComponent(panel, yesButton, USC_YES_BUTTON, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_BOTTOM_PADDING); Button noButton = new Button(PolicyTool.rb.getString("No")); noButton.addActionListener (new UserSaveNoButtonListener(this, tool, tw, select)); tw.addNewComponent(panel, noButton, USC_NO_BUTTON, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_BOTTOM_PADDING); Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener (new UserSaveCancelButtonListener(this)); tw.addNewComponent(panel, cancelButton, USC_CANCEL_BUTTON, 2, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, tw.LR_BOTTOM_PADDING); tw.addNewComponent(this, panel, USC_PANEL, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); pack(); setVisible(true); } else { // just do the original request (QUIT, NEW, or OPEN) userSaveContinue(tool, tw, this, select); } } /** * when the user sees the 'YES', 'NO', 'CANCEL' buttons on the * displayUserSave dialog, and the click on one of them, * we need to continue the originally requested action * (either QUITting, opening NEW policy file, or OPENing an existing * policy file. do that now. */ void userSaveContinue(PolicyTool tool, ToolWindow tw, ToolDialog us, int select) { // now either QUIT, open a NEW policy file, or OPEN an existing policy switch(select) { case ToolDialog.QUIT: tw.setVisible(false); tw.dispose(); System.exit(0); case ToolDialog.NEW: try { tool.openPolicy(null); } catch (Exception ee) { tool.modified = false; tw.displayErrorDialog(null, ee); } // display the policy entries via the policy list textarea List list = new List(40, false); list.addActionListener(new PolicyListListener(tool, tw)); tw.replacePolicyList(list); // display null policy filename and keystore TextField newFilename = (TextField) tw.getComponent(tw.MW_FILENAME_TEXTFIELD); newFilename.setText(""); tw.setVisible(true); break; case ToolDialog.OPEN: // pop up a dialog box for the user to enter a filename. FileDialog fd = new FileDialog (tw, PolicyTool.rb.getString("Open"), FileDialog.LOAD); fd.addWindowListener(new WindowAdapter() { public void windowClosing(WindowEvent e) { e.getWindow().setVisible(false); } }); fd.setVisible(true); // see if the user hit 'cancel' if (fd.getFile() == null || fd.getFile().equals("")) return; // get the entered filename String policyFile = new String(fd.getDirectory() + fd.getFile()); try { // open the policy file tool.openPolicy(policyFile); // display the policy entries via the policy list textarea list = new List(40, false); list.addActionListener(new PolicyListListener(tool, tw)); PolicyEntry entries[] = tool.getEntry(); if (entries != null) { for (int i = 0; i < entries.length; i++) list.add(entries[i].headerToString()); } tw.replacePolicyList(list); tool.modified = false; // display the new policy filename newFilename = (TextField) tw.getComponent(tw.MW_FILENAME_TEXTFIELD); newFilename.setText(policyFile); tw.setVisible(true); // inform user of warnings if (tool.newWarning == true) { tw.displayStatusDialog(null, PolicyTool.rb.getString ("Errors.have.occurred.while.opening.the.policy.configuration.View.the.Warning.Log.for.more.information.")); } } catch (Exception e) { // add blank policy listing list = new List(40, false); list.addActionListener(new PolicyListListener(tool, tw)); tw.replacePolicyList(list); tool.setPolicyFileName(null); tool.modified = false; // display a null policy filename newFilename = (TextField) tw.getComponent(tw.MW_FILENAME_TEXTFIELD); newFilename.setText(""); tw.setVisible(true); // display the error MessageFormat form = new MessageFormat(PolicyTool.rb.getString ("Could.not.open.policy.file.policyFile.e.toString.")); Object[] source = {policyFile, e.toString()}; tw.displayErrorDialog(null, form.format(source)); } break; } } /** * Return a Menu list of names for a given permission * * If inputPerm's TARGETS are null, then this means TARGETS are * not allowed to be entered (and the TextField is set to be * non-editable). * * If TARGETS are valid but there are no standard ones * (user must enter them by hand) then the TARGETS array may be empty * (and of course non-null). */ void setPermissionNames(Perm inputPerm, Choice names, TextField field) { names.removeAll(); names.add(PERM_NAME); if (inputPerm == null) { // custom permission field.setEditable(true); } else if (inputPerm.TARGETS == null) { // standard permission with no targets field.setEditable(false); } else { // standard permission with standard targets field.setEditable(true); for (int i = 0; i < inputPerm.TARGETS.length; i++) { names.add(inputPerm.TARGETS[i]); } } } /** * Return a Menu list of actions for a given permission * * If inputPerm's ACTIONS are null, then this means ACTIONS are * not allowed to be entered (and the TextField is set to be * non-editable). This is typically true for BasicPermissions. * * If ACTIONS are valid but there are no standard ones * (user must enter them by hand) then the ACTIONS array may be empty * (and of course non-null). */ void setPermissionActions(Perm inputPerm, Choice actions, TextField field) { actions.removeAll(); actions.add(PERM_ACTIONS); if (inputPerm == null) { // custom permission field.setEditable(true); } else if (inputPerm.ACTIONS == null) { // standard permission with no actions field.setEditable(false); } else { // standard permission with standard actions field.setEditable(true); for (int i = 0; i < inputPerm.ACTIONS.length; i++) { actions.add(inputPerm.ACTIONS[i]); } } } static String PermissionEntryToUserFriendlyString(PolicyParser.PermissionEntry pppe) { String result = pppe.permission; if (pppe.name != null) { result += " " + pppe.name; } if (pppe.action != null) { result += ", \"" + pppe.action + "\""; } if (pppe.signedBy != null) { result += ", signedBy " + pppe.signedBy; } return result; } static String PrincipalEntryToUserFriendlyString(PolicyParser.PrincipalEntry pppe) { StringWriter sw = new StringWriter(); PrintWriter pw = new PrintWriter(sw); pppe.write(pw); return sw.toString(); } } /** * Event handler for the PolicyTool window */ class ToolWindowListener implements WindowListener { private ToolWindow tw; ToolWindowListener(ToolWindow tw) { this.tw = tw; } public void windowOpened(WindowEvent we) { } public void windowClosing(WindowEvent we) { // XXX // should we ask user if they want to save changes? // (we do if they choose the Menu->Exit) // seems that if they kill the application by hand, // we don't have to ask. tw.setVisible(false); tw.dispose(); System.exit(0); } public void windowClosed(WindowEvent we) { System.exit(0); } public void windowIconified(WindowEvent we) { } public void windowDeiconified(WindowEvent we) { } public void windowActivated(WindowEvent we) { } public void windowDeactivated(WindowEvent we) { } } /** * Event handler for the Policy List */ class PolicyListListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; PolicyListListener(PolicyTool tool, ToolWindow tw) { this.tool = tool; this.tw = tw; } public void actionPerformed(ActionEvent e) { // display the permission list for a policy entry ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Policy.Entry"), tool, tw, true); td.displayPolicyEntryDialog(true); } } /** * Event handler for the File Menu */ class FileMenuListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; FileMenuListener(PolicyTool tool, ToolWindow tw) { this.tool = tool; this.tw = tw; } public void actionPerformed(ActionEvent e) { if (PolicyTool.collator.compare(e.getActionCommand(), tw.QUIT) == 0) { // ask user if they want to save changes ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.Changes"), tool, tw, true); td.displayUserSave(td.QUIT); // the above method will perform the QUIT as long as the // user does not CANCEL the request } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.NEW_POLICY_FILE) == 0) { // ask user if they want to save changes ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.Changes"), tool, tw, true); td.displayUserSave(td.NEW); // the above method will perform the NEW as long as the // user does not CANCEL the request } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.OPEN_POLICY_FILE) == 0) { // ask user if they want to save changes ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.Changes"), tool, tw, true); td.displayUserSave(td.OPEN); // the above method will perform the OPEN as long as the // user does not CANCEL the request } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.SAVE_POLICY_FILE) == 0) { // get the previously entered filename String filename = ((TextField) tw.getComponent(tw.MW_FILENAME_TEXTFIELD)).getText(); // if there is no filename, do a SAVE_AS if (filename == null || filename.length() == 0) { // user wants to SAVE AS ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.As"), tool, tw, true); td.displaySaveAsDialog(td.NOACTION); } else { try { // save the policy entries to a file tool.savePolicy(filename); // display status MessageFormat form = new MessageFormat (PolicyTool.rb.getString ("Policy.successfully.written.to.filename")); Object[] source = {filename}; tw.displayStatusDialog(null, form.format(source)); } catch (FileNotFoundException fnfe) { if (filename == null || filename.equals("")) { tw.displayErrorDialog(null, new FileNotFoundException (PolicyTool.rb.getString("null.filename"))); } else { tw.displayErrorDialog(null, fnfe); } } catch (Exception ee) { tw.displayErrorDialog(null, ee); } } } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.SAVE_AS_POLICY_FILE) == 0) { // user wants to SAVE AS ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.As"), tool, tw, true); td.displaySaveAsDialog(td.NOACTION); } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.VIEW_WARNINGS) == 0) { tw.displayWarningLog(null); } } } /** * Event handler for the main window buttons and Edit Menu */ class MainWindowListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; MainWindowListener(PolicyTool tool, ToolWindow tw) { this.tool = tool; this.tw = tw; } public void actionPerformed(ActionEvent e) { if (PolicyTool.collator.compare(e.getActionCommand(), tw.ADD_POLICY_ENTRY) == 0) { // display a dialog box for the user to enter policy info ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Policy.Entry"), tool, tw, true); td.displayPolicyEntryDialog(false); } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.REMOVE_POLICY_ENTRY) == 0) { // get the selected entry List list = (List)tw.getComponent(tw.MW_POLICY_LIST); int index = list.getSelectedIndex(); if (index < 0) { tw.displayErrorDialog(null, new Exception (PolicyTool.rb.getString("No.Policy.Entry.selected"))); return; } // ask the user if they really want to remove the policy entry ToolDialog td = new ToolDialog(PolicyTool.rb.getString ("Remove.Policy.Entry"), tool, tw, true); td.displayConfirmRemovePolicyEntry(); } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.EDIT_POLICY_ENTRY) == 0) { // get the selected entry List list = (List)tw.getComponent(tw.MW_POLICY_LIST); int index = list.getSelectedIndex(); if (index < 0) { tw.displayErrorDialog(null, new Exception (PolicyTool.rb.getString("No.Policy.Entry.selected"))); return; } // display the permission list for a policy entry ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Policy.Entry"), tool, tw, true); td.displayPolicyEntryDialog(true); } else if (PolicyTool.collator.compare(e.getActionCommand(), tw.EDIT_KEYSTORE) == 0) { // display a dialog box for the user to enter keystore info ToolDialog td = new ToolDialog (PolicyTool.rb.getString("KeyStore"), tool, tw, true); td.keyStoreDialog(td.EDIT_KEYSTORE); } } } /** * Event handler for OverWriteFileOKButton button */ class OverWriteFileOKButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private String filename; private int nextEvent; OverWriteFileOKButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, String filename, int nextEvent) { this.tool = tool; this.tw = tw; this.td = td; this.filename = filename; this.nextEvent = nextEvent; } public void actionPerformed(ActionEvent e) { try { // save the policy entries to a file tool.savePolicy(filename); // display status MessageFormat form = new MessageFormat (PolicyTool.rb.getString ("Policy.successfully.written.to.filename")); Object[] source = {filename}; tw.displayStatusDialog(null, form.format(source)); // display the new policy filename TextField newFilename = (TextField)tw.getComponent (tw.MW_FILENAME_TEXTFIELD); newFilename.setText(filename); tw.setVisible(true); // now continue with the originally requested command // (QUIT, NEW, or OPEN) td.setVisible(false); td.dispose(); td.userSaveContinue(tool, tw, td, nextEvent); } catch (FileNotFoundException fnfe) { if (filename == null || filename.equals("")) { tw.displayErrorDialog(null, new FileNotFoundException (PolicyTool.rb.getString("null.filename"))); } else { tw.displayErrorDialog(null, fnfe); } td.setVisible(false); td.dispose(); } catch (Exception ee) { tw.displayErrorDialog(null, ee); td.setVisible(false); td.dispose(); } } } /** * Event handler for AddEntryDoneButton button * * -- if edit is TRUE, then we are EDITing an existing PolicyEntry * and we need to update both the policy and the GUI listing. * if edit is FALSE, then we are ADDing a new PolicyEntry, * so we only need to update the GUI listing. */ class AddEntryDoneButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean edit; AddEntryDoneButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean edit) { this.tool = tool; this.tw = tw; this.td = td; this.edit = edit; } public void actionPerformed(ActionEvent e) { try { // get a PolicyEntry object from the dialog policy info PolicyEntry newEntry = td.getPolicyEntryFromDialog(); PolicyParser.GrantEntry newGe = newEntry.getGrantEntry(); // see if all the signers have public keys if (newGe.signedBy != null) { String signers[] = tool.parseSigners(newGe.signedBy); for (int i = 0; i < signers.length; i++) { PublicKey pubKey = tool.getPublicKeyAlias(signers[i]); if (pubKey == null) { MessageFormat form = new MessageFormat (PolicyTool.rb.getString ("Warning.A.public.key.for.alias.signers.i.does.not.exist.Make.sure.a.KeyStore.is.properly.configured.")); Object[] source = {signers[i]}; tool.warnings.addElement(form.format(source)); tw.displayStatusDialog(td, form.format(source)); } } } // add the entry List policyList = (List)tw.getComponent(tw.MW_POLICY_LIST); if (edit) { int listIndex = policyList.getSelectedIndex(); tool.addEntry(newEntry, listIndex); String newCodeBaseStr = newEntry.headerToString(); if (PolicyTool.collator.compare (newCodeBaseStr, policyList.getItem(listIndex)) != 0) tool.modified = true; policyList.replaceItem(newCodeBaseStr, listIndex); } else { tool.addEntry(newEntry, -1); policyList.add(newEntry.headerToString()); tool.modified = true; } td.setVisible(false); td.dispose(); } catch (Exception eee) { tw.displayErrorDialog(td, eee); } } } /** * Event handler for ChangeKeyStoreOKButton button */ class ChangeKeyStoreOKButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; ChangeKeyStoreOKButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td) { this.tool = tool; this.tw = tw; this.td = td; } public void actionPerformed(ActionEvent e) { String URLString = ((TextField) td.getComponent(td.KSD_NAME_TEXTFIELD)).getText().trim(); String type = ((TextField) td.getComponent(td.KSD_TYPE_TEXTFIELD)).getText().trim(); String provider = ((TextField) td.getComponent(td.KSD_PROVIDER_TEXTFIELD)).getText().trim(); String pwdURL = ((TextField) td.getComponent(td.KSD_PWD_URL_TEXTFIELD)).getText().trim(); try { tool.openKeyStore ((URLString.length() == 0 ? null : URLString), (type.length() == 0 ? null : type), (provider.length() == 0 ? null : provider), (pwdURL.length() == 0 ? null : pwdURL)); tool.modified = true; } catch (Exception ex) { MessageFormat form = new MessageFormat(PolicyTool.rb.getString ("Unable.to.open.KeyStore.ex.toString.")); Object[] source = {ex.toString()}; tw.displayErrorDialog(td, form.format(source)); return; } td.dispose(); } } /** * Event handler for AddPrinButton button */ class AddPrinButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean editPolicyEntry; AddPrinButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean editPolicyEntry) { this.tool = tool; this.tw = tw; this.td = td; this.editPolicyEntry = editPolicyEntry; } public void actionPerformed(ActionEvent e) { // display a dialog box for the user to enter principal info td.displayPrincipalDialog(editPolicyEntry, false); } } /** * Event handler for AddPermButton button */ class AddPermButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean editPolicyEntry; AddPermButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean editPolicyEntry) { this.tool = tool; this.tw = tw; this.td = td; this.editPolicyEntry = editPolicyEntry; } public void actionPerformed(ActionEvent e) { // display a dialog box for the user to enter permission info td.displayPermissionDialog(editPolicyEntry, false); } } /** * Event handler for AddPrinOKButton button */ class NewPolicyPrinOKButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog listDialog; private ToolDialog infoDialog; private boolean edit; NewPolicyPrinOKButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog listDialog, ToolDialog infoDialog, boolean edit) { this.tool = tool; this.tw = tw; this.listDialog = listDialog; this.infoDialog = infoDialog; this.edit = edit; } public void actionPerformed(ActionEvent e) { try { // read in the new principal info from Dialog Box PolicyParser.PrincipalEntry pppe = infoDialog.getPrinFromDialog(); if (pppe != null) { try { tool.verifyPrincipal(pppe.getPrincipalClass(), pppe.getPrincipalName()); } catch (ClassNotFoundException cnfe) { MessageFormat form = new MessageFormat (PolicyTool.rb.getString ("Warning.Class.not.found.class")); Object[] source = {pppe.getPrincipalClass()}; tool.warnings.addElement(form.format(source)); tw.displayStatusDialog(infoDialog, form.format(source)); } // add the principal to the GUI principal list TaggedList prinList = (TaggedList)listDialog.getComponent(listDialog.PE_PRIN_LIST); String prinString = ToolDialog.PrincipalEntryToUserFriendlyString(pppe); if (edit) { // if editing, replace the original principal int index = prinList.getSelectedIndex(); prinList.replaceTaggedItem(prinString, pppe, index); } else { // if adding, just add it to the end prinList.addTaggedItem(prinString, pppe); } } infoDialog.dispose(); } catch (Exception ee) { tw.displayErrorDialog(infoDialog, ee); } } } /** * Event handler for AddPermOKButton button */ class NewPolicyPermOKButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog listDialog; private ToolDialog infoDialog; private boolean edit; NewPolicyPermOKButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog listDialog, ToolDialog infoDialog, boolean edit) { this.tool = tool; this.tw = tw; this.listDialog = listDialog; this.infoDialog = infoDialog; this.edit = edit; } public void actionPerformed(ActionEvent e) { try { // read in the new permission info from Dialog Box PolicyParser.PermissionEntry pppe = infoDialog.getPermFromDialog(); try { tool.verifyPermission(pppe.permission, pppe.name, pppe.action); } catch (ClassNotFoundException cnfe) { MessageFormat form = new MessageFormat(PolicyTool.rb.getString ("Warning.Class.not.found.class")); Object[] source = {pppe.permission}; tool.warnings.addElement(form.format(source)); tw.displayStatusDialog(infoDialog, form.format(source)); } // add the permission to the GUI permission list TaggedList permList = (TaggedList)listDialog.getComponent(listDialog.PE_PERM_LIST); String permString = ToolDialog.PermissionEntryToUserFriendlyString(pppe); if (edit) { // if editing, replace the original permission int which = permList.getSelectedIndex(); permList.replaceTaggedItem(permString, pppe, which); } else { // if adding, just add it to the end permList.addTaggedItem(permString, pppe); } infoDialog.dispose(); } catch (InvocationTargetException ite) { tw.displayErrorDialog(infoDialog, ite.getTargetException()); } catch (Exception ee) { tw.displayErrorDialog(infoDialog, ee); } } } /** * Event handler for RemovePrinButton button */ class RemovePrinButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean edit; RemovePrinButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean edit) { this.tool = tool; this.tw = tw; this.td = td; this.edit = edit; } public void actionPerformed(ActionEvent e) { // get the Principal selected from the Principal List TaggedList prinList = (TaggedList)td.getComponent(td.PE_PRIN_LIST); int prinIndex = prinList.getSelectedIndex(); if (prinIndex < 0) { tw.displayErrorDialog(td, new Exception (PolicyTool.rb.getString("No.principal.selected"))); return; } // remove the principal from the display prinList.removeTaggedItem(prinIndex); } } /** * Event handler for RemovePermButton button */ class RemovePermButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean edit; RemovePermButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean edit) { this.tool = tool; this.tw = tw; this.td = td; this.edit = edit; } public void actionPerformed(ActionEvent e) { // get the Permission selected from the Permission List TaggedList permList = (TaggedList)td.getComponent(td.PE_PERM_LIST); int permIndex = permList.getSelectedIndex(); if (permIndex < 0) { tw.displayErrorDialog(td, new Exception (PolicyTool.rb.getString("No.permission.selected"))); return; } // remove the permission from the display permList.removeTaggedItem(permIndex); } } /** * Event handler for Edit Principal button * * We need the editPolicyEntry boolean to tell us if the user is * adding a new PolicyEntry at this time, or editing an existing entry. * If the user is adding a new PolicyEntry, we ONLY update the * GUI listing. If the user is editing an existing PolicyEntry, we * update both the GUI listing and the actual PolicyEntry. */ class EditPrinButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean editPolicyEntry; EditPrinButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean editPolicyEntry) { this.tool = tool; this.tw = tw; this.td = td; this.editPolicyEntry = editPolicyEntry; } public void actionPerformed(ActionEvent e) { // get the Principal selected from the Principal List TaggedList list = (TaggedList)td.getComponent(td.PE_PRIN_LIST); int prinIndex = list.getSelectedIndex(); if (prinIndex < 0) { tw.displayErrorDialog(td, new Exception (PolicyTool.rb.getString("No.principal.selected"))); return; } td.displayPrincipalDialog(editPolicyEntry, true); } } /** * Event handler for Edit Permission button * * We need the editPolicyEntry boolean to tell us if the user is * adding a new PolicyEntry at this time, or editing an existing entry. * If the user is adding a new PolicyEntry, we ONLY update the * GUI listing. If the user is editing an existing PolicyEntry, we * update both the GUI listing and the actual PolicyEntry. */ class EditPermButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog td; private boolean editPolicyEntry; EditPermButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog td, boolean editPolicyEntry) { this.tool = tool; this.tw = tw; this.td = td; this.editPolicyEntry = editPolicyEntry; } public void actionPerformed(ActionEvent e) { // get the Permission selected from the Permission List List list = (List)td.getComponent(td.PE_PERM_LIST); int permIndex = list.getSelectedIndex(); if (permIndex < 0) { tw.displayErrorDialog(td, new Exception (PolicyTool.rb.getString("No.permission.selected"))); return; } td.displayPermissionDialog(editPolicyEntry, true); } } /** * Event handler for Principal Popup Menu */ class PrincipalTypeMenuListener implements ItemListener { private ToolDialog td; PrincipalTypeMenuListener(ToolDialog td) { this.td = td; } public void itemStateChanged(ItemEvent e) { Choice prin = (Choice)td.getComponent(td.PRD_PRIN_CHOICE); TextField prinField = (TextField)td.getComponent(td.PRD_PRIN_TEXTFIELD); TextField nameField = (TextField)td.getComponent(td.PRD_NAME_TEXTFIELD); prin.getAccessibleContext().setAccessibleName( PolicyTool.splitToWords((String)e.getItem())); if (((String)e.getItem()).equals(td.PRIN_TYPE)) { // ignore if they choose "Principal Type:" item if (prinField.getText() != null && prinField.getText().length() > 0) { Prin inputPrin = td.getPrin(prinField.getText(), true); prin.select(inputPrin.CLASS); } return; } // if you change the principal, clear the name if (prinField.getText().indexOf((String)e.getItem()) == -1) { nameField.setText(""); } // set the text in the textfield and also modify the // pull-down choice menus to reflect the correct possible // set of names and actions Prin inputPrin = td.getPrin((String)e.getItem(), false); if (inputPrin != null) { prinField.setText(inputPrin.FULL_CLASS); } } } /** * Event handler for Permission Popup Menu */ class PermissionMenuListener implements ItemListener { private ToolDialog td; PermissionMenuListener(ToolDialog td) { this.td = td; } public void itemStateChanged(ItemEvent e) { Choice perms = (Choice)td.getComponent(td.PD_PERM_CHOICE); Choice names = (Choice)td.getComponent(td.PD_NAME_CHOICE); Choice actions = (Choice)td.getComponent(td.PD_ACTIONS_CHOICE); TextField nameField = (TextField)td.getComponent(td.PD_NAME_TEXTFIELD); TextField actionsField = (TextField)td.getComponent(td.PD_ACTIONS_TEXTFIELD); TextField permField = (TextField)td.getComponent(td.PD_PERM_TEXTFIELD); TextField signedbyField = (TextField)td.getComponent(td.PD_SIGNEDBY_TEXTFIELD); perms.getAccessibleContext().setAccessibleName( PolicyTool.splitToWords((String)e.getItem())); // ignore if they choose the 'Permission:' item if (PolicyTool.collator.compare((String)e.getItem(), td.PERM) == 0) { if (permField.getText() != null && permField.getText().length() > 0) { Perm inputPerm = td.getPerm(permField.getText(), true); if (inputPerm != null) { perms.select(inputPerm.CLASS); } } return; } // if you change the permission, clear the name, actions, and signedBy if (permField.getText().indexOf((String)e.getItem()) == -1) { nameField.setText(""); actionsField.setText(""); signedbyField.setText(""); } // set the text in the textfield and also modify the // pull-down choice menus to reflect the correct possible // set of names and actions Perm inputPerm = td.getPerm((String)e.getItem(), false); if (inputPerm == null) { permField.setText(""); } else { permField.setText(inputPerm.FULL_CLASS); } td.setPermissionNames(inputPerm, names, nameField); td.setPermissionActions(inputPerm, actions, actionsField); } } /** * Event handler for Permission Name Popup Menu */ class PermissionNameMenuListener implements ItemListener { private ToolDialog td; PermissionNameMenuListener(ToolDialog td) { this.td = td; } public void itemStateChanged(ItemEvent e) { Choice names = (Choice)td.getComponent(td.PD_NAME_CHOICE); names.getAccessibleContext().setAccessibleName( PolicyTool.splitToWords((String)e.getItem())); if (((String)e.getItem()).indexOf(td.PERM_NAME) != -1) return; TextField tf = (TextField)td.getComponent(td.PD_NAME_TEXTFIELD); tf.setText((String)e.getItem()); } } /** * Event handler for Permission Actions Popup Menu */ class PermissionActionsMenuListener implements ItemListener { private ToolDialog td; PermissionActionsMenuListener(ToolDialog td) { this.td = td; } public void itemStateChanged(ItemEvent e) { Choice actions = (Choice)td.getComponent(td.PD_ACTIONS_CHOICE); actions.getAccessibleContext().setAccessibleName((String)e.getItem()); if (((String)e.getItem()).indexOf(td.PERM_ACTIONS) != -1) return; TextField tf = (TextField)td.getComponent(td.PD_ACTIONS_TEXTFIELD); if (tf.getText() == null || tf.getText().equals("")) { tf.setText((String)e.getItem()); } else { if (tf.getText().indexOf((String)e.getItem()) == -1) tf.setText(tf.getText() + ", " + (String)e.getItem()); } } } /** * Event handler for all the children dialogs/windows */ class ChildWindowListener implements WindowListener { private ToolDialog td; ChildWindowListener(ToolDialog td) { this.td = td; } public void windowOpened(WindowEvent we) { } public void windowClosing(WindowEvent we) { // same as pressing the "cancel" button td.setVisible(false); td.dispose(); } public void windowClosed(WindowEvent we) { } public void windowIconified(WindowEvent we) { } public void windowDeiconified(WindowEvent we) { } public void windowActivated(WindowEvent we) { } public void windowDeactivated(WindowEvent we) { } } /** * Event handler for CancelButton button */ class CancelButtonListener implements ActionListener { private ToolDialog td; CancelButtonListener(ToolDialog td) { this.td = td; } public void actionPerformed(ActionEvent e) { td.setVisible(false); td.dispose(); } } /** * Event handler for ErrorOKButton button */ class ErrorOKButtonListener implements ActionListener { private ToolDialog ed; ErrorOKButtonListener(ToolDialog ed) { this.ed = ed; } public void actionPerformed(ActionEvent e) { ed.setVisible(false); ed.dispose(); } } /** * Event handler for StatusOKButton button */ class StatusOKButtonListener implements ActionListener { private ToolDialog sd; StatusOKButtonListener(ToolDialog sd) { this.sd = sd; } public void actionPerformed(ActionEvent e) { sd.setVisible(false); sd.dispose(); } } /** * Event handler for UserSaveYes button */ class UserSaveYesButtonListener implements ActionListener { private ToolDialog us; private PolicyTool tool; private ToolWindow tw; private int select; UserSaveYesButtonListener(ToolDialog us, PolicyTool tool, ToolWindow tw, int select) { this.us = us; this.tool = tool; this.tw = tw; this.select = select; } public void actionPerformed(ActionEvent e) { // first get rid of the window us.setVisible(false); us.dispose(); try { String filename = ((TextField) tw.getComponent(tw.MW_FILENAME_TEXTFIELD)).getText(); if (filename == null || filename.equals("")) { us.displaySaveAsDialog(select); // the above dialog will continue with the originally // requested command if necessary } else { // save the policy entries to a file tool.savePolicy(filename); // display status MessageFormat form = new MessageFormat (PolicyTool.rb.getString ("Policy.successfully.written.to.filename")); Object[] source = {filename}; tw.displayStatusDialog(null, form.format(source)); // now continue with the originally requested command // (QUIT, NEW, or OPEN) us.userSaveContinue(tool, tw, us, select); } } catch (Exception ee) { // error -- just report it and bail tw.displayErrorDialog(null, ee); } } } /** * Event handler for UserSaveNoButton */ class UserSaveNoButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog us; private int select; UserSaveNoButtonListener(ToolDialog us, PolicyTool tool, ToolWindow tw, int select) { this.us = us; this.tool = tool; this.tw = tw; this.select = select; } public void actionPerformed(ActionEvent e) { us.setVisible(false); us.dispose(); // now continue with the originally requested command // (QUIT, NEW, or OPEN) us.userSaveContinue(tool, tw, us, select); } } /** * Event handler for UserSaveCancelButton */ class UserSaveCancelButtonListener implements ActionListener { private ToolDialog us; UserSaveCancelButtonListener(ToolDialog us) { this.us = us; } public void actionPerformed(ActionEvent e) { us.setVisible(false); us.dispose(); // do NOT continue with the originally requested command // (QUIT, NEW, or OPEN) } } /** * Event handler for ConfirmRemovePolicyEntryOKButtonListener */ class ConfirmRemovePolicyEntryOKButtonListener implements ActionListener { private PolicyTool tool; private ToolWindow tw; private ToolDialog us; ConfirmRemovePolicyEntryOKButtonListener(PolicyTool tool, ToolWindow tw, ToolDialog us) { this.tool = tool; this.tw = tw; this.us = us; } public void actionPerformed(ActionEvent e) { // remove the entry List list = (List)tw.getComponent(tw.MW_POLICY_LIST); int index = list.getSelectedIndex(); PolicyEntry entries[] = tool.getEntry(); tool.removeEntry(entries[index]); // redraw the window listing list = new List(40, false); list.addActionListener(new PolicyListListener(tool, tw)); entries = tool.getEntry(); if (entries != null) { for (int i = 0; i < entries.length; i++) list.add(entries[i].headerToString()); } tw.replacePolicyList(list); us.setVisible(false); us.dispose(); } } /** * Just a special name, so that the codes dealing with this exception knows * it's special, and does not pop out a warning box. */ class NoDisplayException extends RuntimeException { } /** * This is a java.awt.List that bind an Object to each String it holds. */ class TaggedList extends List { private java.util.List data = new LinkedList(); public TaggedList(int i, boolean b) { super(i, b); } public Object getObject(int index) { return data.get(index); } @Override @Deprecated public void add(String string) { throw new AssertionError("should not call add in TaggedList"); } public void addTaggedItem(String string, Object object) { super.add(string); data.add(object); } @Override @Deprecated public void replaceItem(String string, int index) { throw new AssertionError("should not call replaceItem in TaggedList"); } public void replaceTaggedItem(String string, Object object, int index) { super.replaceItem(string, index); data.set(index, object); } @Override @Deprecated public void remove(int index) { // Cannot throw AssertionError, because replaceItem() call remove() internally super.remove(index); } public void removeTaggedItem(int index) { super.remove(index); data.remove(index); } } /** * Convenience Principal Classes */ class Prin { public final String CLASS; public final String FULL_CLASS; public Prin(String clazz, String fullClass) { this.CLASS = clazz; this.FULL_CLASS = fullClass; } } class KrbPrin extends Prin { public KrbPrin() { super("KerberosPrincipal", "javax.security.auth.kerberos.KerberosPrincipal"); } } class X500Prin extends Prin { public X500Prin() { super("X500Principal", "javax.security.auth.x500.X500Principal"); } } /** * Convenience Permission Classes */ class Perm { public final String CLASS; public final String FULL_CLASS; public final String[] TARGETS; public final String[] ACTIONS; public Perm(String clazz, String fullClass, String[] targets, String[] actions) { this.CLASS = clazz; this.FULL_CLASS = fullClass; this.TARGETS = targets; this.ACTIONS = actions; } } class AllPerm extends Perm { public AllPerm() { super("AllPermission", "java.security.AllPermission", null, null); } } class AudioPerm extends Perm { public AudioPerm() { super("AudioPermission", "javax.sound.sampled.AudioPermission", new String[] { "play", "record" }, null); } } class AuthPerm extends Perm { public AuthPerm() { super("AuthPermission", "javax.security.auth.AuthPermission", new String[] { "doAs", "doAsPrivileged", "getSubject", "getSubjectFromDomainCombiner", "setReadOnly", "modifyPrincipals", "modifyPublicCredentials", "modifyPrivateCredentials", "refreshCredential", "destroyCredential", "createLoginContext.<" + PolicyTool.rb.getString("name") + ">", "getLoginConfiguration", "setLoginConfiguration", "createLoginConfiguration.<" + PolicyTool.rb.getString("configuration.type") + ">", "refreshLoginConfiguration" }, null); } } class AWTPerm extends Perm { public AWTPerm() { super("AWTPermission", "java.awt.AWTPermission", new String[] { "accessClipboard", "accessEventQueue", "accessSystemTray", "createRobot", "fullScreenExclusive", "listenToAllAWTEvents", "readDisplayPixels", "replaceKeyboardFocusManager", "setAppletStub", "setWindowAlwaysOnTop", "showWindowWithoutWarningBanner", "toolkitModality", "watchMousePointer" }, null); } } class DelegationPerm extends Perm { public DelegationPerm() { super("DelegationPermission", "javax.security.auth.kerberos.DelegationPermission", new String[] { // allow user input }, null); } } class FilePerm extends Perm { public FilePerm() { super("FilePermission", "java.io.FilePermission", new String[] { "<>" }, new String[] { "read", "write", "delete", "execute" }); } } class InqSecContextPerm extends Perm { public InqSecContextPerm() { super("InquireSecContextPermission", "com.sun.security.jgss.InquireSecContextPermission", new String[] { "KRB5_GET_SESSION_KEY", "KRB5_GET_TKT_FLAGS", "KRB5_GET_AUTHZ_DATA", "KRB5_GET_AUTHTIME" }, null); } } class LogPerm extends Perm { public LogPerm() { super("LoggingPermission", "java.util.logging.LoggingPermission", new String[] { "control" }, null); } } class MgmtPerm extends Perm { public MgmtPerm() { super("ManagementPermission", "java.lang.management.ManagementPermission", new String[] { "control", "monitor" }, null); } } class MBeanPerm extends Perm { public MBeanPerm() { super("MBeanPermission", "javax.management.MBeanPermission", new String[] { // allow user input }, new String[] { "addNotificationListener", "getAttribute", "getClassLoader", "getClassLoaderFor", "getClassLoaderRepository", "getDomains", "getMBeanInfo", "getObjectInstance", "instantiate", "invoke", "isInstanceOf", "queryMBeans", "queryNames", "registerMBean", "removeNotificationListener", "setAttribute", "unregisterMBean" }); } } class MBeanSvrPerm extends Perm { public MBeanSvrPerm() { super("MBeanServerPermission", "javax.management.MBeanServerPermission", new String[] { "createMBeanServer", "findMBeanServer", "newMBeanServer", "releaseMBeanServer" }, null); } } class MBeanTrustPerm extends Perm { public MBeanTrustPerm() { super("MBeanTrustPermission", "javax.management.MBeanTrustPermission", new String[] { "register" }, null); } } class NetPerm extends Perm { public NetPerm() { super("NetPermission", "java.net.NetPermission", new String[] { "setDefaultAuthenticator", "requestPasswordAuthentication", "specifyStreamHandler", "setProxySelector", "getProxySelector", "setCookieHandler", "getCookieHandler", "setResponseCache", "getResponseCache" }, null); } } class PrivCredPerm extends Perm { public PrivCredPerm() { super("PrivateCredentialPermission", "javax.security.auth.PrivateCredentialPermission", new String[] { // allow user input }, new String[] { "read" }); } } class PropPerm extends Perm { public PropPerm() { super("PropertyPermission", "java.util.PropertyPermission", new String[] { // allow user input }, new String[] { "read", "write" }); } } class ReflectPerm extends Perm { public ReflectPerm() { super("ReflectPermission", "java.lang.reflect.ReflectPermission", new String[] { "suppressAccessChecks" }, null); } } class RuntimePerm extends Perm { public RuntimePerm() { super("RuntimePermission", "java.lang.RuntimePermission", new String[] { "createClassLoader", "getClassLoader", "setContextClassLoader", "enableContextClassLoaderOverride", "setSecurityManager", "createSecurityManager", "getenv.<" + PolicyTool.rb.getString("environment.variable.name") + ">", "exitVM", "shutdownHooks", "setFactory", "setIO", "modifyThread", "stopThread", "modifyThreadGroup", "getProtectionDomain", "readFileDescriptor", "writeFileDescriptor", "loadLibrary.<" + PolicyTool.rb.getString("library.name") + ">", "accessClassInPackage.<" + PolicyTool.rb.getString("package.name")+">", "defineClassInPackage.<" + PolicyTool.rb.getString("package.name")+">", "accessDeclaredMembers", "queuePrintJob", "getStackTrace", "setDefaultUncaughtExceptionHandler", "preferences", "usePolicy", // "inheritedChannel" }, null); } } class SecurityPerm extends Perm { public SecurityPerm() { super("SecurityPermission", "java.security.SecurityPermission", new String[] { "createAccessControlContext", "getDomainCombiner", "getPolicy", "setPolicy", "createPolicy.<" + PolicyTool.rb.getString("policy.type") + ">", "getProperty.<" + PolicyTool.rb.getString("property.name") + ">", "setProperty.<" + PolicyTool.rb.getString("property.name") + ">", "insertProvider.<" + PolicyTool.rb.getString("provider.name") + ">", "removeProvider.<" + PolicyTool.rb.getString("provider.name") + ">", //"setSystemScope", //"setIdentityPublicKey", //"setIdentityInfo", //"addIdentityCertificate", //"removeIdentityCertificate", //"printIdentity", "clearProviderProperties.<" + PolicyTool.rb.getString("provider.name") + ">", "putProviderProperty.<" + PolicyTool.rb.getString("provider.name") + ">", "removeProviderProperty.<" + PolicyTool.rb.getString("provider.name") + ">", //"getSignerPrivateKey", //"setSignerKeyPair" }, null); } } class SerialPerm extends Perm { public SerialPerm() { super("SerializablePermission", "java.io.SerializablePermission", new String[] { "enableSubclassImplementation", "enableSubstitution" }, null); } } class ServicePerm extends Perm { public ServicePerm() { super("ServicePermission", "javax.security.auth.kerberos.ServicePermission", new String[] { // allow user input }, new String[] { "initiate", "accept" }); } } class SocketPerm extends Perm { public SocketPerm() { super("SocketPermission", "java.net.SocketPermission", new String[] { // allow user input }, new String[] { "accept", "connect", "listen", "resolve" }); } } class SQLPerm extends Perm { public SQLPerm() { super("SQLPermission", "java.sql.SQLPermission", new String[] { "setLog", "callAbort", "setSyncFactory", "setNetworkTimeout", }, null); } } class SSLPerm extends Perm { public SSLPerm() { super("SSLPermission", "javax.net.ssl.SSLPermission", new String[] { "setHostnameVerifier", "getSSLSessionContext" }, null); } } class SubjDelegPerm extends Perm { public SubjDelegPerm() { super("SubjectDelegationPermission", "javax.management.remote.SubjectDelegationPermission", new String[] { // allow user input }, null); } }