001
014
015 package com.liferay.portal.security.pacl.checker;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019
020 import java.security.Permission;
021
022 import java.util.ArrayList;
023 import java.util.List;
024 import java.util.Set;
025 import java.util.regex.Matcher;
026 import java.util.regex.Pattern;
027
028
032 public class JNDIChecker extends BaseChecker {
033
034 public void afterPropertiesSet() {
035 initNames();
036 }
037
038 public void checkPermission(Permission permission) {
039 throw new UnsupportedOperationException();
040 }
041
042 @Override
043 public AuthorizationProperty generateAuthorizationProperty(
044 Object... arguments) {
045
046 if ((arguments == null) || (arguments.length != 1) ||
047 !(arguments[0] instanceof String)) {
048
049 return null;
050 }
051
052 AuthorizationProperty authorizationProperty =
053 new AuthorizationProperty();
054
055 authorizationProperty.setKey("security-manager-jndi-names");
056 authorizationProperty.setValue((String)arguments[0]);
057
058 return authorizationProperty;
059 }
060
061 public boolean hasJNDI(String name) {
062 for (Pattern pattern : _patterns) {
063 Matcher matcher = pattern.matcher(name);
064
065 if (matcher.matches()) {
066 return true;
067 }
068 }
069
070 return false;
071 }
072
073 protected void initNames() {
074 Set<String> names = getPropertySet("security-manager-jndi-names");
075
076 _patterns = new ArrayList<Pattern>(names.size());
077
078 for (String name : names) {
079 Pattern pattern = Pattern.compile(name);
080
081 _patterns.add(pattern);
082
083 if (_log.isDebugEnabled()) {
084 _log.debug(
085 "Allowing access to JNDI names that match the regular " +
086 "expression " + name);
087 }
088 }
089 }
090
091 private static Log _log = LogFactoryUtil.getLog(JNDIChecker.class);
092
093 private List<Pattern> _patterns;
094
095 }