001
014
015 package com.liferay.portal.security.pacl.checker;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019
020 import java.security.Permission;
021
022 import java.util.ArrayList;
023 import java.util.List;
024 import java.util.Set;
025 import java.util.regex.Matcher;
026 import java.util.regex.Pattern;
027
028
032 public class JNDIChecker extends BaseChecker {
033
034 public void afterPropertiesSet() {
035 initNames();
036 }
037
038 @Override
039 public AuthorizationProperty generateAuthorizationProperty(
040 Object... arguments) {
041
042 if ((arguments == null) || (arguments.length != 1) ||
043 !(arguments[0] instanceof String)) {
044
045 return null;
046 }
047
048 AuthorizationProperty authorizationProperty =
049 new AuthorizationProperty();
050
051 authorizationProperty.setKey("security-manager-jndi-names");
052 authorizationProperty.setValue((String)arguments[0]);
053
054 return authorizationProperty;
055 }
056
057 public boolean hasJNDI(String name) {
058 for (Pattern pattern : _patterns) {
059 Matcher matcher = pattern.matcher(name);
060
061 if (matcher.matches()) {
062 return true;
063 }
064 }
065
066 return false;
067 }
068
069 public boolean implies(Permission permission) {
070 throw new UnsupportedOperationException();
071 }
072
073 protected void initNames() {
074 Set<String> names = getPropertySet("security-manager-jndi-names");
075
076 _patterns = new ArrayList<Pattern>(names.size());
077
078 for (String name : names) {
079 Pattern pattern = Pattern.compile(name);
080
081 _patterns.add(pattern);
082
083 if (_log.isDebugEnabled()) {
084 _log.debug(
085 "Allowing access to JNDI names that match the regular " +
086 "expression " + name);
087 }
088 }
089 }
090
091 private static Log _log = LogFactoryUtil.getLog(JNDIChecker.class);
092
093 private List<Pattern> _patterns;
094
095 }