com.xml_project.morganaxproc.security
Class XProcSecurityManager

java.lang.Object
  com.xml_project.morganaxproc.security.XProcSecurityManager

Direct Known Subclasses:

StandardXProcSecurityManager

public class XProcSecurityManager
extends java.lang.Object

This class is used to implement security management to protect your system against possible threats from running third party XProc pipelines or while developing new XProc pipeline. For a detailed description on how security management in MorganaXProc works and how you can customize it, see the documentation.

Nested Class Summary

static class	XProcSecurityManager.Operations This enumeration lists the individual operation for which security controls will be performed.
static class	XProcSecurityManager.Strategies The basic security strategies implemented by XProcSecurityManager

Field Summary

static XProcSecurityManager.Operations[]	ALL_HTTP_OPERATIONS A convenience definition: An array with all defined http-operations.
static XProcSecurityManager.Operations[]	ALL_OPERATIONS A convenience definition: An array with all defined operations.

Constructor Summary

XProcSecurityManager(XProcSecurityManager.Strategies strategy)
Constructs a new XProcSecurityManager with the given strategy.

Method Summary

void	addSecurityControl(XProcSecurityManager.Operations[] operations, java.lang.String resourcePath, boolean allowed) Adds security control for a list of operations to this XProcSecurityManager.
void	addSecurityControl(XProcSecurityManager.Operations operation, java.lang.String resourcePath, boolean allowed) Adds a new security control to this XProcSecurityManager.
boolean	checkJavaLoadAllowed() Returns whether an XProc pipeline is allowed to load a step implementation via "java" attribute or not.
XProcSecurityManager	copy() Return a deep copy of this XProcSecurityManager so that changes to one of them does not affect the other.
static java.lang.String	correctURI(java.lang.String uri) Corrects the uri given with the string for file-scheme to the standard form of "file:///"
void	doSecurityControl(XProcSecurityManager.Operations operation, java.lang.String resourcePath) Performs a security control for the given operation and the given resourcePath.
java.util.List<nu.xom.Element>	getSecurityControls() Return a list of xom elements each of them containing one security control set to the security manager.
XProcSecurityManager.Strategies	getStrategy() Return the strategy currently used by the XProcSecurityManager
static XProcSecurityManager.Operations	makeOperationFromMethod(java.lang.String op) Returns the operation for this string representation
void	setJavaLoadAllowed(boolean value) Controls whether a XProc pipeline is allowed to load a step via the "java" attribute.
void	setSecurityControl(nu.xom.Element e) Sets the security controls in this XProcSecurityManager via a xom element.
void	setSecurityControl(nu.xom.Elements elements) Sets the security controls in this XProcSecurityManager via a list of xom elements.
void	setSecurityControl(java.util.List<nu.xom.Element> elements) Sets the security controls in this XProcSecurityManager via a list of xom elements.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ALL_OPERATIONS

public static final XProcSecurityManager.Operations[] ALL_OPERATIONS

A convenience definition: An array with all defined operations.

ALL_HTTP_OPERATIONS

public static final XProcSecurityManager.Operations[] ALL_HTTP_OPERATIONS

A convenience definition: An array with all defined http-operations.

Constructor Detail

XProcSecurityManager

public XProcSecurityManager(XProcSecurityManager.Strategies strategy)

Constructs a new XProcSecurityManager with the given strategy. If strategy is null, an authorian strategy is used. By default java loading of steps in XProc pipeline is not allowed.

Parameters:

strategy - the basic strategy to use in this XProcSecurityManager.

Method Detail

copy

public final XProcSecurityManager copy()

Return a deep copy of this XProcSecurityManager so that changes to one of them does not affect the other.

Returns:

a deep copy of this XProcSecurityManager.

setJavaLoadAllowed

public void setJavaLoadAllowed(boolean value)

Controls whether a XProc pipeline is allowed to load a step via the "java" attribute.

Parameters:

value - true to allow step loading, false to forbid it.

getStrategy

public XProcSecurityManager.Strategies getStrategy()

Return the strategy currently used by the XProcSecurityManager

Returns:

the strategy currently used.

getSecurityControls

public java.util.List<nu.xom.Element> getSecurityControls()

Return a list of xom elements each of them containing one security control set to the security manager. See the documentation for this method.

Returns:

a list of elements with security controls.

setSecurityControl

public void setSecurityControl(nu.xom.Elements elements)
                        throws XProcSecurityException

Sets the security controls in this XProcSecurityManager via a list of xom elements. See the documentation for this method.

Parameters:

elements - the security controls to add to this XProcSecurityManager.

Throws:

XProcSecurityException - if elements does not contain proper security rules.

setSecurityControl

public void setSecurityControl(java.util.List<nu.xom.Element> elements)
                        throws XProcSecurityException

Sets the security controls in this XProcSecurityManager via a list of xom elements. See the documentation for this method.

Parameters:

elements - the security controls to add to this XProcSecurityManager.

Throws:

XProcSecurityException - if elements does not contain proper security rules.

setSecurityControl

public void setSecurityControl(nu.xom.Element e)
                        throws XProcSecurityException

Sets the security controls in this XProcSecurityManager via a xom element. See the documentation for this method.

Parameters:

e - the security control to add to this SecurityManager

Throws:

XProcSecurityException

addSecurityControl

public void addSecurityControl(XProcSecurityManager.Operations operation,
                               java.lang.String resourcePath,
                               boolean allowed)

Adds a new security control to this XProcSecurityManager. Ignored if operation or resourcePath is null.

Parameters:

operation - the operation for which the control applies.

resourcePath - the path (fragment) for which the control applies.

allowed - true if the operation is allowed, otherwise false.

addSecurityControl

public void addSecurityControl(XProcSecurityManager.Operations[] operations,
                               java.lang.String resourcePath,
                               boolean allowed)

Adds security control for a list of operations to this XProcSecurityManager. Ignored if operations is null or resourcePath is null.

Parameters:

operations - an array with the operations for which the control applies.

resourcePath - the path (fragment) for which the control applies.

allowed - true if the operation is allowed, otherwise false.

checkJavaLoadAllowed

public final boolean checkJavaLoadAllowed()

Returns whether an XProc pipeline is allowed to load a step implementation via "java" attribute or not.

Returns:

true if java load is allowed.

doSecurityControl

public final void doSecurityControl(XProcSecurityManager.Operations operation,
                                    java.lang.String resourcePath)
                             throws XProcSecurityException

Performs a security control for the given operation and the given resourcePath. If the operation is not allowed for the path, an XProcSecurityException is thrown. An XProcSecurityException is also thrown, if operation or resourcePath is null.

Parameters:

operation - the operation to check for.

resourcePath - the path (fragment) to check for.

Throws:

XProcSecurityException - if the operation is forbidden on this path, or if operation or resourcePath is null.

makeOperationFromMethod

public static XProcSecurityManager.Operations makeOperationFromMethod(java.lang.String op)

Returns the operation for this string representation

Parameters:

op - a string representation of an operation.

Returns:

an operation or null if op is null or not found.

correctURI

public static java.lang.String correctURI(java.lang.String uri)

Corrects the uri given with the string for file-scheme to the standard form of "file:///"

Parameters:

uri - a string

Returns:

the corrected version, if scheme is string, otherwise uri