| /* |
| * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| package com.sun.org.apache.xerces.internal.utils; |
| |
| import com.sun.org.apache.xerces.internal.impl.Constants; |
| import javax.xml.XMLConstants; |
| |
| /** |
| * This class manages security related properties |
| * |
| */ |
| public final class XMLSecurityPropertyManager { |
| |
| /** |
| * States of the settings of a property, in the order: default value, value |
| * set by FEATURE_SECURE_PROCESSING, jaxp.properties file, jaxp system |
| * properties, and jaxp api properties |
| */ |
| public static enum State { |
| //this order reflects the overriding order |
| DEFAULT, FSP, JAXPDOTPROPERTIES, SYSTEMPROPERTY, APIPROPERTY |
| } |
| |
| /** |
| * Limits managed by the security manager |
| */ |
| public static enum Property { |
| ACCESS_EXTERNAL_DTD(XMLConstants.ACCESS_EXTERNAL_DTD, |
| Constants.EXTERNAL_ACCESS_DEFAULT), |
| ACCESS_EXTERNAL_SCHEMA(XMLConstants.ACCESS_EXTERNAL_SCHEMA, |
| Constants.EXTERNAL_ACCESS_DEFAULT); |
| |
| final String name; |
| final String defaultValue; |
| |
| Property(String name, String value) { |
| this.name = name; |
| this.defaultValue = value; |
| } |
| |
| public boolean equalsName(String propertyName) { |
| return (propertyName == null) ? false : name.equals(propertyName); |
| } |
| |
| String defaultValue() { |
| return defaultValue; |
| } |
| } |
| |
| /** |
| * Values of the properties as defined in enum Properties |
| */ |
| private final String[] values; |
| /** |
| * States of the settings for each property in Properties above |
| */ |
| private State[] states = {State.DEFAULT, State.DEFAULT}; |
| |
| /** |
| * Default constructor. Establishes default values |
| */ |
| public XMLSecurityPropertyManager() { |
| values = new String[Property.values().length]; |
| for (Property property : Property.values()) { |
| values[property.ordinal()] = property.defaultValue(); |
| } |
| //read system properties or jaxp.properties |
| readSystemProperties(); |
| } |
| |
| |
| /** |
| * Set limit by property name and state |
| * @param propertyName property name |
| * @param state the state of the property |
| * @param value the value of the property |
| * @return true if the property is managed by the security property manager; |
| * false if otherwise. |
| */ |
| public boolean setValue(String propertyName, State state, Object value) { |
| int index = getIndex(propertyName); |
| if (index > -1) { |
| setValue(index, state, (String)value); |
| return true; |
| } |
| return false; |
| } |
| |
| /** |
| * Set the value for a specific property. |
| * |
| * @param property the property |
| * @param state the state of the property |
| * @param value the value of the property |
| */ |
| public void setValue(Property property, State state, String value) { |
| //only update if it shall override |
| if (state.compareTo(states[property.ordinal()]) >= 0) { |
| values[property.ordinal()] = value; |
| states[property.ordinal()] = state; |
| } |
| } |
| |
| /** |
| * Set the value of a property by its index |
| * @param index the index of the property |
| * @param state the state of the property |
| * @param value the value of the property |
| */ |
| public void setValue(int index, State state, String value) { |
| //only update if it shall override |
| if (state.compareTo(states[index]) >= 0) { |
| values[index] = value; |
| states[index] = state; |
| } |
| } |
| |
| |
| /** |
| * Return the value of the specified property |
| * |
| * @param propertyName the property name |
| * @return the value of the property as a string |
| */ |
| public String getValue(String propertyName) { |
| int index = getIndex(propertyName); |
| if (index > -1) { |
| return getValueByIndex(index); |
| } |
| |
| return null; |
| } |
| |
| /** |
| * Return the value of the specified property |
| * |
| * @param property the property |
| * @return the value of the property |
| */ |
| public String getValue(Property property) { |
| return values[property.ordinal()]; |
| } |
| |
| /** |
| * Return the value of a property by its ordinal |
| * @param index the index of a property |
| * @return value of a property |
| */ |
| public String getValueByIndex(int index) { |
| return values[index]; |
| } |
| |
| /** |
| * Get the index by property name |
| * @param propertyName property name |
| * @return the index of the property if found; return -1 if not |
| */ |
| public int getIndex(String propertyName){ |
| for (Property property : Property.values()) { |
| if (property.equalsName(propertyName)) { |
| //internally, ordinal is used as index |
| return property.ordinal(); |
| } |
| } |
| return -1; |
| } |
| |
| /** |
| * Read from system properties, or those in jaxp.properties |
| */ |
| private void readSystemProperties() { |
| getSystemProperty(Property.ACCESS_EXTERNAL_DTD, |
| Constants.SP_ACCESS_EXTERNAL_DTD); |
| getSystemProperty(Property.ACCESS_EXTERNAL_SCHEMA, |
| Constants.SP_ACCESS_EXTERNAL_SCHEMA); |
| } |
| |
| /** |
| * Read from system properties, or those in jaxp.properties |
| * |
| * @param property the property |
| * @param systemProperty the name of the system property |
| */ |
| private void getSystemProperty(Property property, String systemProperty) { |
| try { |
| String value = SecuritySupport.getSystemProperty(systemProperty); |
| if (value != null) { |
| values[property.ordinal()] = value; |
| states[property.ordinal()] = State.SYSTEMPROPERTY; |
| return; |
| } |
| |
| value = SecuritySupport.readJAXPProperty(systemProperty); |
| if (value != null) { |
| values[property.ordinal()] = value; |
| states[property.ordinal()] = State.JAXPDOTPROPERTIES; |
| } |
| } catch (NumberFormatException e) { |
| //invalid setting ignored |
| } |
| } |
| } |