Mercurial > hg > release > icedtea-web-1.0
changeset 43:88d31285a14b
add configuration support for user prompts and other access control options
2010-11-18 Omair Majid <omajid@redhat.com>
* netx/net/sourceforge/jnlp/SecurityDesc.java: Remove window banner
permissions from sandboxPermissions and j2eePermissions.
(getSandBoxPermissions): Dynamically add window banner permissions
if allowed by configuration.
* netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java:
Add KEY_SECURITY_PROMPT_USER,
KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING,
KEY_SECURITY_PROMPT_USER_FOR_JNLP, and
KEY_SECURITY_INSTALL_AUTHENTICATOR.
(loadDefaultProperties): Use the new constants.
* netx/net/sourceforge/jnlp/security/SecurityWarning.java
(showAccessWarningDialog): Check if the user should be prompted
before prompting the user.
(showNotAllSignedWarningDialog): Likewise.
(showCertWarningDialog): Likewise.
(showAppletWarning): Likewise.
(shouldPromptUser): New method. Check if configuration allows
showing user prompts.
* netx/net/sourceforge/jnlp/services/ServiceUtil.java
(checkAccess(AccessType,Object...)): Clarify javadocs.
(checkAccess(ApplicationInstance,AccessType,Object...)): Clarify
javadocs. Only prompt the user if showing JNLP prompts is ok.
(shouldPromptUser): New method. Returns true if configuration allows
for showing JNLP api prompts.
* plugin/icedteanp/java/sun/applet/PluginMain.java
(init): Only install custom authenticator if allowed by
configuration.
author | Omair Majid <omajid@redhat.com> |
---|---|
date | Thu, 18 Nov 2010 11:55:26 -0500 |
parents | fbd9bf9c90cb |
children | 5a9f55d67b50 |
files | ChangeLog netx/net/sourceforge/jnlp/SecurityDesc.java netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java netx/net/sourceforge/jnlp/security/SecurityWarning.java netx/net/sourceforge/jnlp/services/ServiceUtil.java plugin/icedteanp/java/sun/applet/PluginMain.java |
diffstat | 6 files changed, 126 insertions(+), 12 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Thu Nov 18 11:12:10 2010 -0500 +++ b/ChangeLog Thu Nov 18 11:55:26 2010 -0500 @@ -1,3 +1,33 @@ +2010-11-18 Omair Majid <omajid@redhat.com> + + * netx/net/sourceforge/jnlp/SecurityDesc.java: Remove window banner + permissions from sandboxPermissions and j2eePermissions. + (getSandBoxPermissions): Dynamically add window banner permissions + if allowed by configuration. + * netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java: + Add KEY_SECURITY_PROMPT_USER, + KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING, + KEY_SECURITY_PROMPT_USER_FOR_JNLP, and + KEY_SECURITY_INSTALL_AUTHENTICATOR. + (loadDefaultProperties): Use the new constants. + * netx/net/sourceforge/jnlp/security/SecurityWarning.java + (showAccessWarningDialog): Check if the user should be prompted + before prompting the user. + (showNotAllSignedWarningDialog): Likewise. + (showCertWarningDialog): Likewise. + (showAppletWarning): Likewise. + (shouldPromptUser): New method. Check if configuration allows + showing user prompts. + * netx/net/sourceforge/jnlp/services/ServiceUtil.java + (checkAccess(AccessType,Object...)): Clarify javadocs. + (checkAccess(ApplicationInstance,AccessType,Object...)): Clarify + javadocs. Only prompt the user if showing JNLP prompts is ok. + (shouldPromptUser): New method. Returns true if configuration allows + for showing JNLP api prompts. + * plugin/icedteanp/java/sun/applet/PluginMain.java + (init): Only install custom authenticator if allowed by + configuration. + 2010-11-18 Omair Majid <omajid@redhat.com> * netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java:
--- a/netx/net/sourceforge/jnlp/SecurityDesc.java Thu Nov 18 11:12:10 2010 -0500 +++ b/netx/net/sourceforge/jnlp/SecurityDesc.java Thu Nov 18 11:55:26 2010 -0500 @@ -23,6 +23,9 @@ import java.security.*; import java.awt.AWTPermission; +import net.sourceforge.jnlp.runtime.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.JNLPRuntime; + /** * The security element. * @@ -67,7 +70,6 @@ // queues, or even prevent access to security dialog queues. // // new AWTPermission("accessEventQueue"), - new AWTPermission("showWindowWithoutWarningBanner"), new RuntimePermission("exitVM"), new RuntimePermission("loadLibrary"), new RuntimePermission("queuePrintJob"), @@ -105,7 +107,6 @@ new PropertyPermission("javaws.*", "read,write"), new RuntimePermission("exitVM"), new RuntimePermission("stopThread"), - new AWTPermission("showWindowWithoutWarningBanner"), // disabled because we can't at this time prevent an // application from accessing other applications' event // queues, or even prevent access to security dialog queues. @@ -187,6 +188,11 @@ for (int i=0; i < sandboxPermissions.length; i++) permissions.add(sandboxPermissions[i]); + String key = DeploymentConfiguration.KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING; + if (Boolean.valueOf(JNLPRuntime.getConfiguration().getProperty(key)) == Boolean.TRUE) { + permissions.add(new AWTPermission("showWindowWithoutWarningBanner")); + } + if (file.isApplication()) for (int i=0; i < jnlpRIAPermissions.length; i++) permissions.add(jnlpRIAPermissions[i]);
--- a/netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java Thu Nov 18 11:12:10 2010 -0500 +++ b/netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java Thu Nov 18 11:55:26 2010 -0500 @@ -17,6 +17,7 @@ package net.sourceforge.jnlp.runtime; +import java.awt.AWTPermission; import java.io.BufferedOutputStream; import java.io.BufferedReader; import java.io.File; @@ -154,8 +155,32 @@ public static final String KEY_SYSTEM_TRUSTED_JSSE_CERTS = "deployment.system.security.trusted.jssecerts"; public static final String KEY_SYSTEM_TRUSTED_CLIENT_CERTS = "deployment.system.security.trusted.clientautcerts"; + /* + * Security and access control + */ + + /** Boolean. Only show security prompts to user if true */ + public static final String KEY_SECURITY_PROMPT_USER = "deployment.security.askgrantdialog.show"; + + /** Boolean. Only give AWTPermission("showWindowWithoutWarningBanner") if true */ + public static final String KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING = "deployment.security.sandbox.awtwarningwindow"; + + /** Boolean. Only prompt user for granting any JNLP permissions if true */ + public static final String KEY_SECURITY_PROMPT_USER_FOR_JNLP = "deployment.security.sandbox.jnlp.enhanced"; + + /** Boolean. Only install the custom authenticator if true */ + public static final String KEY_SECURITY_INSTALL_AUTHENTICATOR = "deployment.security.authenticator"; + + /* + * Tracing and Logging + */ + public static final String KEY_ENABLE_LOGGING = "deployment.log"; + /* + * Desktop Integration + */ + public static final String KEY_CREATE_DESKTOP_SHORTCUT = "deployment.javaws.shortcut"; public static final String KEY_BROWSER_PATH = "deployment.browser.path"; @@ -345,15 +370,15 @@ { KEY_SYSTEM_TRUSTED_JSSE_CERTS, SYSTEM_SECURITY + File.separator + "trusted.jssecerts" }, { KEY_SYSTEM_TRUSTED_CLIENT_CERTS, SYSTEM_SECURITY + File.separator + "trusted.clientcerts" }, /* security access and control */ - { "deployment.security.askgrantdialog.show", String.valueOf(true) }, + { KEY_SECURITY_PROMPT_USER, String.valueOf(true) }, { "deployment.security.askgrantdialog.notinca", String.valueOf(true) }, { "deployment.security.notinca.warning", String.valueOf(true) }, { "deployment.security.expired.warning", String.valueOf(true) }, { "deployment.security.jsse.hostmismatch.warning", String.valueOf(true) }, { "deployment.security.trusted.policy", null }, - { "deployment.security.sandbox.awtwarningwindow", String.valueOf(true) }, - { "deployment.security.sandbox.jnlp.enhanced", String.valueOf(true) }, - { "deployment.security.authenticator", String.valueOf(true) }, + { KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING, String.valueOf(true) }, + { KEY_SECURITY_PROMPT_USER_FOR_JNLP, String.valueOf(true) }, + { KEY_SECURITY_INSTALL_AUTHENTICATOR, String.valueOf(true) }, /* networking */ { "deployment.proxy.type", String.valueOf(PROXY_TYPE_BROWSER) }, { "deployment.proxy.same", String.valueOf(false) },
--- a/netx/net/sourceforge/jnlp/security/SecurityWarning.java Thu Nov 18 11:12:10 2010 -0500 +++ b/netx/net/sourceforge/jnlp/security/SecurityWarning.java Thu Nov 18 11:55:26 2010 -0500 @@ -49,6 +49,7 @@ import javax.swing.SwingUtilities; import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.runtime.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPRuntime; /** @@ -111,6 +112,11 @@ */ public static boolean showAccessWarningDialog(final AccessType accessType, final JNLPFile file, final Object[] extras) { + + if (!shouldPromptUser()) { + return false; + } + final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.ACCESS_WARNING; @@ -140,6 +146,10 @@ */ public static boolean showNotAllSignedWarningDialog(JNLPFile file) { + if (!shouldPromptUser()) { + return false; + } + final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.NOTALLSIGNED_WARNING; message.accessType = AccessType.NOTALLSIGNED; @@ -174,6 +184,10 @@ public static boolean showCertWarningDialog(AccessType accessType, JNLPFile file, CertVerifier jarSigner) { + if (!shouldPromptUser()) { + return false; + } + final SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.CERT_WARNING; message.accessType = accessType; @@ -200,6 +214,10 @@ */ public static int showAppletWarning() { + if (!shouldPromptUser()) { + return 2; + } + SecurityDialogMessage message = new SecurityDialogMessage(); message.dialogType = DialogType.APPLET_WARNING; @@ -295,4 +313,15 @@ return message.userResponse; } + /** + * Returns whether the current runtime configuration allows prompting user + * for security warnings. + * + * @return true if security warnings should be shown to the user. + */ + private static boolean shouldPromptUser() { + return Boolean.valueOf(JNLPRuntime.getConfiguration() + .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER)); + } + }
--- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java Thu Nov 18 11:12:10 2010 -0500 +++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java Thu Nov 18 11:55:26 2010 -0500 @@ -39,6 +39,7 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.runtime.ApplicationInstance; +import net.sourceforge.jnlp.runtime.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.SecurityWarning; import net.sourceforge.jnlp.security.SecurityWarning.AccessType; @@ -208,9 +209,10 @@ }; /** - * Returns whether the app requesting a service is signed. If the app is - * unsigned, the user is prompted with a dialog asking if the action - * should be allowed. + * Returns whether the app requesting a JNLP service has the right permissions. + * If it doesn't, user is prompted for permissions. This method should only be + * used for JNLP API related permissions. + * * @param type the type of access being requested * @param extras extra Strings (usually) that are passed to the dialog for * message formatting. @@ -221,8 +223,9 @@ } /** - * Returns whether the app requesting a service has the right permissions. - * If it doesn't, user is prompted for permissions. + * Returns whether the app requesting a JNLP service has the right permissions. + * If it doesn't, user is prompted for permissions. This method should only be + * used for JNLP API related permissions. * * @param app the application which is requesting the check. If null, the current * application is used. @@ -265,6 +268,11 @@ } if (!codeTrusted) { + + if (!shouldPromptUser()) { + return false; + } + final AccessType tmpType = type; final Object[] tmpExtras = extras; final ApplicationInstance tmpApp = app; @@ -285,4 +293,16 @@ return true; //allow } + + /** + * Returns whether the current runtime configuration allows prompting the + * user for JNLP permissions. + * + * @return true if the user should be prompted for JNLP API related permissions. + */ + private static boolean shouldPromptUser() { + return Boolean.valueOf(JNLPRuntime.getConfiguration() + .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER_FOR_JNLP)); + } + }
--- a/plugin/icedteanp/java/sun/applet/PluginMain.java Thu Nov 18 11:12:10 2010 -0500 +++ b/plugin/icedteanp/java/sun/applet/PluginMain.java Thu Nov 18 11:55:26 2010 -0500 @@ -199,7 +199,11 @@ System.setProperties(avProps); // plug in a custom authenticator and proxy selector - Authenticator.setDefault(new CustomAuthenticator()); + boolean installAuthenticator = Boolean.valueOf(JNLPRuntime.getConfiguration() + .getProperty(DeploymentConfiguration.KEY_SECURITY_INSTALL_AUTHENTICATOR)); + if (installAuthenticator) { + Authenticator.setDefault(new CustomAuthenticator()); + } ProxySelector.setDefault(new PluginProxySelector()); CookieManager ckManager = new PluginCookieManager();