diff options
author | Omair Majid <[email protected]> | 2010-11-18 11:55:26 -0500 |
---|---|---|
committer | Omair Majid <[email protected]> | 2010-11-18 11:55:26 -0500 |
commit | b949b7d40c7d5bb1146551fae563b1b4ac398812 (patch) | |
tree | 3e5323e6322a30ccd77cc1713eeec2b9a011fad4 /netx/net/sourceforge/jnlp/services | |
parent | 3f351c0718209878b0a3d880d9757ddca90e447e (diff) |
add configuration support for user prompts and other access control options
2010-11-18 Omair Majid <[email protected]>
* netx/net/sourceforge/jnlp/SecurityDesc.java: Remove window banner
permissions from sandboxPermissions and j2eePermissions.
(getSandBoxPermissions): Dynamically add window banner permissions
if allowed by configuration.
* netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java:
Add KEY_SECURITY_PROMPT_USER,
KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING,
KEY_SECURITY_PROMPT_USER_FOR_JNLP, and
KEY_SECURITY_INSTALL_AUTHENTICATOR.
(loadDefaultProperties): Use the new constants.
* netx/net/sourceforge/jnlp/security/SecurityWarning.java
(showAccessWarningDialog): Check if the user should be prompted
before prompting the user.
(showNotAllSignedWarningDialog): Likewise.
(showCertWarningDialog): Likewise.
(showAppletWarning): Likewise.
(shouldPromptUser): New method. Check if configuration allows
showing user prompts.
* netx/net/sourceforge/jnlp/services/ServiceUtil.java
(checkAccess(AccessType,Object...)): Clarify javadocs.
(checkAccess(ApplicationInstance,AccessType,Object...)): Clarify
javadocs. Only prompt the user if showing JNLP prompts is ok.
(shouldPromptUser): New method. Returns true if configuration allows
for showing JNLP api prompts.
* plugin/icedteanp/java/sun/applet/PluginMain.java
(init): Only install custom authenticator if allowed by
configuration.
Diffstat (limited to 'netx/net/sourceforge/jnlp/services')
-rw-r--r-- | netx/net/sourceforge/jnlp/services/ServiceUtil.java | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/netx/net/sourceforge/jnlp/services/ServiceUtil.java b/netx/net/sourceforge/jnlp/services/ServiceUtil.java index 6116332..62ce28f 100644 --- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java +++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java @@ -39,6 +39,7 @@ import javax.jnlp.UnavailableServiceException; import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.runtime.ApplicationInstance; +import net.sourceforge.jnlp.runtime.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.SecurityWarning; import net.sourceforge.jnlp.security.SecurityWarning.AccessType; @@ -208,9 +209,10 @@ public class ServiceUtil { }; /** - * Returns whether the app requesting a service is signed. If the app is - * unsigned, the user is prompted with a dialog asking if the action - * should be allowed. + * Returns whether the app requesting a JNLP service has the right permissions. + * If it doesn't, user is prompted for permissions. This method should only be + * used for JNLP API related permissions. + * * @param type the type of access being requested * @param extras extra Strings (usually) that are passed to the dialog for * message formatting. @@ -221,8 +223,9 @@ public class ServiceUtil { } /** - * Returns whether the app requesting a service has the right permissions. - * If it doesn't, user is prompted for permissions. + * Returns whether the app requesting a JNLP service has the right permissions. + * If it doesn't, user is prompted for permissions. This method should only be + * used for JNLP API related permissions. * * @param app the application which is requesting the check. If null, the current * application is used. @@ -265,6 +268,11 @@ public class ServiceUtil { } if (!codeTrusted) { + + if (!shouldPromptUser()) { + return false; + } + final AccessType tmpType = type; final Object[] tmpExtras = extras; final ApplicationInstance tmpApp = app; @@ -285,4 +293,16 @@ public class ServiceUtil { return true; //allow } + + /** + * Returns whether the current runtime configuration allows prompting the + * user for JNLP permissions. + * + * @return true if the user should be prompted for JNLP API related permissions. + */ + private static boolean shouldPromptUser() { + return Boolean.valueOf(JNLPRuntime.getConfiguration() + .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER_FOR_JNLP)); + } + } |