aboutsummaryrefslogtreecommitdiffstats
path: root/netx/net/sourceforge/jnlp/services
diff options
context:
space:
mode:
authorOmair Majid <[email protected]>2010-11-18 11:55:26 -0500
committerOmair Majid <[email protected]>2010-11-18 11:55:26 -0500
commitb949b7d40c7d5bb1146551fae563b1b4ac398812 (patch)
tree3e5323e6322a30ccd77cc1713eeec2b9a011fad4 /netx/net/sourceforge/jnlp/services
parent3f351c0718209878b0a3d880d9757ddca90e447e (diff)
add configuration support for user prompts and other access control options
2010-11-18 Omair Majid <[email protected]> * netx/net/sourceforge/jnlp/SecurityDesc.java: Remove window banner permissions from sandboxPermissions and j2eePermissions. (getSandBoxPermissions): Dynamically add window banner permissions if allowed by configuration. * netx/net/sourceforge/jnlp/runtime/DeploymentConfiguration.java: Add KEY_SECURITY_PROMPT_USER, KEY_SECURITY_ALLOW_HIDE_WINDOW_WARNING, KEY_SECURITY_PROMPT_USER_FOR_JNLP, and KEY_SECURITY_INSTALL_AUTHENTICATOR. (loadDefaultProperties): Use the new constants. * netx/net/sourceforge/jnlp/security/SecurityWarning.java (showAccessWarningDialog): Check if the user should be prompted before prompting the user. (showNotAllSignedWarningDialog): Likewise. (showCertWarningDialog): Likewise. (showAppletWarning): Likewise. (shouldPromptUser): New method. Check if configuration allows showing user prompts. * netx/net/sourceforge/jnlp/services/ServiceUtil.java (checkAccess(AccessType,Object...)): Clarify javadocs. (checkAccess(ApplicationInstance,AccessType,Object...)): Clarify javadocs. Only prompt the user if showing JNLP prompts is ok. (shouldPromptUser): New method. Returns true if configuration allows for showing JNLP api prompts. * plugin/icedteanp/java/sun/applet/PluginMain.java (init): Only install custom authenticator if allowed by configuration.
Diffstat (limited to 'netx/net/sourceforge/jnlp/services')
-rw-r--r--netx/net/sourceforge/jnlp/services/ServiceUtil.java30
1 files changed, 25 insertions, 5 deletions
diff --git a/netx/net/sourceforge/jnlp/services/ServiceUtil.java b/netx/net/sourceforge/jnlp/services/ServiceUtil.java
index 6116332..62ce28f 100644
--- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java
+++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java
@@ -39,6 +39,7 @@ import javax.jnlp.UnavailableServiceException;
import net.sourceforge.jnlp.JNLPFile;
import net.sourceforge.jnlp.runtime.ApplicationInstance;
+import net.sourceforge.jnlp.runtime.DeploymentConfiguration;
import net.sourceforge.jnlp.runtime.JNLPRuntime;
import net.sourceforge.jnlp.security.SecurityWarning;
import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
@@ -208,9 +209,10 @@ public class ServiceUtil {
};
/**
- * Returns whether the app requesting a service is signed. If the app is
- * unsigned, the user is prompted with a dialog asking if the action
- * should be allowed.
+ * Returns whether the app requesting a JNLP service has the right permissions.
+ * If it doesn't, user is prompted for permissions. This method should only be
+ * used for JNLP API related permissions.
+ *
* @param type the type of access being requested
* @param extras extra Strings (usually) that are passed to the dialog for
* message formatting.
@@ -221,8 +223,9 @@ public class ServiceUtil {
}
/**
- * Returns whether the app requesting a service has the right permissions.
- * If it doesn't, user is prompted for permissions.
+ * Returns whether the app requesting a JNLP service has the right permissions.
+ * If it doesn't, user is prompted for permissions. This method should only be
+ * used for JNLP API related permissions.
*
* @param app the application which is requesting the check. If null, the current
* application is used.
@@ -265,6 +268,11 @@ public class ServiceUtil {
}
if (!codeTrusted) {
+
+ if (!shouldPromptUser()) {
+ return false;
+ }
+
final AccessType tmpType = type;
final Object[] tmpExtras = extras;
final ApplicationInstance tmpApp = app;
@@ -285,4 +293,16 @@ public class ServiceUtil {
return true; //allow
}
+
+ /**
+ * Returns whether the current runtime configuration allows prompting the
+ * user for JNLP permissions.
+ *
+ * @return true if the user should be prompted for JNLP API related permissions.
+ */
+ private static boolean shouldPromptUser() {
+ return Boolean.valueOf(JNLPRuntime.getConfiguration()
+ .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER_FOR_JNLP));
+ }
+
}