public class BasicJeriTrustVerifier extends Object implements TrustVerifier
Security.verifyObjectTrust
.TrustVerifier.Context
Constructor and Description |
---|
BasicJeriTrustVerifier()
Creates an instance.
|
Modifier and Type | Method and Description |
---|---|
protected static boolean |
checkInvocationHandlerContent(BasicInvocationHandler handler,
TrustVerifier.Context ctx)
Returns
true if the specified invocation handler's
constraints and object endpoint are trusted; returns
false otherwise. |
private static boolean |
covers(ClassLoader sub,
ClassLoader sup)
Returns true if the first argument is either equal to, or is a
descendant of, the second argument.
|
protected boolean |
hasTrustedClassLoader(Object proxy,
TrustVerifier.Context ctx)
Returns
true if the class loader of the specified dynamic
proxy's class is trusted by this verifier; returns false
otherwise. |
protected boolean |
hasTrustedProxyClass(Object proxy,
TrustVerifier.Context ctx)
Returns
true if the specified dynamic proxy's class is
trusted by this verifier; returns false otherwise. |
protected boolean |
isTrustedInvocationHandler(InvocationHandler handler,
TrustVerifier.Context ctx)
Returns
true if the specified invocation
handler is trusted by this trust verifier; returns
false otherwise. |
boolean |
isTrustedObject(Object obj,
TrustVerifier.Context ctx)
Returns
true if the specified object is a trusted
Jini ERI dynamic proxy or a trusted Jini ERI object endpoint;
returns false otherwise. |
protected boolean |
isTrustedProxyInterface(Class intf,
TrustVerifier.Context ctx)
Returns
true if the specified dynamic proxy interface is
trusted by this verifier; returns false otherwise. |
public boolean isTrustedObject(Object obj, TrustVerifier.Context ctx) throws RemoteException
true
if the specified object is a trusted
Jini ERI dynamic proxy or a trusted Jini ERI object endpoint;
returns false
otherwise.
For the purposes of this verifier, the specified object is a trusted Jini ERI dynamic proxy if all of the following are true:
RemoteMethodControl
.
Proxy
.
hasTrustedProxyClass
with the specified object and the specified
trust verifier context returns true
.
isTrustedInvocationHandler
with the InvocationHandler
contained in the dynamic proxy and
the specified trust verifier context returns true
.
For the purposes of this verifier, the specified object is a trusted
Jini ERI object endpoint if the object is an instance of
BasicObjectEndpoint
and its transport endpoint is
trusted; that is, calling the specified context's
isTrustedObject
method with the transport endpoint returns
true
.
isTrustedObject
in interface TrustVerifier
obj
- the object in which to verify trustctx
- the trust verifier context, to aid in verification of
the specified object and its componentstrue
if the specified object is known to be
trusted to correctly implement its contract; false
otherwiseSecurityException
- if a security exception occursNullPointerException
- if any argument is null
RemoteException
- if a communication-related exception occursprotected boolean hasTrustedProxyClass(Object proxy, TrustVerifier.Context ctx) throws RemoteException
true
if the specified dynamic proxy's class is
trusted by this verifier; returns false
otherwise. The
isTrustedObject
method calls this method to verify that
the proxy's class is trusted.
BasicJeriTrustVerifier
implements this method to
return true
if all of the following are true:
Remote
.
hasTrustedClassLoader
with the specified proxy and the specified
trust verifier context returns true
.
isTrustedProxyInterface
with the interface and the specified trust
verifier context returns true
.
A subclass can override this method to augment the set of trusted proxy classes for Jini ERI proxies.
proxy
- the dynamic proxyctx
- the trust verifier context, to aid in verification of
the specified proxy's classtrue
if the specified dynamic proxy's class is
trusted by this verifier; returns false
otherwiseRemoteException
- if a communication-related exception occursSecurityException
- if a security exception occursNullPointerException
- if any argument is null
protected boolean hasTrustedClassLoader(Object proxy, TrustVerifier.Context ctx) throws RemoteException
true
if the class loader of the specified dynamic
proxy's class is trusted by this verifier; returns false
otherwise. The default implementation of
hasTrustedProxyClass
calls this method to verify
that the proxy's class loader is trusted.
BasicJeriTrustVerifier
implements this method to
return true
if the specified proxy is an instance of a
dynamic proxy class and the class loader of the specified proxy's
class is either equal to or an ancestor of the class loader returned
by the trust verifier context's getClassLoader
method (or the current context class loader, if that
method returns null
).
A subclass can override this method to augment the set of trusted loaders for Jini ERI proxies.
proxy
- the dynamic proxyctx
- the trust verifier context, to aid in verification of
the class loader of the specified proxy's classtrue
if the class loader of the specified dynamic
proxy's class is trusted by this verifier; returns false
otherwiseRemoteException
- if a communication-related exception occursSecurityException
- if a security exception occursIllegalArgumentException
- if the proxy is not an
instance of a dynamic proxy classNullPointerException
- if any argument is null
protected boolean isTrustedProxyInterface(Class intf, TrustVerifier.Context ctx) throws RemoteException
true
if the specified dynamic proxy interface is
trusted by this verifier; returns false
otherwise. The
default implementation of hasTrustedProxyClass
calls
this method to verify that the dynamic proxy's interfaces are trusted.
BasicJeriTrustVerifier
implements this method to
return true
if the specified class is
RemoteMethodControl
, TrustEquivalence
, or a
well-formed remote interface (one that extends Remote
and for
which all methods declare RemoteException
or a superclass in
their throws
clause).
A subclass can override this method to augment the set of trusted proxy interfaces for Jini ERI proxies.
intf
- the dynamic proxy interfacectx
- the trust verifier context, to aid in verification of
the specified proxy interfacetrue
if the specified dynamic proxy interface is
trusted by this verifier; returns false
otherwiseRemoteException
- if a communication-related exception occursSecurityException
- if a security exception occursNullPointerException
- if any argument is null
protected boolean isTrustedInvocationHandler(InvocationHandler handler, TrustVerifier.Context ctx) throws RemoteException
true
if the specified invocation
handler is trusted by this trust verifier; returns
false
otherwise. The isTrustedObject
method calls this method to verify trust in the invocation handler.
BasicJeriTrustVerifier
implements this method to
return true
if all of the following are true:
BasicInvocationHandler
.
checkInvocationHandlerContent
method with the specified handler
and the specified context returns true
.
A subclass can override this method to verify that the invocation
handler's class is a trusted subclass of
BasicInvocationHandler
and to verify the contents of
the invocation handler. A subclass implementation of this method
can invoke the checkInvocationHandlerContent
static
utility method to verify that the invocation handler's constraints
and object endpoint are trusted.
handler
- the invocation handlerctx
- the trust verifier context, to aid in verification of
the specified handlertrue
if the specified invocation
handler is trusted by this trust verifier; returns
false
otherwiseRemoteException
- if a communication-related exception occursSecurityException
- if a security exception occursNullPointerException
- if any argument is null
protected static boolean checkInvocationHandlerContent(BasicInvocationHandler handler, TrustVerifier.Context ctx) throws RemoteException
true
if the specified invocation handler's
constraints and object endpoint are trusted; returns
false
otherwise. The
isTrustedInvocationHandler
method calls this utility
method to check that the invocation handler's constraints and object
endpoint are trusted.
The specified invocation handler's constraints and object endpoint are trusted if all of the following are true:
isTrustedObject
method with the object endpoint returns
true
.
isTrustedObject
method with the server constraints
returns true
.
handler
- the invocation handlerctx
- the trust verifier context, to aid in verification of
the specified handlertrue
if the specified invocation
handler's constraints and object endpoint are trusted by this method;
returns false
otherwiseRemoteException
- if a communication-related exception occursSecurityException
- if a security exception occursNullPointerException
- if any argument is null
private static boolean covers(ClassLoader sub, ClassLoader sup)
Copyright 2007-2013, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.