Logo Search packages:      
Sourcecode: icedtea-web version File versions  Download package

void net::sourceforge::jnlp::runtime::JNLPClassLoader::setSecurity (  )  throws LaunchException [inline, private]

When we're trying to load an applet, file.getSecurity() will return null since there is no jnlp file to specify permissions. We determine security settings here, after trying to verify jars.

Definition at line 210 of file JNLPClassLoader.java.

References file, net::sourceforge::jnlp::JNLPFile::getCodeBase(), net::sourceforge::jnlp::JARDesc::getLocation(), net::sourceforge::jnlp::ResourcesDesc::getMainJAR(), net::sourceforge::jnlp::JNLPFile::getResources(), net::sourceforge::jnlp::JNLPFile::getSecurity(), net::sourceforge::jnlp::SecurityDesc::getSecurityType(), R(), and security.

Referenced by JNLPClassLoader().

                                                      {

        URL codebase = null;

        if (file.getCodeBase() != null) {
            codebase = file.getCodeBase();
        } else {
            //Fixme: codebase should be the codebase of the Main Jar not
            //the location. Although, it still works in the current state.
            codebase = file.getResources().getMainJAR().getLocation();
        }

        /**
         * When we're trying to load an applet, file.getSecurity() will return
         * null since there is no jnlp file to specify permissions. We
         * determine security settings here, after trying to verify jars.
         */
        if (file instanceof PluginBridge) {
            if (signing == true) {
                this.security = new SecurityDesc(file,
                    SecurityDesc.ALL_PERMISSIONS,
                    codebase.getHost());
            } else {
                this.security = new SecurityDesc(file,
                    SecurityDesc.SANDBOX_PERMISSIONS,
                    codebase.getHost());
            }
        } else { //regular jnlp file

            /*
             * Various combinations of the jars being signed and <security> tags being
             * present are possible. They are treated as follows
             *
             * Jars          JNLP File         Result
             *
             * Signed        <security>        Appropriate Permissions
             * Signed        no <security>     Sandbox
             * Unsigned      <security>        Error
             * Unsigned      no <security>     Sandbox
             *
             */
            if (!file.getSecurity().getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS) && !signing) {
                throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
            }
            else if (signing == true) {
                this.security = file.getSecurity();
            } else {
                this.security = new SecurityDesc(file,
                        SecurityDesc.SANDBOX_PERMISSIONS,
                        codebase.getHost());
            }
        }
    }


Generated by  Doxygen 1.6.0   Back to index