Examples of SecurityManager

• com.bradmcevoy.http.SecurityManager
• com.dbxml.db.core.security.SecurityManager
  SecurityManager manages Users, Roles, and Access Control Lists for dbXML.
• com.eaglegenomics.simlims.core.manager.SecurityManager
• com.sun.enterprise.SecurityManager
  This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface. @author Harish Prabandham
• com.sun.enterprise.security.SecurityManager
  This interface is used by the Container to manage access to EJBs. The container has a reference to an implementation of this interface. @author Harish Prabandham
• com.sun.org.apache.xerces.internal.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java,v 1.2 2005/08/16 22:49:14 jeffsuttor Exp $
• java.lang.SecurityManager
  The security manager is a class that allows applications to implement a security policy. It allows an application to determine, before performing a possibly unsafe or sensitive operation, what the operation is and whether it is being attempted in a security context that allows the operation to be performed. The application can allow or disallow the operation.

  The SecurityManager class contains many methods with names that begin with the word check. These methods are called by various methods in the Java libraries before those methods perform certain potentially sensitive operations. The invocation of such a check method typically looks like this:

   SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkXXX(argument,  . . . ); } 

  The security manager is thereby given an opportunity to prevent completion of the operation by throwing an exception. A security manager routine simply returns if the operation is permitted, but throws a SecurityException if the operation is not permitted. The only exception to this convention is checkTopLevelWindow, which returns a boolean value.

  The current security manager is set by the setSecurityManager method in class System. The current security manager is obtained by the getSecurityManager method.

  The special method {@link SecurityManager#checkPermission(java.security.Permission)}determines whether an access request indicated by a specified permission should be granted or denied. The default implementation calls

   AccessController.checkPermission(perm); 

  If a requested access is allowed, checkPermission returns quietly. If denied, a SecurityException is thrown.

  As of Java 2 SDK v1.2, the default implementation of each of the other check methods in SecurityManager is to call the SecurityManager checkPermission method to determine if the calling thread has permission to perform the requested operation.

  Note that the checkPermission method with just a single permission argument always performs security checks within the context of the currently executing thread. Sometimes a security check that should be made within a given context will actually need to be done from within a different context (for example, from within a worker thread). The {@link SecurityManager#getSecurityContext getSecurityContext} method and the {@link SecurityManager#checkPermission(java.security.Permission,java.lang.Object) checkPermission}method that includes a context argument are provided for this situation. The getSecurityContext method returns a "snapshot" of the current calling context. (The default implementation returns an AccessControlContext object.) A sample call is the following:

   Object context = null; SecurityManager sm = System.getSecurityManager(); if (sm != null) context = sm.getSecurityContext();  

  The checkPermission method that takes a context object in addition to a permission makes access decisions based on that context, rather than on that of the current execution thread. Code within a different context can thus call that method, passing the permission and the previously-saved context object. A sample call, using the SecurityManager sm obtained as in the previous example, is the following:

   if (sm != null) sm.checkPermission(permission, context); 

  Permissions fall into these categories: File, Socket, Net, Security, Runtime, Property, AWT, Reflect, and Serializable. The classes managing these various permission categories are java.io.FilePermission, java.net.SocketPermission, java.net.NetPermission, java.security.SecurityPermission, java.lang.RuntimePermission, java.util.PropertyPermission, java.awt.AWTPermission, java.lang.reflect.ReflectPermission, and java.io.SerializablePermission.

  All but the first two (FilePermission and SocketPermission) are subclasses of java.security.BasicPermission, which itself is an abstract subclass of the top-level class for permissions, which is java.security.Permission. BasicPermission defines the functionality needed for all permissions that contain a name that follows the hierarchical property naming convention (for example, "exitVM", "setFactory", "queuePrintJob", etc). An asterisk may appear at the end of the name, following a ".", or by itself, to signify a wildcard match. For example: "a.*" or "*" is valid, "*a" or "a*b" is not valid.

  FilePermission and SocketPermission are subclasses of the top-level class for permissions (java.security.Permission). Classes like these that have a more complicated name syntax than that used by BasicPermission subclass directly from Permission rather than from BasicPermission. For example, for a java.io.FilePermission object, the permission name is the path name of a file (or directory).

  Some of the permission classes have an "actions" list that tells the actions that are permitted for the object. For example, for a java.io.FilePermission object, the actions list (such as "read, write") specifies which actions are granted for the specified file (or for files in the specified directory).

  Other permission classes are for "named" permissions - ones that contain a name but no actions list; you either have the named permission or you don't.

  Note: There is also a java.security.AllPermission permission that implies all permissions. It exists to simplify the work of system administrators who might need to perform multiple tasks that require all (or numerous) permissions.

  See Permissions in the JDK for permission-related information. This document includes, for example, a table listing the various SecurityManager check methods and the permission(s) the default implementation of each such method requires. It also contains a table of all the version 1.2 methods that require permissions, and for each such method tells which permission it requires.

  For more information about SecurityManager changes made in the JDK and advice regarding porting of 1.1-style security managers, see the security documentation. @author Arthur van Hoff @author Roland Schemers @version 1.139, 04/21/06 @see java.lang.ClassLoader @see java.lang.SecurityException @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object) checkTopLevelWindow @see java.lang.System#getSecurityManager() getSecurityManager @see java.lang.System#setSecurityManager(java.lang.SecurityManager) setSecurityManager @see java.security.AccessController AccessController @see java.security.AccessControlContext AccessControlContext @see java.security.AccessControlException AccessControlException @see java.security.Permission @see java.security.BasicPermission @see java.io.FilePermission @see java.net.SocketPermission @see java.util.PropertyPermission @see java.lang.RuntimePermission @see java.awt.AWTPermission @see java.security.Policy Policy @see java.security.SecurityPermission SecurityPermission @see java.security.ProtectionDomain @since JDK1.0

• mf.org.apache.xerces.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java 447241 2006-09-18 05:12:57Z mrglavas $
• org.apache.qpid.server.security.SecurityManager
• org.apache.sandesha2.security.SecurityManager
  SecurityManager interface. This manages the link between the RM layer and Security, so that the CreateSequence message can be secured using a SecurityTokenReference. Once the sequence is secured using the STR, each inbound messgae must be checked to ensure the sender has demonstrated proof-of-possession of the referenced token. See the WS-RM 1.0 spec for details.
• org.apache.shiro.mgt.SecurityManager
  A {@code SecurityManager} executes all security operations for all Subjects (aka users) across asingle application.

  The interface itself primarily exists as a convenience - it extends the {@link org.apache.shiro.authc.Authenticator}, {@link Authorizer}, and {@link SessionManager} interfaces, thereby consolidatingthese behaviors into a single point of reference. For most Shiro usages, this simplifies configuration and tends to be a more convenient approach than referencing {@code Authenticator}, {@code Authorizer}, and {@code SessionManager} instances separately; instead one only needs to interact with a single{@code SecurityManager} instance.

  In addition to the above three interfaces, this interface provides a number of methods supporting {@link Subject} behavior. A {@link org.apache.shiro.subject.Subject Subject} executesauthentication, authorization, and session operations for a single user, and as such can only be managed by {@code A SecurityManager} which is aware of all three functions. The three parent interfaces on theother hand do not 'know' about {@code Subject}s to ensure a clean separation of concerns.

  Usage Note: In actuality the large majority of application programmers won't interact with a SecurityManager very often, if at all. Most application programmers only care about security operations for the currently executing user, usually attained by calling {@link org.apache.shiro.SecurityUtils#getSubject() SecurityUtils.getSubject()}.

  Framework developers on the other hand might find working with an actual SecurityManager useful. @author Les Hazlewood @see org.apache.shiro.mgt.DefaultSecurityManager @since 0.2

• org.apache.xerces.util.SecurityManager
  e.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care. @author Neil Graham, IBM @version $Id: SecurityManager.java 319859 2004-03-23 01:23:41Z mrglavas $
• org.exist.security.SecurityManager
  SecurityManager is responsible for managing users and groups. There's only one SecurityManager for each database instance, which may be obtained by {@link BrokerPool#getSecurityManager()}.
• org.jboss.jms.server.SecurityManager
  @author Ovidiu Feodorov @version $Revision: 2257 $$Id: SecurityManager.java 2257 2007-02-11 01:07:47Z ovidiu.feodorov@jboss.com $
• org.jdesktop.wonderland.server.security.SecurityManager
  Interface for handling security checks. @author jkaplan
• org.mule.api.security.SecurityManager
  SecurityManager is responsible for managing one or more security providers.
• railo.runtime.security.SecurityManager
  interface for Security Manager

Examples of org.apache.sandesha2.security.SecurityManager

    RMDBean rmdBean = SandeshaUtil.getRMDBeanFromSequenceId(storageManager, sequenceId);

    // Check that the sender of this CloseSequence holds the correct token
    if(rmdBean != null && rmdBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());
      OMElement body = msgCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(rmdBean.getSecurityTokenData());
      secManager.checkProofOfPossession(token, body, msgCtx);
    }

    if (FaultManager.checkForUnknownSequence(rmMsgCtx, sequenceId, storageManager, false)) {
      if (log.isDebugEnabled())
        log.debug("Exit: CloseSequenceProcessor::processInMessage, Unknown sequence " + sequenceId);

Examples of org.apache.sandesha2.security.SecurityManager

    // Check that the sender of this AckRequest holds the correct token
    RMDBean rmdBean = SandeshaUtil.getRMDBeanFromSequenceId(storageManager, sequenceId);

    if(rmdBean != null && rmdBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configurationContext);
      SecurityToken token = secManager.recoverSecurityToken(rmdBean.getSecurityTokenData());

      secManager.checkProofOfPossession(token, soapHeader, msgContext);
    }

    // Check that the sequence requested exists
    if (FaultManager.checkForUnknownSequence(rmMsgCtx, sequenceId, storageManager, piggybackedAckRequest)) {
      if (log.isDebugEnabled())

Examples of org.apache.sandesha2.security.SecurityManager

    storageManager.storeMessageContext(clonedMsgStoreKey, clonedMessage);
    rmsBean.setReferenceMessageStoreKey(clonedMsgStoreKey);

    SecurityToken token = (SecurityToken) createSeqRMMessage.getProperty(Sandesha2Constants.MessageContextProperties.SECURITY_TOKEN);
    if(token != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(configCtx);
      rmsBean.setSecurityTokenData(secManager.getTokenRecoveryData(token));
    }

    storageManager.getRMSBeanMgr().insert(rmsBean);

    SenderBean createSeqEntry = new SenderBean();

Examples of org.apache.sandesha2.security.SecurityManager

    // Check that both the Sequence header and message body have been secured properly
    RMDBeanMgr mgr = storageManager.getRMDBeanMgr();
    RMDBean bean = mgr.retrieve(sequenceId);

    if(bean != null && bean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());

      QName seqName = new QName(rmMsgCtx.getRMNamespaceValue(), Sandesha2Constants.WSRM_COMMON.SEQUENCE);

      SOAPEnvelope envelope = msgCtx.getEnvelope();
      OMElement body = envelope.getBody();
      OMElement seqHeader = envelope.getHeader().getFirstChildWithName(seqName);

      SecurityToken token = secManager.recoverSecurityToken(bean.getSecurityTokenData());

      secManager.checkProofOfPossession(token, seqHeader, msgCtx);
      secManager.checkProofOfPossession(token, body, msgCtx);
    }

    // Store the inbound sequence id, number and lastMessage onto the operation context
    OperationContext opCtx = msgCtx.getOperationContext();
    if(opCtx != null) {

Examples of org.apache.sandesha2.security.SecurityManager

      StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context, context.getAxisConfiguration());

      // If the inbound CreateSequence includes a SecurityTokenReference then
      // ask the security manager to resolve that to a token for us. We also
      // check that the Create was secured using the token.
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
      OMElement theSTR = createSeqPart.getSecurityTokenReference();
      SecurityToken token = null;
      if(theSTR != null) {
        MessageContext msgcontext = createSeqRMMsg.getMessageContext();
        token = secManager.getSecurityToken(theSTR, msgcontext);

        // The create must be the body part of this message, so we check the
        // security of that element.
        OMElement body = msgcontext.getEnvelope().getBody();
        secManager.checkProofOfPossession(token, body, msgcontext);
      }

      //if toAddress is RMAnon we may need to terminate the request side sequence here.
      EndpointReference toEPR = createSeqMsg.getTo();
      if (toEPR.hasAnonymousAddress()) {

Examples of org.apache.sandesha2.security.SecurityManager

    return null; //could not find the sequenceKey
  }


  public static SecurityManager getSecurityManager(ConfigurationContext context) throws SandeshaException {
    SecurityManager util = null;
    AxisConfiguration config = context.getAxisConfiguration();
    Parameter p = config.getParameter(Sandesha2Constants.SECURITY_MANAGER);
    if(p != null) util = (SecurityManager) p.getValue();
    if (util != null) return util;

Examples of org.apache.sandesha2.security.SecurityManager

    RMDBean rmdBean = SandeshaUtil.getRMDBeanFromSequenceId(storageManager, sequenceId);

    // Check that the sender of this CloseSequence holds the correct token
    if(rmdBean != null && rmdBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(msgCtx.getConfigurationContext());
      OMElement body = msgCtx.getEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(rmdBean.getSecurityTokenData());
      secManager.checkProofOfPossession(token, body, msgCtx);
    }

    if (FaultManager.checkForUnknownSequence(rmMsgCtx, sequenceId, storageManager, false)) {
      if (log.isDebugEnabled())
        log.debug("Exit: CloseSequenceProcessor::processInMessage, Unknown sequence " + sequenceId);

Examples of org.apache.sandesha2.security.SecurityManager

      // Check that both the Sequence header and message body have been secured properly
      RMDBeanMgr mgr = storageManager.getRMDBeanMgr();
      RMDBean bean = mgr.retrieve(sequenceId);

      if(bean != null && bean.getSecurityTokenData() != null) {
        SecurityManager secManager = SandeshaUtil.getSecurityManager(rmMsgCtx.getConfigurationContext());

        QName seqName = new QName(rmMsgCtx.getRMNamespaceValue(), Sandesha2Constants.WSRM_COMMON.SEQUENCE);

        SOAPEnvelope envelope = rmMsgCtx.getSOAPEnvelope();
        OMElement body = envelope.getBody();
        OMElement seqHeader = envelope.getHeader().getFirstChildWithName(seqName);

        SecurityToken token = secManager.recoverSecurityToken(bean.getSecurityTokenData());

        secManager.checkProofOfPossession(token, seqHeader, rmMsgCtx.getMessageContext());
        secManager.checkProofOfPossession(token, body, rmMsgCtx.getMessageContext());
      }

      if (bean != null) {

        if (msgNo == 0) {

Examples of org.apache.sandesha2.security.SecurityManager

    StorageManager storageManager = SandeshaUtil.getSandeshaStorageManager(context,context.getAxisConfiguration());

    // Check that the sender of this TerminateSequence holds the correct token
    RMDBean rmdBean = SandeshaUtil.getRMDBeanFromSequenceId(storageManager, sequenceId);
    if(rmdBean != null && rmdBean.getSecurityTokenData() != null) {
      SecurityManager secManager = SandeshaUtil.getSecurityManager(context);
      OMElement body = terminateSeqRMMsg.getSOAPEnvelope().getBody();
      SecurityToken token = secManager.recoverSecurityToken(rmdBean.getSecurityTokenData());
      secManager.checkProofOfPossession(token, body, terminateSeqRMMsg.getMessageContext());
    }

    if (FaultManager.checkForUnknownSequence(terminateSeqRMMsg, sequenceId, storageManager, false)) {
      if (log.isDebugEnabled())
        log.debug("Exit: TerminateSeqMsgProcessor::processInMessage, unknown sequence");

Examples of org.apache.sandesha2.security.SecurityManager

    }

    // Reset the security manager, and then load it
    parameter = config.getParameter(Sandesha2Constants.SECURITY_MANAGER);
    if(parameter != null) config.removeParameter(parameter);
    SecurityManager util = SandeshaUtil.getSecurityManager(configContext);
    util.initSecurity(module);

    // Mark the config context so that we can run sync 2-way interations over
    // RM, but at the same time switch it off for unreliable messages.
    configContext.setProperty(Constants.Configuration.USE_ASYNC_OPERATIONS, Boolean.TRUE);
    configContext.getAxisConfiguration().addTargetResolver(