com.softplc
Class SecurityManager

java.lang.Object
  |
  +--java.lang.SecurityManager
        |
        +--com.softplc.SecurityManager

public class SecurityManager

extends java.lang.SecurityManager

The SoftPLC security manager class restricts what can be done under SoftPLC. It allows all Java code to be screened at runtime before performing a possibly unsafe or sensitive operation.

For example, it is normally not desirable to perform a System.exit() while under SoftPLC since this would stop the Ladder scan as well. It is also normally not desirable to exec() another application, as this would screw up the scheduling of CPU time and cause the Ladder scan to be neglected. It is the SecurityManager's role to enforce a policy in these and other areas.

The SecurityManager class contains many methods with names that begin with the word check. These methods are called by various methods in the Java libraries before those methods perform certain potentially sensitive operations. The invocation of such a check method typically looks like this:

SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkXXX(argument,  . . . );
}

The security manager is thereby given an opportunity to prevent completion of the operation by throwing an exception. A security manager routine simply returns if the operation is permitted, but throws a SecurityException if the operation is not permitted. The only exception to this convention is checkTopLevelWindow, which returns a boolean value.

The current security manager is set by the setSecurityManager method in class System. The current security manager is obtained by the getSecurityManager method.

Since:

JDK1.0

See Also:

SecurityManager, ClassLoader, SecurityException, SecurityManager.checkTopLevelWindow(java.lang.Object), java.lang.System#getSecurityManager(), java.lang.System#setSecurityManager(java.lang.SecurityManager)

Fields inherited from class java.lang.SecurityManager

inCheck

Constructor Summary

SecurityManager()

Method Summary

void	checkAccept(java.lang.String host, int port) Throws a SecurityException if the calling thread is not permitted to accept a socket connection from the specified host and port number.
void	checkAccess(java.lang.Thread g) Throws a SecurityException if the calling thread is not allowed to modify the thread argument.
void	checkAccess(java.lang.ThreadGroup g) Throws a SecurityException if the calling thread is not allowed to modify the thread group argument.
void	checkAwtEventQueueAccess() Tests if a client can get access to the AWT event queue.
void	checkConnect(java.lang.String host, int port) Throws a SecurityException if the calling thread is not allowed to open a socket connection to the specified host and port number.
void	checkConnect(java.lang.String host, int port, java.lang.Object context) Throws a SecurityException if the specified security context is not allowed to open a socket connection to the specified host and port number.
void	checkCreateClassLoader() Throws a SecurityException if the calling thread is not allowed to create a new class loader.
void	checkDelete(java.lang.String file) Throws a SecurityException if the calling thread is not allowed to delete the specified file.
void	checkExec(java.lang.String cmd) Throws a SecurityException if the calling thread is not allowed to create a subprocss.
void	checkExit(int status) Throws a SecurityException if the calling thread is not allowed to cause the Java Virtual Machine to halt with the specified status code.
void	checkLink(java.lang.String lib) Throws a SecurityException if the calling thread is not allowed to dynamic link the library code specified by the string argument file.
void	checkListen(int port) Throws a SecurityException if the calling thread is not allowed to wait for a connection request on the specified local port number.
void	checkMemberAccess(java.lang.Class clazz, int which) Tests if a client is allowed to access members.
void	checkMulticast(java.net.InetAddress maddr) Tests if current execution context is allowed to use (join/leave/send/receive) IP multicast.
void	checkMulticast(java.net.InetAddress maddr, byte ttl) Tests to see if current execution context is allowed to use (join/leave/send/receive) IP multicast.
void	checkPackageAccess(java.lang.String pkg) Throws a SecurityException if the calling thread is not allowed to access the package specified by the argument.
void	checkPackageDefinition(java.lang.String pkg) Throws a SecurityException if the calling thread is not allowed to define classes in the package specified by the argument.
void	checkPrintJobAccess() Tests if a client can initiate a print job request.
void	checkPropertiesAccess() Throws a SecurityException if the calling thread is not allowed to access or modify the system properties.
void	checkPropertyAccess(java.lang.String key) Throws a SecurityException if the calling thread is not allowed to access the system property with the specified key name.
void	checkRead(java.io.FileDescriptor fd) Throws a SecurityException if the calling thread is not allowed to read from the specified file descriptor.
void	checkRead(java.lang.String file) Throws a SecurityException if the calling thread is not allowed to read the file specified by the string argument.
void	checkRead(java.lang.String file, java.lang.Object context) Throws a SecurityException if the specified security context is not allowed to read the file specified by the string argument.
void	checkSecurityAccess(java.lang.String action) Tests access to certain operations for a security API action.
void	checkSetFactory() Throws a SecurityException if the calling thread is not allowed to set the socket factory used by ServerSocket or Socket, or the stream handler factory used by URL.
void	checkSystemClipboardAccess() Tests if a client can get access to the system clipboard.
boolean	checkTopLevelWindow(java.lang.Object window) Returns false if the calling thread is not trusted to bring up the top-level window indicated by the window argument.
void	checkWrite(java.io.FileDescriptor fd) Throws a SecurityException if the calling thread is not allowed to write to the specified file descriptor.
void	checkWrite(java.lang.String file) Throws a SecurityException if the calling thread is not allowed to write to the file specified by the string argument.
java.lang.Object	getSecurityContext() Creates an object that encapsulates the current execution environment.
java.lang.ThreadGroup	getThreadGroup() Returns the thread group into which to instantiate any new thread being created at the time this is being called.

Methods inherited from class java.lang.SecurityManager

checkPermission, checkPermission, classDepth, classLoaderDepth, currentClassLoader, currentLoadedClass, getClassContext, getInCheck, inClass, inClassLoader

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityManager

public SecurityManager()

Method Detail

getSecurityContext

public java.lang.Object getSecurityContext()

Creates an object that encapsulates the current execution environment. The result of this method is used by the three-argument checkConnect method and by the two-argument checkRead method.

These methods are needed because a trusted method may be called on to read a file or open a socket on behalf of another method. The trusted method needs to determine if the other (possibly untrusted) method would be allowed to perform the operation on its own.

Overrides:

getSecurityContext in class java.lang.SecurityManager

Returns:

an implementation-dependent object that encapsulates sufficient information about the current execution environment to perform some security checks later.

Since:

JDK1.0

See Also:

SecurityManager.checkConnect(java.lang.String, int, java.lang.Object), SecurityManager.checkRead(java.lang.String, java.lang.Object)

checkCreateClassLoader

public void checkCreateClassLoader()

Throws a SecurityException if the calling thread is not allowed to create a new class loader.

The checkCreateClassLoader method for class SecurityManager always throws a SecurityException.

Overrides:

checkCreateClassLoader in class java.lang.SecurityManager

Throws:

java.lang.SecurityException - if the caller does not have permission to create a new class loader.

Since:

JDK1.0

checkAccess

public void checkAccess(java.lang.Thread g)

Throws a SecurityException if the calling thread is not allowed to modify the thread argument.

This method is invoked for the current security manager by the stop, suspend, resume, setPriority, setName, and setDaemon methods of class Thread.

The checkAccess method for class SecurityManager always throws a SecurityException.

Overrides:

checkAccess in class java.lang.SecurityManager

Parameters:

g - the thread to be checked.

Throws:

java.lang.SecurityException - if the caller does not have permission to modify the thread.

Since:

JDK1.0

See Also:

java.lang.System#getSecurityManager(), Thread.resume(), Thread.setDaemon(boolean), Thread.setName(java.lang.String), Thread.setPriority(int), Thread.stop(), Thread.suspend()

checkAccess

public void checkAccess(java.lang.ThreadGroup g)

Throws a SecurityException if the calling thread is not allowed to modify the thread group argument.

This method is invoked for the current security manager when a new child thread or child thread group is created, and by the setDaemon, setMaxPriority, stop, suspend, resume, and destroy methods of class ThreadGroup.

The checkAccess method for class SecurityManager always throws a SecurityException.

Overrides:

checkAccess in class java.lang.SecurityManager

Parameters:

g - the thread group to be checked.

Throws:

java.lang.SecurityException - if the caller does not have permission to modify the thread group.

Since:

JDK1.0

See Also:

java.lang.System#getSecurityManager(), ThreadGroup.destroy(), ThreadGroup.resume(), ThreadGroup.setDaemon(boolean), ThreadGroup.setMaxPriority(int), ThreadGroup.stop(), ThreadGroup.suspend()

checkExit

public void checkExit(int status)

Throws a SecurityException if the calling thread is not allowed to cause the Java Virtual Machine to halt with the specified status code.

This method is invoked for the current security manager by the exit method of class Runtime. A status of 0 indicates success; other values indicate various errors.

The checkExit method for class SecurityManager always throws a SecurityException.

Overrides:

checkExit in class java.lang.SecurityManager

Parameters:

status - the exit status.

Throws:

java.lang.SecurityException - if the caller does not have permission to halt the Java Virtual Machine with the specified status.

Since:

JDK1.0

See Also:

java.lang.Runtime#exit(int), java.lang.System#getSecurityManager()

checkExec

public void checkExec(java.lang.String cmd)

Throws a SecurityException if the calling thread is not allowed to create a subprocss.

This method is invoked for the current security manager by the exec methods of class Runtime.

The checkExec method for class SecurityManager always throws a SecurityException.

Overrides:

checkExec in class java.lang.SecurityManager

Parameters:

cmd - the specified system command.

Throws:

java.lang.SecurityException - if the caller does not have permission to create a subprocess.

Since:

JDK1.0

See Also:

java.lang.Runtime#exec(java.lang.String), java.lang.Runtime#exec(java.lang.String, java.lang.String[]), java.lang.Runtime#exec(java.lang.String[]), java.lang.Runtime#exec(java.lang.String[], java.lang.String[]), java.lang.System#getSecurityManager()

checkLink

public void checkLink(java.lang.String lib)

Throws a SecurityException if the calling thread is not allowed to dynamic link the library code specified by the string argument file. The argument is either a simple library name or a complete filename.

This method is invoked for the current security manager by methods load and loadLibrary of class Runtime.

The checkLink method for class SecurityManager always throws a SecurityException.

Overrides:

checkLink in class java.lang.SecurityManager

Parameters:

lib - the name of the library.

Throws:

java.lang.SecurityException - if the caller does not have permission to dynamically link the library.

Since:

JDK1.0

See Also:

java.lang.Runtime#load(java.lang.String), java.lang.Runtime#loadLibrary(java.lang.String), java.lang.System#getSecurityManager()

checkRead

public void checkRead(java.io.FileDescriptor fd)

Throws a SecurityException if the calling thread is not allowed to read from the specified file descriptor.

The checkRead method for class SecurityManager always throws a SecurityException.

Overrides:

checkRead in class java.lang.SecurityManager

Parameters:

fd - the system-dependent file descriptor.

Throws:

java.lang.SecurityException - if the caller does not have permission to access the specified file descriptor.

Since:

JDK1.0

See Also:

FileDescriptor

checkRead

public void checkRead(java.lang.String file)

Throws a SecurityException if the calling thread is not allowed to read the file specified by the string argument.

The checkRead method for class SecurityManager always throws a SecurityException.

Overrides:

checkRead in class java.lang.SecurityManager

Parameters:

file - the system-dependent file name.

Throws:

java.lang.SecurityException - if the caller does not have permission to access the specified file.

Since:

JDK1.0

checkRead

public void checkRead(java.lang.String file,
                      java.lang.Object context)

Throws a SecurityException if the specified security context is not allowed to read the file specified by the string argument. The context must be a security context returned by a previous call to getSecurityContext.

The checkRead method for class SecurityManager always throws a SecurityException.

Overrides:

checkRead in class java.lang.SecurityManager

Parameters:

file - the system-dependent filename.

context - a system-dependent security context.

Throws:

java.lang.SecurityException - if the specified security context does not have permission to read the specified file.

Since:

JDK1.0

See Also:

SecurityManager.getSecurityContext()

checkWrite

public void checkWrite(java.io.FileDescriptor fd)

Throws a SecurityException if the calling thread is not allowed to write to the specified file descriptor.

The checkWrite method for class SecurityManager always throws a SecurityException.

Overrides:

checkWrite in class java.lang.SecurityManager

Parameters:

fd - the system-dependent file descriptor.

Throws:

java.lang.SecurityException - if the caller does not have permission to access the specified file descriptor.

Since:

JDK1.0

See Also:

FileDescriptor

checkWrite

public void checkWrite(java.lang.String file)

Throws a SecurityException if the calling thread is not allowed to write to the file specified by the string argument.

The checkWrite method for class SecurityManager always throws a SecurityException.

Overrides:

checkWrite in class java.lang.SecurityManager

Parameters:

file - the system-dependent filename.

Throws:

java.lang.SecurityException - if the caller does not have permission to access the specified file.

Since:

JDK1.0

checkDelete

public void checkDelete(java.lang.String file)

Throws a SecurityException if the calling thread is not allowed to delete the specified file.

This method is invoked for the current security manager by the delete method of class File.

The checkDelete method for class SecurityManager always throws a SecurityException.

Overrides:

checkDelete in class java.lang.SecurityManager

Parameters:

file - the system-dependent filename.

Throws:

java.lang.SecurityException - if the caller does not have permission to delete the file.

Since:

JDK1.0

See Also:

File.delete(), java.lang.System#getSecurityManager()

checkConnect

public void checkConnect(java.lang.String host,
                         int port)

Throws a SecurityException if the calling thread is not allowed to open a socket connection to the specified host and port number.

A port number of -1 indicates that the calling method is attempting to determine the IP address of the specified host name.

The checkConnect method for class SecurityManager always throws a SecurityException.

Overrides:

checkConnect in class java.lang.SecurityManager

Parameters:

host - the host name port to connect to.

port - the protocol port to connect to.

Throws:

java.lang.SecurityException - if the caller does not have permission to open a socket connection to the specified host and port.

Since:

JDK1.0

checkConnect

public void checkConnect(java.lang.String host,
                         int port,
                         java.lang.Object context)

Throws a SecurityException if the specified security context is not allowed to open a socket connection to the specified host and port number.

A port number of -1 indicates that the calling method is attempting to determine the IP address of the specified host name.

The checkConnect method for class SecurityManager always throws a SecurityException.

Overrides:

checkConnect in class java.lang.SecurityManager

Parameters:

host - the host name port to connect to.

port - the protocol port to connect to.

context - a system-dependent security context.

Throws:

java.lang.SecurityException - if the specified security context does not have permission to open a socket connection to the specified host and port.

Since:

JDK1.0

See Also:

SecurityManager.getSecurityContext()

checkListen

public void checkListen(int port)

Throws a SecurityException if the calling thread is not allowed to wait for a connection request on the specified local port number.

The checkListen method for class SecurityManager always throws a SecurityException.

Overrides:

checkListen in class java.lang.SecurityManager

Parameters:

port - the local port.

Throws:

java.lang.SecurityException - if the caller does not have permission to listen on the specified port.

Since:

JDK1.0

checkAccept

public void checkAccept(java.lang.String host,
                        int port)

Throws a SecurityException if the calling thread is not permitted to accept a socket connection from the specified host and port number.

This method is invoked for the current security manager by the accept method of class ServerSocket.

The checkAccept method for class SecurityManager always throws a SecurityException.

Overrides:

checkAccept in class java.lang.SecurityManager

Parameters:

host - the host name of the socket connection.

port - the port number of the socket connection.

Throws:

java.lang.SecurityException - if the caller does not have permission to accept the connection.

Since:

JDK1.0

See Also:

java.lang.System#getSecurityManager(), ServerSocket.accept()

checkMulticast

public void checkMulticast(java.net.InetAddress maddr)

Tests if current execution context is allowed to use (join/leave/send/receive) IP multicast.

Overrides:

checkMulticast in class java.lang.SecurityManager

Parameters:

multicast - Internet group address to be used.

Throws:

java.lang.SecurityException - if a security error has occurred.

Since:

JDK1.1

checkMulticast

public void checkMulticast(java.net.InetAddress maddr,
                           byte ttl)

Tests to see if current execution context is allowed to use (join/leave/send/receive) IP multicast.

Overrides:

checkMulticast in class java.lang.SecurityManager

Parameters:

multicast - Internet group address to be used.

ttl - value in use, if it is multicast send.

Throws:

java.lang.SecurityException - if a security error has occurred.

Since:

JDK1.1

checkPropertiesAccess

public void checkPropertiesAccess()

Throws a SecurityException if the calling thread is not allowed to access or modify the system properties.

This method is used by the getProperties and setProperties methods of class System.

The checkPropertiesAccess method for class SecurityManager always throws a SecurityException.

Overrides:

checkPropertiesAccess in class java.lang.SecurityManager

Throws:

java.lang.SecurityException - if the caller does not have permission to access or modify the system properties.

Since:

JDK1.0

See Also:

java.lang.System#getProperties(), java.lang.System#setProperties(java.util.Properties)

checkPropertyAccess

public void checkPropertyAccess(java.lang.String key)

Throws a SecurityException if the calling thread is not allowed to access the system property with the specified key name.

This method is used by the getProperty method of class System.

The checkPropertiesAccess method for class SecurityManager always throws a SecurityException.

Overrides:

checkPropertyAccess in class java.lang.SecurityManager

Parameters:

key - a system property key.

Throws:

java.lang.SecurityException - if the caller does not have permission to access the specified system property.

Since:

JDK1.0

See Also:

java.lang.System#getProperty(java.lang.String)

checkTopLevelWindow

public boolean checkTopLevelWindow(java.lang.Object window)

Returns false if the calling thread is not trusted to bring up the top-level window indicated by the window argument. In this case, the caller can still decide to show the window, but the window should include some sort of visual warning. If the method returns true, then the window can be shown without any special restrictions.

See class Window for more information on trusted and untrusted windows.

The checkSetFactory method for class SecurityManager always returns false.

Overrides:

checkTopLevelWindow in class java.lang.SecurityManager

Parameters:

window - the new window that is being created.

Returns:

true if the caller is trusted to put up top-level windows; false otherwise.

Throws:

java.lang.SecurityException - if creation is disallowed entirely.

Since:

JDK1.0

See Also:

java.awt.Window

checkPrintJobAccess

public void checkPrintJobAccess()

Tests if a client can initiate a print job request.

Overrides:

checkPrintJobAccess in class java.lang.SecurityManager

Since:

JDK1.1

checkSystemClipboardAccess

public void checkSystemClipboardAccess()

Tests if a client can get access to the system clipboard.

Overrides:

checkSystemClipboardAccess in class java.lang.SecurityManager

Since:

JDK1.1

checkAwtEventQueueAccess

public void checkAwtEventQueueAccess()

Tests if a client can get access to the AWT event queue.

Overrides:

checkAwtEventQueueAccess in class java.lang.SecurityManager

Since:

JDK1.1

checkPackageAccess

public void checkPackageAccess(java.lang.String pkg)

Throws a SecurityException if the calling thread is not allowed to access the package specified by the argument.

This method is used by the loadClass method of class loaders.

The checkPackageAccess method for class SecurityManager always throws a SecurityException.

Overrides:

checkPackageAccess in class java.lang.SecurityManager

Parameters:

pkg - the package name.

Throws:

java.lang.SecurityException - if the caller does not have permission to access the specified package.

Since:

JDK1.0

See Also:

ClassLoader.loadClass(java.lang.String, boolean)

checkPackageDefinition

public void checkPackageDefinition(java.lang.String pkg)

Throws a SecurityException if the calling thread is not allowed to define classes in the package specified by the argument.

This method is used by the loadClass method of some class loaders.

The checkPackageDefinition method for class SecurityManager always throws a SecurityException.

Overrides:

checkPackageDefinition in class java.lang.SecurityManager

Parameters:

pkg - the package name.

Throws:

java.lang.SecurityException - if the caller does not have permission to define classes in the specified package.

Since:

JDK1.0

See Also:

ClassLoader.loadClass(java.lang.String, boolean)

checkSetFactory

public void checkSetFactory()

Throws a SecurityException if the calling thread is not allowed to set the socket factory used by ServerSocket or Socket, or the stream handler factory used by URL.

The checkSetFactory method for class SecurityManager always throws a SecurityException.

Overrides:

checkSetFactory in class java.lang.SecurityManager

Throws:

java.lang.SecurityException - if the caller does not have permission to specify a socket factory or a stream handler factory.

Since:

JDK1.0

See Also:

ServerSocket.setSocketFactory(java.net.SocketImplFactory), Socket.setSocketImplFactory(java.net.SocketImplFactory), URL.setURLStreamHandlerFactory(java.net.URLStreamHandlerFactory)

checkMemberAccess

public void checkMemberAccess(java.lang.Class clazz,
                              int which)

Tests if a client is allowed to access members. If access is denied, throw a SecurityException. The default policy is to deny all accesses.

Overrides:

checkMemberAccess in class java.lang.SecurityManager

Since:

JDK1.1

checkSecurityAccess

public void checkSecurityAccess(java.lang.String action)

Tests access to certain operations for a security API action.

Overrides:

checkSecurityAccess in class java.lang.SecurityManager

Since:

JDK1.1

getThreadGroup

public java.lang.ThreadGroup getThreadGroup()

Returns the thread group into which to instantiate any new thread being created at the time this is being called. By default, it returns the thread group of the current thread. This should be overriden by specific security manager to return the appropriate thread group.

Overrides:

getThreadGroup in class java.lang.SecurityManager

Since:

JDK1.1