XsltSecurityManager (jd.xslt JavaDoc)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

jd.xml.xslt
Class XsltSecurityManager

java.lang.Object
  jd.xml.xslt.XsltSecurityManager

public class XsltSecurityManager
extends Object

XsltSecurityManager is a class that allows applications to implement a security policy for XSLT transformations. It allows an application to determine, before performing a possibly unsafe or sensitive XSL instruction, what the operation is and whether it is being attempted in a security context that allows the operation to be performed. The application can allow or disallow the operation.

Field Summary
`static XsltSecurityManager`	`DEFAULT` The default security manager which has no restrictions.

Constructor Summary
`XsltSecurityManager()`

Method Summary
`void`	`checkDocumentRead(String uri)` Check the permission to read document via the document()-function The default implementation does nothing.
`void`	`checkDocumentWrite(String xslUri, String parentUri, String href)` Check the permission to write a subdocument defined by xsl:document The default implementation does nothing.
`void`	`checkExecuteScript(String xslUri, String language, String src, String content)` Check the permission to execute a script defined by a xsl:script instruction.
`void`	`checkReplace(XsltSecurityManager manager)` Check the permission to replace the current global security manager.
`static XsltSecurityManager`	`getGlobalInstance()` Return the global security manager.
`static void`	`setGlobalInstance(XsltSecurityManager manager)` Set the global security manager.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT

public static final XsltSecurityManager DEFAULT

The default security manager which has no restrictions.

Constructor Detail

XsltSecurityManager

public XsltSecurityManager()

Method Detail

setGlobalInstance

public static void setGlobalInstance(XsltSecurityManager manager)

Set the global security manager. There is a potential security leak if this class gets garbage collected and loaded again. In this case the security manager will be reset to the default. To prevent this just reference the class or a SecurityManager object from your main system thread.

getGlobalInstance

public static XsltSecurityManager getGlobalInstance()

Return the global security manager. Every new stylesheet will initially use this SecurityManager.

checkExecuteScript

public void checkExecuteScript(String xslUri,
                               String language,
                               String src,
                               String content)
                        throws SecurityException

Check the permission to execute a script defined by a xsl:script instruction. The default implementation does nothing.

Parameters:: xslUri - the baseUri of the defining xsl document; language - the script language; src - the external script source. If not null content is null; content - the inline definition of the script. If not null src is null
Throws:: SecurityException - thrown if script execution is not allowed.

checkDocumentWrite

public void checkDocumentWrite(String xslUri,
                               String parentUri,
                               String href)
                        throws SecurityException

Check the permission to write a subdocument defined by xsl:document The default implementation does nothing.

Parameters:: xslUri - the baseUri of the defining xsl document; parentUri - the uri of the parent document; href - the href of the subdocument
Throws:: SecurityException - thrown if the creation of the subdocument is not allowed.

checkDocumentRead

public void checkDocumentRead(String uri)
                       throws SecurityException

Check the permission to read document via the document()-function The default implementation does nothing.

Parameters:: uri - the of the document
Throws:: SecurityException - thrown if the document may not be read.

checkReplace

public void checkReplace(XsltSecurityManager manager)
                  throws SecurityException

Check the permission to replace the current global security manager. The default implementation does nothing.

Parameters:: manager - the new manager
Throws:: SecurityException - thrown if it is not allowed to replace it