From 05dd25bd43df11fc874d857ced49bbe3c6e72a74 Mon Sep 17 00:00:00 2001 From: Omair Majid Date: Mon, 28 Feb 2011 13:40:12 -0500 Subject: Rename security warning classes to security dialog classes. Some of the security dialogs that are shown are not warning dialogs. 2011-02-28 Omair Majid Rename files * netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java: Rename to ... * netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java: New file. * netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java: Rename to... * netx/net/sourceforge/jnlp/security/SecurityDialog.java: New file. * netx/net/sourceforge/jnlp/security/SecurityWarning.java: Rename to... * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: New file. * netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java, * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java, * netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java, * netx/net/sourceforge/jnlp/security/AccessWarningPane.java, * netx/net/sourceforge/jnlp/security/AppletWarningPane.java, * netx/net/sourceforge/jnlp/security/CertWarningPane.java, * netx/net/sourceforge/jnlp/security/CertsInfoPane.java, * netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java, * netx/net/sourceforge/jnlp/security/MoreInfoPane.java, * netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java, * netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java, * netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java, * netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java, * netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java, * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java, * netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java, * netx/net/sourceforge/jnlp/services/ServiceUtil.java, * netx/net/sourceforge/jnlp/services/XClipboardService.java, * netx/net/sourceforge/jnlp/services/XExtendedService.java, * netx/net/sourceforge/jnlp/services/XFileOpenService.java, * netx/net/sourceforge/jnlp/services/XFileSaveService.java: Update class names to the new classes. --- .../jnlp/runtime/ApplicationInstance.java | 8 +- .../sourceforge/jnlp/runtime/JNLPClassLoader.java | 14 +- .../jnlp/runtime/JNLPSecurityManager.java | 2 +- .../jnlp/security/AccessWarningPane.java | 8 +- .../jnlp/security/AppletWarningPane.java | 2 +- .../sourceforge/jnlp/security/CertWarningPane.java | 8 +- .../sourceforge/jnlp/security/CertsInfoPane.java | 2 +- .../jnlp/security/JNLPAuthenticator.java | 2 +- .../sourceforge/jnlp/security/MoreInfoPane.java | 4 +- .../jnlp/security/NotAllSignedWarningPane.java | 2 +- .../security/PasswordAuthenticationDialog.java | 247 -------------- .../jnlp/security/PasswordAuthenticationPane.java | 247 ++++++++++++++ .../sourceforge/jnlp/security/SecurityDialog.java | 369 +++++++++++++++++++++ .../jnlp/security/SecurityDialogMessage.java | 4 +- .../security/SecurityDialogMessageHandler.java | 6 +- .../jnlp/security/SecurityDialogPanel.java | 14 +- .../sourceforge/jnlp/security/SecurityDialogs.java | 331 ++++++++++++++++++ .../sourceforge/jnlp/security/SecurityWarning.java | 331 ------------------ .../jnlp/security/SecurityWarningDialog.java | 369 --------------------- .../jnlp/security/SingleCertInfoPane.java | 2 +- .../jnlp/security/VariableX509TrustManager.java | 4 +- .../jnlp/security/viewer/CertificatePane.java | 4 +- .../net/sourceforge/jnlp/services/ServiceUtil.java | 6 +- .../jnlp/services/XClipboardService.java | 2 +- .../jnlp/services/XExtendedService.java | 2 +- .../jnlp/services/XFileOpenService.java | 2 +- .../jnlp/services/XFileSaveService.java | 2 +- 27 files changed, 997 insertions(+), 997 deletions(-) delete mode 100644 netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java create mode 100644 netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java create mode 100644 netx/net/sourceforge/jnlp/security/SecurityDialog.java create mode 100644 netx/net/sourceforge/jnlp/security/SecurityDialogs.java delete mode 100644 netx/net/sourceforge/jnlp/security/SecurityWarning.java delete mode 100644 netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java (limited to 'netx/net/sourceforge') diff --git a/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java b/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java index 842385c..320228a 100644 --- a/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java +++ b/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java @@ -35,8 +35,8 @@ import net.sourceforge.jnlp.ShortcutDesc; import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.event.ApplicationEvent; import net.sourceforge.jnlp.event.ApplicationListener; -import net.sourceforge.jnlp.security.SecurityWarning; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.util.WeakList; import net.sourceforge.jnlp.util.XDesktopEntry; @@ -184,12 +184,12 @@ public class ApplicationInstance { } else if (currentSetting.equals(ShortcutDesc.CREATE_ALWAYS)) { createShortcut = true; } else if (currentSetting.equals(ShortcutDesc.CREATE_ASK_USER)) { - if (SecurityWarning.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) { + if (SecurityDialogs.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) { createShortcut = true; } } else if (currentSetting.equals(ShortcutDesc.CREATE_ASK_USER_IF_HINTED)) { if (sd != null && sd.onDesktop()) { - if (SecurityWarning.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) { + if (SecurityDialogs.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) { createShortcut = true; } } diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java index da3c4c3..841e874 100644 --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java @@ -58,8 +58,8 @@ import net.sourceforge.jnlp.Version; import net.sourceforge.jnlp.cache.CacheUtil; import net.sourceforge.jnlp.cache.ResourceTracker; import net.sourceforge.jnlp.cache.UpdatePolicy; -import net.sourceforge.jnlp.security.SecurityWarning; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.tools.JarSigner; import net.sourceforge.jnlp.util.FileUtils; import sun.misc.JarIndex; @@ -289,7 +289,7 @@ public class JNLPClassLoader extends URLClassLoader { if (extLoader != null && extLoader != loader) { if (loader.signing && !extLoader.signing) - if (!SecurityWarning.showNotAllSignedWarningDialog(file)) + if (!SecurityDialogs.showNotAllSignedWarningDialog(file)) throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo")); loader.merge(extLoader); @@ -436,7 +436,7 @@ public class JNLPClassLoader extends URLClassLoader { signing = true; if (!js.allJarsSigned() && - !SecurityWarning.showNotAllSignedWarningDialog(file)) + !SecurityDialogs.showNotAllSignedWarningDialog(file)) throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo")); //user does not trust this publisher @@ -503,7 +503,7 @@ public class JNLPClassLoader extends URLClassLoader { private void checkTrustWithUser(JarSigner js) throws LaunchException { if (!js.getRootInCacerts()) { //root cert is not in cacerts - boolean b = SecurityWarning.showCertWarningDialog( + boolean b = SecurityDialogs.showCertWarningDialog( AccessType.UNVERIFIED, file, js); if (!b) throw new LaunchException(null, null, R("LSFatal"), @@ -511,10 +511,10 @@ public class JNLPClassLoader extends URLClassLoader { } else if (js.getRootInCacerts()) { //root cert is in cacerts boolean b = false; if (js.noSigningIssues()) - b = SecurityWarning.showCertWarningDialog( + b = SecurityDialogs.showCertWarningDialog( AccessType.VERIFIED, file, js); else if (!js.noSigningIssues()) - b = SecurityWarning.showCertWarningDialog( + b = SecurityDialogs.showCertWarningDialog( AccessType.SIGNING_ERROR, file, js); if (!b) throw new LaunchException(null, null, R("LSFatal"), diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java b/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java index b5b23ca..fca019e 100644 --- a/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java +++ b/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java @@ -30,7 +30,7 @@ import java.security.SecurityPermission; import javax.swing.JWindow; import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.services.ServiceUtil; import net.sourceforge.jnlp.util.WeakList; import sun.awt.AWTSecurityManager; diff --git a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java b/netx/net/sourceforge/jnlp/security/AccessWarningPane.java index d83e45c..72f0c78 100644 --- a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java +++ b/netx/net/sourceforge/jnlp/security/AccessWarningPane.java @@ -58,11 +58,11 @@ import javax.swing.JPanel; import javax.swing.SwingConstants; import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.util.FileUtils; /** - * Provides a panel to show inside a SecurityWarningDialog. These dialogs are + * Provides a panel to show inside a SecurityDialog. These dialogs are * used to warn the user when either signed code (with or without signing * issues) is going to be run, or when service permission (file, clipboard, * printer, etc) is needed with unsigned code. @@ -74,12 +74,12 @@ public class AccessWarningPane extends SecurityDialogPanel { JCheckBox alwaysAllow; Object[] extras; - public AccessWarningPane(SecurityWarningDialog x, CertVerifier certVerifier) { + public AccessWarningPane(SecurityDialog x, CertVerifier certVerifier) { super(x, certVerifier); addComponents(); } - public AccessWarningPane(SecurityWarningDialog x, Object[] extras, CertVerifier certVerifier) { + public AccessWarningPane(SecurityDialog x, Object[] extras, CertVerifier certVerifier) { super(x, certVerifier); this.extras = extras; addComponents(); diff --git a/netx/net/sourceforge/jnlp/security/AppletWarningPane.java b/netx/net/sourceforge/jnlp/security/AppletWarningPane.java index 5a959bc..2523fee 100644 --- a/netx/net/sourceforge/jnlp/security/AppletWarningPane.java +++ b/netx/net/sourceforge/jnlp/security/AppletWarningPane.java @@ -51,7 +51,7 @@ import javax.swing.JPanel; public class AppletWarningPane extends SecurityDialogPanel { - public AppletWarningPane(SecurityWarningDialog x, CertVerifier certVerifier) { + public AppletWarningPane(SecurityDialog x, CertVerifier certVerifier) { super(x, certVerifier); addComponents(); } diff --git a/netx/net/sourceforge/jnlp/security/CertWarningPane.java b/netx/net/sourceforge/jnlp/security/CertWarningPane.java index 215b365..fcee971 100644 --- a/netx/net/sourceforge/jnlp/security/CertWarningPane.java +++ b/netx/net/sourceforge/jnlp/security/CertWarningPane.java @@ -68,11 +68,11 @@ import net.sourceforge.jnlp.PluginBridge; import net.sourceforge.jnlp.runtime.JNLPRuntime; import net.sourceforge.jnlp.security.KeyStores.Level; import net.sourceforge.jnlp.security.KeyStores.Type; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.util.FileUtils; /** - * Provides the panel for using inside a SecurityWarningDialog. These dialogs are + * Provides the panel for using inside a SecurityDialog. These dialogs are * used to warn the user when either signed code (with or without signing * issues) is going to be run, or when service permission (file, clipboard, * printer, etc) is needed with unsigned code. @@ -84,7 +84,7 @@ public class CertWarningPane extends SecurityDialogPanel { JCheckBox alwaysTrust; CertVerifier certVerifier; - public CertWarningPane(SecurityWarningDialog x, CertVerifier certVerifier) { + public CertWarningPane(SecurityDialog x, CertVerifier certVerifier) { super(x, certVerifier); this.certVerifier = certVerifier; addComponents(); @@ -231,7 +231,7 @@ public class CertWarningPane extends SecurityDialogPanel { private class MoreInfoButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { - SecurityWarningDialog.showMoreInfoDialog(parent.getJarSigner(), + SecurityDialog.showMoreInfoDialog(parent.getJarSigner(), parent); } } diff --git a/netx/net/sourceforge/jnlp/security/CertsInfoPane.java b/netx/net/sourceforge/jnlp/security/CertsInfoPane.java index ebf8b3f..c6ea187 100644 --- a/netx/net/sourceforge/jnlp/security/CertsInfoPane.java +++ b/netx/net/sourceforge/jnlp/security/CertsInfoPane.java @@ -75,7 +75,7 @@ public class CertsInfoPane extends SecurityDialogPanel { private String[] columnNames = { R("Field"), R("Value") }; protected ArrayList certsData; - public CertsInfoPane(SecurityWarningDialog x, CertVerifier certVerifier) { + public CertsInfoPane(SecurityDialog x, CertVerifier certVerifier) { super(x, certVerifier); addComponents(); } diff --git a/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java b/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java index 2770291..36b3233 100644 --- a/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java +++ b/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java @@ -51,7 +51,7 @@ public class JNLPAuthenticator extends Authenticator { String type = this.getRequestorType() == RequestorType.PROXY ? "proxy" : "web"; // request auth info from user - PasswordAuthenticationDialog pwDialog = new PasswordAuthenticationDialog(); + PasswordAuthenticationPane pwDialog = new PasswordAuthenticationPane(); PasswordAuthentication auth = pwDialog.askUser(this.getRequestingHost(), this.getRequestingPort(), this.getRequestingPrompt(), type); // send it along diff --git a/netx/net/sourceforge/jnlp/security/MoreInfoPane.java b/netx/net/sourceforge/jnlp/security/MoreInfoPane.java index c76002b..b6a27d1 100644 --- a/netx/net/sourceforge/jnlp/security/MoreInfoPane.java +++ b/netx/net/sourceforge/jnlp/security/MoreInfoPane.java @@ -61,7 +61,7 @@ import javax.swing.SwingConstants; */ public class MoreInfoPane extends SecurityDialogPanel { - public MoreInfoPane(SecurityWarningDialog x, CertVerifier certVerifier) { + public MoreInfoPane(SecurityDialog x, CertVerifier certVerifier) { super(x, certVerifier); addComponents(); } @@ -105,7 +105,7 @@ public class MoreInfoPane extends SecurityDialogPanel { private class CertInfoButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { - SecurityWarningDialog.showCertInfoDialog(parent.getJarSigner(), + SecurityDialog.showCertInfoDialog(parent.getJarSigner(), parent); } } diff --git a/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java b/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java index 8d2919c..2e3564b 100644 --- a/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java +++ b/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java @@ -57,7 +57,7 @@ import net.sourceforge.jnlp.JNLPFile; public class NotAllSignedWarningPane extends SecurityDialogPanel { - public NotAllSignedWarningPane(SecurityWarningDialog x) { + public NotAllSignedWarningPane(SecurityDialog x) { super(x); addComponents(); } diff --git a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java deleted file mode 100644 index a83506e..0000000 --- a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java +++ /dev/null @@ -1,247 +0,0 @@ -/* PasswordAuthenticationDialog -- requests authentication information from users - Copyright (C) 2009 Red Hat - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -IcedTea is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package net.sourceforge.jnlp.security; - -import java.awt.Dimension; -import java.awt.GridBagConstraints; -import java.awt.GridBagLayout; -import java.awt.Insets; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.net.PasswordAuthentication; - -import javax.swing.JButton; -import javax.swing.JDialog; -import javax.swing.JLabel; -import javax.swing.JPasswordField; -import javax.swing.JTextField; -import javax.swing.SwingUtilities; - -import net.sourceforge.jnlp.runtime.JNLPRuntime; - -/** - * Modal non-minimizable dialog to request http authentication credentials - */ - -public class PasswordAuthenticationDialog extends JDialog { - - private JLabel jlInfo = new JLabel(""); - private JTextField jtfUserName = new JTextField(); - private JPasswordField jpfPassword = new JPasswordField(); - private boolean userCancelled; - - public PasswordAuthenticationDialog() { - initialize(); - } - - /** - * Initialized the dialog components - */ - - public void initialize() { - - setTitle("IcedTea Java Plugin - Authorization needed to proceed"); - - setLayout(new GridBagLayout()); - - JLabel jlUserName = new JLabel("Username: "); - JLabel jlPassword = new JLabel("Password: "); - JButton jbOK = new JButton("OK"); - JButton jbCancel = new JButton("Cancel"); - - jtfUserName.setSize(20, 10); - jpfPassword.setSize(20, 10); - - GridBagConstraints c; - - c = new GridBagConstraints(); - c.fill = c.HORIZONTAL; - c.gridx = 0; - c.gridy = 0; - c.gridwidth = 2; - c.insets = new Insets(10, 5, 3, 3); - add(jlInfo, c); - - c = new GridBagConstraints(); - c.gridx = 0; - c.gridy = 1; - c.insets = new Insets(10, 5, 3, 3); - add(jlUserName, c); - - c = new GridBagConstraints(); - c.fill = c.HORIZONTAL; - c.gridx = 1; - c.gridy = 1; - c.insets = new Insets(10, 5, 3, 3); - c.weightx = 1.0; - add(jtfUserName, c); - - c = new GridBagConstraints(); - c.gridx = 0; - c.gridy = 2; - c.insets = new Insets(5, 5, 3, 3); - add(jlPassword, c); - - c = new GridBagConstraints(); - c.fill = c.HORIZONTAL; - c.gridx = 1; - c.gridy = 2; - c.insets = new Insets(5, 5, 3, 3); - c.weightx = 1.0; - add(jpfPassword, c); - - c = new GridBagConstraints(); - c.anchor = c.SOUTHEAST; - c.gridx = 1; - c.gridy = 3; - c.insets = new Insets(5, 5, 3, 70); - c.weightx = 0.0; - add(jbCancel, c); - - c = new GridBagConstraints(); - c.anchor = c.SOUTHEAST; - c.gridx = 1; - c.gridy = 3; - c.insets = new Insets(5, 5, 3, 3); - c.weightx = 0.0; - add(jbOK, c); - - setMinimumSize(new Dimension(400, 150)); - setMaximumSize(new Dimension(1024, 150)); - setAlwaysOnTop(true); - - setSize(400, 150); - setLocationRelativeTo(null); - - // OK => read supplied info and pass it on - jbOK.addActionListener(new ActionListener() { - public void actionPerformed(ActionEvent e) { - userCancelled = false; - dispose(); - } - }); - - // Cancel => discard supplied info and pass on an empty auth - jbCancel.addActionListener(new ActionListener() { - public void actionPerformed(ActionEvent e) { - userCancelled = true; - dispose(); - } - }); - - // "return" key in either user or password field => OK - - jtfUserName.addActionListener(new ActionListener() { - public void actionPerformed(ActionEvent e) { - userCancelled = false; - dispose(); - } - }); - - jpfPassword.addActionListener(new ActionListener() { - public void actionPerformed(ActionEvent e) { - userCancelled = false; - dispose(); - } - }); - } - - /** - * Present a dialog to the user asking them for authentication information - * - * @param host The host for with authentication is needed - * @param port The port being accessed - * @param prompt The prompt (realm) as presented by the server - * @param type The type of server (proxy/web) - * @return PasswordAuthentication containing the credentials (empty credentials if user cancelled) - */ - protected PasswordAuthentication askUser(String host, int port, String prompt, String type) { - PasswordAuthentication auth = null; - - host += port != -1 ? ":" + port : ""; - - // This frame is reusable. So reset everything first. - userCancelled = true; - jlInfo.setText("The " + type + " server at " + host + - " is requesting authentication. It says \"" + prompt + "\""); - - try { - SwingUtilities.invokeAndWait(new Runnable() { - public void run() { - // show dialog to user - setVisible(true); - } - }); - - if (JNLPRuntime.isDebug()) { - System.out.println("password dialog shown"); - } - - // wait until dialog is gone - while (this.isShowing()) { - try { - Thread.sleep(200); - } catch (InterruptedException ie) { - } - } - - if (JNLPRuntime.isDebug()) { - System.out.println("password dialog closed"); - } - - if (!userCancelled) { - auth = new PasswordAuthentication(jtfUserName.getText(), jpfPassword.getPassword()); - } - } catch (Exception e) { - e.printStackTrace(); - - // Nothing else we can do. Empty auth will be returned - } - - return auth; - } - - public static void main(String[] args) { - PasswordAuthenticationDialog frame = new PasswordAuthenticationDialog(); - - PasswordAuthentication auth = frame.askUser("127.0.0.1", 3128, "Password for local proxy", "proxy"); - - System.err.println("Auth info: " + auth.getUserName() + ":" + new String(auth.getPassword())); - System.exit(0); - } -} diff --git a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java new file mode 100644 index 0000000..7a0411e --- /dev/null +++ b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java @@ -0,0 +1,247 @@ +/* PasswordAuthenticationPane -- requests authentication information from users + Copyright (C) 2010 Red Hat + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + +package net.sourceforge.jnlp.security; + +import java.awt.Dimension; +import java.awt.GridBagConstraints; +import java.awt.GridBagLayout; +import java.awt.Insets; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.net.PasswordAuthentication; + +import javax.swing.JButton; +import javax.swing.JDialog; +import javax.swing.JLabel; +import javax.swing.JPasswordField; +import javax.swing.JTextField; +import javax.swing.SwingUtilities; + +import net.sourceforge.jnlp.runtime.JNLPRuntime; + +/** + * Modal non-minimizable dialog to request http authentication credentials + */ + +public class PasswordAuthenticationPane extends JDialog { + + private final JLabel jlInfo = new JLabel(""); + private final JTextField jtfUserName = new JTextField(); + private final JPasswordField jpfPassword = new JPasswordField(); + private boolean userCancelled; + + public PasswordAuthenticationPane() { + initialize(); + } + + /** + * Initialized the dialog components + */ + + public void initialize() { + + setTitle("IcedTea Java Plugin - Authorization needed to proceed"); + + setLayout(new GridBagLayout()); + + JLabel jlUserName = new JLabel("Username: "); + JLabel jlPassword = new JLabel("Password: "); + JButton jbOK = new JButton("OK"); + JButton jbCancel = new JButton("Cancel"); + + jtfUserName.setSize(20, 10); + jpfPassword.setSize(20, 10); + + GridBagConstraints c; + + c = new GridBagConstraints(); + c.fill = c.HORIZONTAL; + c.gridx = 0; + c.gridy = 0; + c.gridwidth = 2; + c.insets = new Insets(10, 5, 3, 3); + add(jlInfo, c); + + c = new GridBagConstraints(); + c.gridx = 0; + c.gridy = 1; + c.insets = new Insets(10, 5, 3, 3); + add(jlUserName, c); + + c = new GridBagConstraints(); + c.fill = c.HORIZONTAL; + c.gridx = 1; + c.gridy = 1; + c.insets = new Insets(10, 5, 3, 3); + c.weightx = 1.0; + add(jtfUserName, c); + + c = new GridBagConstraints(); + c.gridx = 0; + c.gridy = 2; + c.insets = new Insets(5, 5, 3, 3); + add(jlPassword, c); + + c = new GridBagConstraints(); + c.fill = c.HORIZONTAL; + c.gridx = 1; + c.gridy = 2; + c.insets = new Insets(5, 5, 3, 3); + c.weightx = 1.0; + add(jpfPassword, c); + + c = new GridBagConstraints(); + c.anchor = c.SOUTHEAST; + c.gridx = 1; + c.gridy = 3; + c.insets = new Insets(5, 5, 3, 70); + c.weightx = 0.0; + add(jbCancel, c); + + c = new GridBagConstraints(); + c.anchor = c.SOUTHEAST; + c.gridx = 1; + c.gridy = 3; + c.insets = new Insets(5, 5, 3, 3); + c.weightx = 0.0; + add(jbOK, c); + + setMinimumSize(new Dimension(400, 150)); + setMaximumSize(new Dimension(1024, 150)); + setAlwaysOnTop(true); + + setSize(400, 150); + setLocationRelativeTo(null); + + // OK => read supplied info and pass it on + jbOK.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + userCancelled = false; + dispose(); + } + }); + + // Cancel => discard supplied info and pass on an empty auth + jbCancel.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + userCancelled = true; + dispose(); + } + }); + + // "return" key in either user or password field => OK + + jtfUserName.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + userCancelled = false; + dispose(); + } + }); + + jpfPassword.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + userCancelled = false; + dispose(); + } + }); + } + + /** + * Present a dialog to the user asking them for authentication information + * + * @param host The host for with authentication is needed + * @param port The port being accessed + * @param prompt The prompt (realm) as presented by the server + * @param type The type of server (proxy/web) + * @return PasswordAuthentication containing the credentials (empty credentials if user cancelled) + */ + protected PasswordAuthentication askUser(String host, int port, String prompt, String type) { + PasswordAuthentication auth = null; + + host += port != -1 ? ":" + port : ""; + + // This frame is reusable. So reset everything first. + userCancelled = true; + jlInfo.setText("The " + type + " server at " + host + + " is requesting authentication. It says \"" + prompt + "\""); + + try { + SwingUtilities.invokeAndWait(new Runnable() { + public void run() { + // show dialog to user + setVisible(true); + } + }); + + if (JNLPRuntime.isDebug()) { + System.out.println("password dialog shown"); + } + + // wait until dialog is gone + while (this.isShowing()) { + try { + Thread.sleep(200); + } catch (InterruptedException ie) { + } + } + + if (JNLPRuntime.isDebug()) { + System.out.println("password dialog closed"); + } + + if (!userCancelled) { + auth = new PasswordAuthentication(jtfUserName.getText(), jpfPassword.getPassword()); + } + } catch (Exception e) { + e.printStackTrace(); + + // Nothing else we can do. Empty auth will be returned + } + + return auth; + } + + public static void main(String[] args) { + PasswordAuthenticationPane frame = new PasswordAuthenticationPane(); + + PasswordAuthentication auth = frame.askUser("127.0.0.1", 3128, "Password for local proxy", "proxy"); + + System.err.println("Auth info: " + auth.getUserName() + ":" + new String(auth.getPassword())); + System.exit(0); + } +} diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java new file mode 100644 index 0000000..cb37395 --- /dev/null +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java @@ -0,0 +1,369 @@ +/* SecurityDialog.java + Copyright (C) 2010 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.runtime.JNLPRuntime; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; + +import java.awt.*; + +import javax.swing.*; + +import java.awt.event.*; +import java.security.cert.X509Certificate; +import java.util.concurrent.CopyOnWriteArrayList; + +import java.util.List; + +/** + * Provides methods for showing security warning dialogs for a wide range of + * JNLP security issues. Note that the security dialogs should be running in the + * secure AppContext - this class should not be used directly from an applet or + * application. See {@link SecurityDialogs} for a way to show security dialogs. + * + * @author Joshua Sumali + */ +public class SecurityDialog extends JDialog { + + /** The type of dialog we want to show */ + private final DialogType dialogType; + + /** The type of access that this dialog is for */ + private final AccessType accessType; + + private SecurityDialogPanel panel; + + /** The application file associated with this security warning */ + private final JNLPFile file; + + private final CertVerifier certVerifier; + + private final X509Certificate cert; + + /** An optional String array that's only necessary when a dialog + * label requires some parameters (e.g. showing which address an application + * is trying to connect to). + */ + private final Object[] extras; + + /** Whether or not this object has been fully initialized */ + private boolean initialized = false; + + /** + * the return value of this dialog. result: 0 = Yes, 1 = No, 2 = Cancel, + * null = Window closed. + */ + private Object value; + + SecurityDialog(DialogType dialogType, AccessType accessType, + JNLPFile file, CertVerifier jarSigner, X509Certificate cert, Object[] extras) { + super(); + this.dialogType = dialogType; + this.accessType = accessType; + this.file = file; + this.certVerifier = jarSigner; + this.cert = cert; + this.extras = extras; + initialized = true; + + initDialog(); + } + + /** + * Construct a SecurityDialog to display some sort of access warning + */ + SecurityDialog(DialogType dialogType, AccessType accessType, + JNLPFile file) { + this(dialogType, accessType, file, null, null, null); + } + + /** + * Create a SecurityDialog to display a certificate-related warning + */ + SecurityDialog(DialogType dialogType, AccessType accessType, + JNLPFile file, CertVerifier jarSigner) { + this(dialogType, accessType, file, jarSigner, null, null); + } + + /** + * Create a SecurityDialog to display a certificate-related warning + */ + SecurityDialog(DialogType dialogType, AccessType accessType, + CertVerifier certVerifier) { + this(dialogType, accessType, null, certVerifier, null, null); + } + + /** + * Create a SecurityDialog to display some sort of access warning + * with more information + */ + SecurityDialog(DialogType dialogType, AccessType accessType, + JNLPFile file, Object[] extras) { + this(dialogType, accessType, file, null, null, extras); + } + + /** + * Create a SecurityWarningDailog to display information about a single + * certificate + */ + SecurityDialog(DialogType dialogType, X509Certificate c) { + this(dialogType, null, null, null, c, null); + } + + /** + * Returns if this dialog has been fully initialized yet. + * @return true if this dialog has been initialized, and false otherwise. + */ + public boolean isInitialized() { + return initialized; + } + + /** + * Shows more information regarding jar code signing + * + * @param jarSigner the JarSigner used to verify this application + * @param parent the parent option pane + */ + public static void showMoreInfoDialog( + CertVerifier jarSigner, SecurityDialog parent) { + + SecurityDialog dialog = + new SecurityDialog(DialogType.MORE_INFO, null, null, + jarSigner); + dialog.setModalityType(ModalityType.APPLICATION_MODAL); + dialog.setVisible(true); + dialog.dispose(); + } + + /** + * Displays CertPath information in a readable table format. + * + * @param jarSigner the JarSigner used to verify this application + * @param parent the parent option pane + */ + public static void showCertInfoDialog(CertVerifier jarSigner, + SecurityDialog parent) { + SecurityDialog dialog = new SecurityDialog(DialogType.CERT_INFO, + null, null, jarSigner); + dialog.setLocationRelativeTo(parent); + dialog.setModalityType(ModalityType.APPLICATION_MODAL); + dialog.setVisible(true); + dialog.dispose(); + } + + /** + * Displays a single certificate's information. + * + * @param c the X509 certificate. + * @param parent the parent pane. + */ + public static void showSingleCertInfoDialog(X509Certificate c, + JDialog parent) { + SecurityDialog dialog = new SecurityDialog(DialogType.SINGLE_CERT_INFO, c); + dialog.setLocationRelativeTo(parent); + dialog.setModalityType(ModalityType.APPLICATION_MODAL); + dialog.setVisible(true); + dialog.dispose(); + } + + private void initDialog() { + setSystemLookAndFeel(); + + String dialogTitle = ""; + if (dialogType == DialogType.CERT_WARNING) + dialogTitle = "Warning - Security"; + else if (dialogType == DialogType.MORE_INFO) + dialogTitle = "More Information"; + else if (dialogType == DialogType.CERT_INFO) + dialogTitle = "Details - Certificate"; + else if (dialogType == DialogType.ACCESS_WARNING) + dialogTitle = "Security Warning"; + else if (dialogType == DialogType.APPLET_WARNING) + dialogTitle = "Applet Warning"; + else if (dialogType == DialogType.NOTALLSIGNED_WARNING) + dialogTitle = "Security Warning"; + + setTitle(dialogTitle); + setModalityType(ModalityType.MODELESS); + + setDefaultCloseOperation(DISPOSE_ON_CLOSE); + + installPanel(); + + pack(); + + WindowAdapter adapter = new WindowAdapter() { + private boolean gotFocus = false; + + @Override + public void windowGainedFocus(WindowEvent we) { + // Once window gets focus, set initial focus + if (!gotFocus) { + selectDefaultButton(); + gotFocus = true; + } + } + + @Override + public void windowOpened(WindowEvent e) { + if (e.getSource() instanceof SecurityDialog) { + SecurityDialog dialog = (SecurityDialog) e.getSource(); + dialog.setResizable(true); + centerDialog(dialog); + dialog.setValue(null); + } + } + }; + addWindowListener(adapter); + addWindowFocusListener(adapter); + + } + + public AccessType getAccessType() { + return accessType; + } + + public JNLPFile getFile() { + return file; + } + + public CertVerifier getJarSigner() { + return certVerifier; + } + + public X509Certificate getCert() { + return cert; + } + + /** + * Adds the appropriate JPanel to this Dialog, based on {@link DialogType}. + */ + private void installPanel() { + + if (dialogType == DialogType.CERT_WARNING) + panel = new CertWarningPane(this, this.certVerifier); + else if (dialogType == DialogType.MORE_INFO) + panel = new MoreInfoPane(this, this.certVerifier); + else if (dialogType == DialogType.CERT_INFO) + panel = new CertsInfoPane(this, this.certVerifier); + else if (dialogType == DialogType.SINGLE_CERT_INFO) + panel = new SingleCertInfoPane(this, this.certVerifier); + else if (dialogType == DialogType.ACCESS_WARNING) + panel = new AccessWarningPane(this, extras, this.certVerifier); + else if (dialogType == DialogType.APPLET_WARNING) + panel = new AppletWarningPane(this, this.certVerifier); + else if (dialogType == DialogType.NOTALLSIGNED_WARNING) + panel = new NotAllSignedWarningPane(this); + + add(panel, BorderLayout.CENTER); + } + + private static void centerDialog(JDialog dialog) { + Dimension screen = Toolkit.getDefaultToolkit().getScreenSize(); + Dimension dialogSize = dialog.getSize(); + + dialog.setLocation((screen.width - dialogSize.width) / 2, + (screen.height - dialogSize.height) / 2); + } + + private void selectDefaultButton() { + if (panel == null) { + System.out.println("initial value panel is null"); + } + panel.requestFocusOnDefaultButton(); + } + + protected void setValue(Object value) { + if (JNLPRuntime.isDebug()) { + System.out.println("Setting value:" + value); + } + this.value = value; + } + + public Object getValue() { + if (JNLPRuntime.isDebug()) { + System.out.println("Returning value:" + value); + } + return value; + } + + /** + * Called when the SecurityDialog is hidden - either because the user + * made a choice (Ok, Cancel, etc) or closed the window + */ + @Override + public void dispose() { + notifySelectionMade(); + super.dispose(); + } + + /** + * Updates the look and feel of the window to be the system look and feel + */ + protected void setSystemLookAndFeel() { + try { + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); + } catch (Exception e) { + //don't worry if we can't. + } + } + + private final List listeners = new CopyOnWriteArrayList(); + + /** + * Notify all the listeners that the user has made a decision using this + * security dialog. + */ + public void notifySelectionMade() { + for (ActionListener listener : listeners) { + listener.actionPerformed(null); + } + } + + /** + * Adds an {@link ActionListener} which will be notified if the user makes a + * choice using this SecurityDialog. The listener should use {@link #getValue()} + * to actually get the user's response. + */ + public void addActionListener(ActionListener listener) { + listeners.add(listener); + } + +} diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java b/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java index c958fff..60e8420 100644 --- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java @@ -6,8 +6,8 @@ import java.util.concurrent.Semaphore; import javax.swing.JDialog; import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; -import net.sourceforge.jnlp.security.SecurityWarning.DialogType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.DialogType; /** * Represents a message to the security framework to show a specific security diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java b/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java index 7beca96..2fbcb5b 100644 --- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java @@ -50,7 +50,7 @@ import net.sourceforge.jnlp.runtime.JNLPRuntime; * Handles {@link SecurityDialogMessage}s and shows appropriate security * dialogs. *

- * In the current architecture, {@link SecurityWarningDialog}s are shown from a + * In the current architecture, {@link SecurityDialog}s are shown from a * different {@link AppContext} than the {@link AppContext} that asks for a * security prompt. This ensures that all security prompts are isolated and * their Look and Feel is not affected by the Look and Feel of the @@ -86,7 +86,7 @@ public final class SecurityDialogMessageHandler implements Runnable { /** * Handles a single {@link SecurityDialogMessage} by showing a - * {@link SecurityWarningDialog}. + * {@link SecurityDialog}. *

* Once the user has made a choice the * {@link SecurityDialogMessage#toDispose} (if not null) is disposed and @@ -98,7 +98,7 @@ public final class SecurityDialogMessageHandler implements Runnable { private void handleMessage(SecurityDialogMessage message) { final SecurityDialogMessage msg = message; - final SecurityWarningDialog dialog = new SecurityWarningDialog(message.dialogType, + final SecurityDialog dialog = new SecurityDialog(message.dialogType, message.accessType, message.file, message.certVerifier, message.certificate, message.extras); dialog.addActionListener(new ActionListener() { diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java b/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java index 8ffbbc1..e6007f4 100644 --- a/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java @@ -49,19 +49,19 @@ import javax.swing.JPanel; */ public abstract class SecurityDialogPanel extends JPanel { - protected SecurityWarningDialog parent; + protected SecurityDialog parent; JComponent initialFocusComponent = null; CertVerifier certVerifier = null; - public SecurityDialogPanel(SecurityWarningDialog dialog, CertVerifier certVerifier) { + public SecurityDialogPanel(SecurityDialog dialog, CertVerifier certVerifier) { this.parent = dialog; this.certVerifier = certVerifier; this.setLayout(new BorderLayout()); } - public SecurityDialogPanel(SecurityWarningDialog dialog) { + public SecurityDialogPanel(SecurityDialog dialog) { this.parent = dialog; this.setLayout(new BorderLayout()); } @@ -75,12 +75,12 @@ public abstract class SecurityDialogPanel extends JPanel { /** * Create an ActionListener suitable for use with buttons. When this {@link ActionListener} - * is invoked, it will set the value of the {@link SecurityWarningDialog} and then dispossed. + * is invoked, it will set the value of the {@link SecurityDialog} and then dispossed. * * @param buttonIndex the index of the button. By convention 0 = Yes. 1 = No, 2 = Cancel * @return the ActionListener instance. */ - protected ActionListener createSetValueListener(SecurityWarningDialog dialog, int buttonIndex) { + protected ActionListener createSetValueListener(SecurityDialog dialog, int buttonIndex) { return new SetValueHandler(dialog, buttonIndex); } @@ -103,9 +103,9 @@ public abstract class SecurityDialogPanel extends JPanel { private class SetValueHandler implements ActionListener { Integer buttonIndex; - SecurityWarningDialog dialog; + SecurityDialog dialog; - public SetValueHandler(SecurityWarningDialog dialog, int buttonIndex) { + public SetValueHandler(SecurityDialog dialog, int buttonIndex) { this.dialog = dialog; this.buttonIndex = buttonIndex; } diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java new file mode 100644 index 0000000..5f10d69 --- /dev/null +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java @@ -0,0 +1,331 @@ +/* SecurityDialogs.java + Copyright (C) 2010 Red Hat, Inc. + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License as published by +the Free Software Foundation, version 2. + +IcedTea is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. +*/ + +package net.sourceforge.jnlp.security; + +import java.awt.Dialog.ModalityType; +import java.awt.event.WindowAdapter; +import java.awt.event.WindowEvent; +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.util.concurrent.Semaphore; + +import javax.swing.JDialog; +import javax.swing.SwingUtilities; + +import net.sourceforge.jnlp.JNLPFile; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.JNLPRuntime; + +/** + * A factory for showing many possible types of security warning to the user.

+ * + * This contains all the public methods that classes outside this package should + * use instead of using {@link SecurityDialog} directly. + * + * All of these methods post a message to the + * {@link SecurityDialogMessageHandler} and block waiting for a response. + */ +public class SecurityDialogs { + /** Types of dialogs we can create */ + public static enum DialogType { + CERT_WARNING, + MORE_INFO, + CERT_INFO, + SINGLE_CERT_INFO, + ACCESS_WARNING, + NOTALLSIGNED_WARNING, + APPLET_WARNING + } + + /** The types of access which may need user permission. */ + public static enum AccessType { + READ_FILE, + WRITE_FILE, + CREATE_DESTKOP_SHORTCUT, + CLIPBOARD_READ, + CLIPBOARD_WRITE, + PRINTER, + NETWORK, + VERIFIED, + UNVERIFIED, + NOTALLSIGNED, + SIGNING_ERROR + } + + /** + * Shows a warning dialog for different types of system access (i.e. file + * open/save, clipboard read/write, printing, etc). + * + * @param accessType the type of system access requested. + * @param file the jnlp file associated with the requesting application. + * @return true if permission was granted by the user, false otherwise. + */ + public static boolean showAccessWarningDialog(AccessType accessType, JNLPFile file) { + return showAccessWarningDialog(accessType, file, null); + } + + /** + * Shows a warning dialog for different types of system access (i.e. file + * open/save, clipboard read/write, printing, etc). + * + * @param accessType the type of system access requested. + * @param file the jnlp file associated with the requesting application. + * @param extras an optional array of Strings (typically) that gets + * passed to the dialog labels. + * @return true if permission was granted by the user, false otherwise. + */ + public static boolean showAccessWarningDialog(final AccessType accessType, + final JNLPFile file, final Object[] extras) { + + if (!shouldPromptUser()) { + return false; + } + + final SecurityDialogMessage message = new SecurityDialogMessage(); + + message.dialogType = DialogType.ACCESS_WARNING; + message.accessType = accessType; + message.file = file; + message.extras = extras; + + Object selectedValue = getUserResponse(message); + + if (selectedValue == null) { + return false; + } else if (selectedValue instanceof Integer) { + if (((Integer) selectedValue).intValue() == 0) + return true; + else + return false; + } else { + return false; + } + } + + /** + * Shows a warning dialog for when the main application jars are signed, + * but extensions aren't + * + * @return true if permission was granted by the user, false otherwise. + */ + public static boolean showNotAllSignedWarningDialog(JNLPFile file) { + + if (!shouldPromptUser()) { + return false; + } + + final SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.NOTALLSIGNED_WARNING; + message.accessType = AccessType.NOTALLSIGNED; + message.file = file; + message.extras = new Object[0]; + + Object selectedValue = getUserResponse(message); + + if (selectedValue == null) { + return false; + } else if (selectedValue instanceof Integer) { + if (((Integer) selectedValue).intValue() == 0) { + return true; + } else { + return false; + } + } else { + return false; + } + } + + /** + * Shows a security warning dialog according to the specified type of + * access. If type is one of AccessType.VERIFIED or + * AccessType.UNVERIFIED, extra details will be available with regards + * to code signing and signing certificates. + * + * @param accessType the type of warning dialog to show + * @param file the JNLPFile associated with this warning + * @param jarSigner the JarSigner used to verify this application + */ + public static boolean showCertWarningDialog(AccessType accessType, + JNLPFile file, CertVerifier jarSigner) { + + if (!shouldPromptUser()) { + return false; + } + + final SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.CERT_WARNING; + message.accessType = accessType; + message.file = file; + message.certVerifier = jarSigner; + + Object selectedValue = getUserResponse(message); + + if (selectedValue == null) { + return false; + } else if (selectedValue instanceof Integer) { + if (((Integer) selectedValue).intValue() == 0) + return true; + else + return false; + } else { + return false; + } + } + + /** + * FIXME This is unused. Remove it? + * @return (0, 1, 2) => (Yes, No, Cancel) + */ + public static int showAppletWarning() { + + if (!shouldPromptUser()) { + return 2; + } + + SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.APPLET_WARNING; + + Object selectedValue = getUserResponse(message); + + // result 0 = Yes, 1 = No, 2 = Cancel + if (selectedValue == null) { + return 2; + } else if (selectedValue instanceof Integer) { + return ((Integer) selectedValue).intValue(); + } else { + return 2; + } + } + + /** + * Posts the message to the SecurityThread and gets the response. Blocks + * until a response has been recieved. It's safe to call this from an + * EventDispatchThread. + * + * @param message the SecuritDialogMessage indicating what type of dialog to + * display + * @return The user's response. Can be null. The exact answer depends on the + * type of message, but generally an Integer corresponding to the value 0 + * indicates success/proceed, and everything else indicates failure + */ + private static Object getUserResponse(final SecurityDialogMessage message) { + /* + * Want to show a security warning, while blocking the client + * application. This would be easy except there is a bug in showing + * modal JDialogs in a different AppContext. The source EventQueue - + * that sends the message to the (destination) EventQueue which is + * supposed to actually show the dialog - must not block. If the source + * EventQueue blocks, the destination EventQueue stops responding. So we + * have a hack here to work around it. + */ + + /* + * If this is the event dispatch thread the use the hack + */ + if (SwingUtilities.isEventDispatchThread()) { + /* + * Create a tiny modal dialog (which creates a new EventQueue for + * this AppContext, but blocks the original client EventQueue) and + * then post the message - this makes the source EventQueue continue + * running - but dot not allow the actual applet/application to + * continue processing + */ + final JDialog fakeDialog = new JDialog(); + fakeDialog.setSize(0, 0); + fakeDialog.setResizable(false); + fakeDialog.setModalityType(ModalityType.APPLICATION_MODAL); + fakeDialog.addWindowListener(new WindowAdapter() { + + @Override + public void windowOpened(WindowEvent e) { + message.toDispose = fakeDialog; + message.lock = null; + AccessController.doPrivileged(new PrivilegedAction() { + @Override + public Void run() { + JNLPRuntime.getSecurityDialogHandler().postMessage(message); + return null; + } + }); + } + }); + + /* this dialog will be disposed/hidden when the user closes the security prompt */ + fakeDialog.setVisible(true); + } else { + /* + * Otherwise do it the normal way. Post a message to the security + * thread to make it show the security dialog. Wait until it tells us + * to proceed. + */ + message.toDispose = null; + message.lock = new Semaphore(0); + JNLPRuntime.getSecurityDialogHandler().postMessage(message); + + boolean done = false; + while (!done) { + try { + message.lock.acquire(); + done = true; + } catch (InterruptedException e) { + // ignore; retry + } + } + + } + + return message.userResponse; + } + + /** + * Returns whether the current runtime configuration allows prompting user + * for security warnings. + * + * @return true if security warnings should be shown to the user. + */ + private static boolean shouldPromptUser() { + return AccessController.doPrivileged(new PrivilegedAction() { + @Override + public Boolean run() { + return Boolean.valueOf(JNLPRuntime.getConfiguration() + .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER)); + } + }); + } + +} diff --git a/netx/net/sourceforge/jnlp/security/SecurityWarning.java b/netx/net/sourceforge/jnlp/security/SecurityWarning.java deleted file mode 100644 index f3d6dfb..0000000 --- a/netx/net/sourceforge/jnlp/security/SecurityWarning.java +++ /dev/null @@ -1,331 +0,0 @@ -/* SecurityWarningDialogFactory.java - Copyright (C) 2010 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import java.awt.Dialog.ModalityType; -import java.awt.event.WindowAdapter; -import java.awt.event.WindowEvent; -import java.security.AccessController; -import java.security.PrivilegedAction; -import java.util.concurrent.Semaphore; - -import javax.swing.JDialog; -import javax.swing.SwingUtilities; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.config.DeploymentConfiguration; -import net.sourceforge.jnlp.runtime.JNLPRuntime; - -/** - * A factory for showing many possible types of security warning to the user.

- * - * This contains all the public methods that classes outside this package should - * use instead of using {@link SecurityWarningDialog} directly. - * - * All of these methods post a message to the - * {@link SecurityDialogMessageHandler} and block waiting for a response. - */ -public class SecurityWarning { - /** Types of dialogs we can create */ - public static enum DialogType { - CERT_WARNING, - MORE_INFO, - CERT_INFO, - SINGLE_CERT_INFO, - ACCESS_WARNING, - NOTALLSIGNED_WARNING, - APPLET_WARNING - } - - /** The types of access which may need user permission. */ - public static enum AccessType { - READ_FILE, - WRITE_FILE, - CREATE_DESTKOP_SHORTCUT, - CLIPBOARD_READ, - CLIPBOARD_WRITE, - PRINTER, - NETWORK, - VERIFIED, - UNVERIFIED, - NOTALLSIGNED, - SIGNING_ERROR - } - - /** - * Shows a warning dialog for different types of system access (i.e. file - * open/save, clipboard read/write, printing, etc). - * - * @param accessType the type of system access requested. - * @param file the jnlp file associated with the requesting application. - * @return true if permission was granted by the user, false otherwise. - */ - public static boolean showAccessWarningDialog(AccessType accessType, JNLPFile file) { - return showAccessWarningDialog(accessType, file, null); - } - - /** - * Shows a warning dialog for different types of system access (i.e. file - * open/save, clipboard read/write, printing, etc). - * - * @param accessType the type of system access requested. - * @param file the jnlp file associated with the requesting application. - * @param extras an optional array of Strings (typically) that gets - * passed to the dialog labels. - * @return true if permission was granted by the user, false otherwise. - */ - public static boolean showAccessWarningDialog(final AccessType accessType, - final JNLPFile file, final Object[] extras) { - - if (!shouldPromptUser()) { - return false; - } - - final SecurityDialogMessage message = new SecurityDialogMessage(); - - message.dialogType = DialogType.ACCESS_WARNING; - message.accessType = accessType; - message.file = file; - message.extras = extras; - - Object selectedValue = getUserResponse(message); - - if (selectedValue == null) { - return false; - } else if (selectedValue instanceof Integer) { - if (((Integer) selectedValue).intValue() == 0) - return true; - else - return false; - } else { - return false; - } - } - - /** - * Shows a warning dialog for when the main application jars are signed, - * but extensions aren't - * - * @return true if permission was granted by the user, false otherwise. - */ - public static boolean showNotAllSignedWarningDialog(JNLPFile file) { - - if (!shouldPromptUser()) { - return false; - } - - final SecurityDialogMessage message = new SecurityDialogMessage(); - message.dialogType = DialogType.NOTALLSIGNED_WARNING; - message.accessType = AccessType.NOTALLSIGNED; - message.file = file; - message.extras = new Object[0]; - - Object selectedValue = getUserResponse(message); - - if (selectedValue == null) { - return false; - } else if (selectedValue instanceof Integer) { - if (((Integer) selectedValue).intValue() == 0) { - return true; - } else { - return false; - } - } else { - return false; - } - } - - /** - * Shows a security warning dialog according to the specified type of - * access. If type is one of AccessType.VERIFIED or - * AccessType.UNVERIFIED, extra details will be available with regards - * to code signing and signing certificates. - * - * @param accessType the type of warning dialog to show - * @param file the JNLPFile associated with this warning - * @param jarSigner the JarSigner used to verify this application - */ - public static boolean showCertWarningDialog(AccessType accessType, - JNLPFile file, CertVerifier jarSigner) { - - if (!shouldPromptUser()) { - return false; - } - - final SecurityDialogMessage message = new SecurityDialogMessage(); - message.dialogType = DialogType.CERT_WARNING; - message.accessType = accessType; - message.file = file; - message.certVerifier = jarSigner; - - Object selectedValue = getUserResponse(message); - - if (selectedValue == null) { - return false; - } else if (selectedValue instanceof Integer) { - if (((Integer) selectedValue).intValue() == 0) - return true; - else - return false; - } else { - return false; - } - } - - /** - * FIXME This is unused. Remove it? - * @return (0, 1, 2) => (Yes, No, Cancel) - */ - public static int showAppletWarning() { - - if (!shouldPromptUser()) { - return 2; - } - - SecurityDialogMessage message = new SecurityDialogMessage(); - message.dialogType = DialogType.APPLET_WARNING; - - Object selectedValue = getUserResponse(message); - - // result 0 = Yes, 1 = No, 2 = Cancel - if (selectedValue == null) { - return 2; - } else if (selectedValue instanceof Integer) { - return ((Integer) selectedValue).intValue(); - } else { - return 2; - } - } - - /** - * Posts the message to the SecurityThread and gets the response. Blocks - * until a response has been recieved. It's safe to call this from an - * EventDispatchThread. - * - * @param message the SecuritDialogMessage indicating what type of dialog to - * display - * @return The user's response. Can be null. The exact answer depends on the - * type of message, but generally an Integer corresponding to the value 0 - * indicates success/proceed, and everything else indicates failure - */ - private static Object getUserResponse(final SecurityDialogMessage message) { - /* - * Want to show a security warning, while blocking the client - * application. This would be easy except there is a bug in showing - * modal JDialogs in a different AppContext. The source EventQueue - - * that sends the message to the (destination) EventQueue which is - * supposed to actually show the dialog - must not block. If the source - * EventQueue blocks, the destination EventQueue stops responding. So we - * have a hack here to work around it. - */ - - /* - * If this is the event dispatch thread the use the hack - */ - if (SwingUtilities.isEventDispatchThread()) { - /* - * Create a tiny modal dialog (which creates a new EventQueue for - * this AppContext, but blocks the original client EventQueue) and - * then post the message - this makes the source EventQueue continue - * running - but dot not allow the actual applet/application to - * continue processing - */ - final JDialog fakeDialog = new JDialog(); - fakeDialog.setSize(0, 0); - fakeDialog.setResizable(false); - fakeDialog.setModalityType(ModalityType.APPLICATION_MODAL); - fakeDialog.addWindowListener(new WindowAdapter() { - - @Override - public void windowOpened(WindowEvent e) { - message.toDispose = fakeDialog; - message.lock = null; - AccessController.doPrivileged(new PrivilegedAction() { - @Override - public Void run() { - JNLPRuntime.getSecurityDialogHandler().postMessage(message); - return null; - } - }); - } - }); - - /* this dialog will be disposed/hidden when the user closes the security prompt */ - fakeDialog.setVisible(true); - } else { - /* - * Otherwise do it the normal way. Post a message to the security - * thread to make it show the security dialog. Wait until it tells us - * to proceed. - */ - message.toDispose = null; - message.lock = new Semaphore(0); - JNLPRuntime.getSecurityDialogHandler().postMessage(message); - - boolean done = false; - while (!done) { - try { - message.lock.acquire(); - done = true; - } catch (InterruptedException e) { - // ignore; retry - } - } - - } - - return message.userResponse; - } - - /** - * Returns whether the current runtime configuration allows prompting user - * for security warnings. - * - * @return true if security warnings should be shown to the user. - */ - private static boolean shouldPromptUser() { - return AccessController.doPrivileged(new PrivilegedAction() { - @Override - public Boolean run() { - return Boolean.valueOf(JNLPRuntime.getConfiguration() - .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER)); - } - }); - } - -} diff --git a/netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java b/netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java deleted file mode 100644 index 2bf829f..0000000 --- a/netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java +++ /dev/null @@ -1,369 +0,0 @@ -/* SecurityWarningDialog.java - Copyright (C) 2008 Red Hat, Inc. - -This file is part of IcedTea. - -IcedTea is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 2. - -IcedTea is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with IcedTea; see the file COPYING. If not, write to -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. -*/ - -package net.sourceforge.jnlp.security; - -import net.sourceforge.jnlp.JNLPFile; -import net.sourceforge.jnlp.runtime.JNLPRuntime; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; -import net.sourceforge.jnlp.security.SecurityWarning.DialogType; - -import java.awt.*; - -import javax.swing.*; - -import java.awt.event.*; -import java.security.cert.X509Certificate; -import java.util.concurrent.CopyOnWriteArrayList; - -import java.util.List; - -/** - * Provides methods for showing security warning dialogs for a wide range of - * JNLP security issues. Note that the security dialogs should be running in the - * secure AppContext - this class should not be used directly from an applet or - * application. See {@link SecurityWarning} for a way to show security dialogs. - * - * @author Joshua Sumali - */ -public class SecurityWarningDialog extends JDialog { - - /** The type of dialog we want to show */ - private DialogType dialogType; - - /** The type of access that this dialog is for */ - private AccessType accessType; - - private SecurityDialogPanel panel; - - /** The application file associated with this security warning */ - private JNLPFile file; - - private CertVerifier certVerifier; - - private X509Certificate cert; - - /** An optional String array that's only necessary when a dialog - * label requires some parameters (e.g. showing which address an application - * is trying to connect to). - */ - private Object[] extras; - - /** Whether or not this object has been fully initialized */ - private boolean initialized = false; - - /** - * the return value of this dialog. result: 0 = Yes, 1 = No, 2 = Cancel, - * null = Window closed. - */ - private Object value; - - SecurityWarningDialog(DialogType dialogType, AccessType accessType, - JNLPFile file, CertVerifier jarSigner, X509Certificate cert, Object[] extras) { - super(); - this.dialogType = dialogType; - this.accessType = accessType; - this.file = file; - this.certVerifier = jarSigner; - this.cert = cert; - this.extras = extras; - initialized = true; - - initDialog(); - } - - /** - * Construct a SecurityWarningDialog to display some sort of access warning - */ - SecurityWarningDialog(DialogType dialogType, AccessType accessType, - JNLPFile file) { - this(dialogType, accessType, file, null, null, null); - } - - /** - * Create a SecurityWarningDialog to display a certificate-related warning - */ - SecurityWarningDialog(DialogType dialogType, AccessType accessType, - JNLPFile file, CertVerifier jarSigner) { - this(dialogType, accessType, file, jarSigner, null, null); - } - - /** - * Create a SecurityWarningDialog to display a certificate-related warning - */ - SecurityWarningDialog(DialogType dialogType, AccessType accessType, - CertVerifier certVerifier) { - this(dialogType, accessType, null, certVerifier, null, null); - } - - /** - * Create a SecurityWarningDialog to display some sort of access warning - * with more information - */ - SecurityWarningDialog(DialogType dialogType, AccessType accessType, - JNLPFile file, Object[] extras) { - this(dialogType, accessType, file, null, null, extras); - } - - /** - * Create a SecurityWarningDailog to display information about a single - * certificate - */ - SecurityWarningDialog(DialogType dialogType, X509Certificate c) { - this(dialogType, null, null, null, c, null); - } - - /** - * Returns if this dialog has been fully initialized yet. - * @return true if this dialog has been initialized, and false otherwise. - */ - public boolean isInitialized() { - return initialized; - } - - /** - * Shows more information regarding jar code signing - * - * @param jarSigner the JarSigner used to verify this application - * @param parent the parent option pane - */ - public static void showMoreInfoDialog( - CertVerifier jarSigner, SecurityWarningDialog parent) { - - SecurityWarningDialog dialog = - new SecurityWarningDialog(DialogType.MORE_INFO, null, null, - jarSigner); - dialog.setModalityType(ModalityType.APPLICATION_MODAL); - dialog.setVisible(true); - dialog.dispose(); - } - - /** - * Displays CertPath information in a readable table format. - * - * @param jarSigner the JarSigner used to verify this application - * @param parent the parent option pane - */ - public static void showCertInfoDialog(CertVerifier jarSigner, - SecurityWarningDialog parent) { - SecurityWarningDialog dialog = new SecurityWarningDialog(DialogType.CERT_INFO, - null, null, jarSigner); - dialog.setLocationRelativeTo(parent); - dialog.setModalityType(ModalityType.APPLICATION_MODAL); - dialog.setVisible(true); - dialog.dispose(); - } - - /** - * Displays a single certificate's information. - * - * @param c the X509 certificate. - * @param parent the parent pane. - */ - public static void showSingleCertInfoDialog(X509Certificate c, - JDialog parent) { - SecurityWarningDialog dialog = new SecurityWarningDialog(DialogType.SINGLE_CERT_INFO, c); - dialog.setLocationRelativeTo(parent); - dialog.setModalityType(ModalityType.APPLICATION_MODAL); - dialog.setVisible(true); - dialog.dispose(); - } - - private void initDialog() { - setSystemLookAndFeel(); - - String dialogTitle = ""; - if (dialogType == DialogType.CERT_WARNING) - dialogTitle = "Warning - Security"; - else if (dialogType == DialogType.MORE_INFO) - dialogTitle = "More Information"; - else if (dialogType == DialogType.CERT_INFO) - dialogTitle = "Details - Certificate"; - else if (dialogType == DialogType.ACCESS_WARNING) - dialogTitle = "Security Warning"; - else if (dialogType == DialogType.APPLET_WARNING) - dialogTitle = "Applet Warning"; - else if (dialogType == DialogType.NOTALLSIGNED_WARNING) - dialogTitle = "Security Warning"; - - setTitle(dialogTitle); - setModalityType(ModalityType.MODELESS); - - setDefaultCloseOperation(DISPOSE_ON_CLOSE); - - installPanel(); - - pack(); - - WindowAdapter adapter = new WindowAdapter() { - private boolean gotFocus = false; - - @Override - public void windowGainedFocus(WindowEvent we) { - // Once window gets focus, set initial focus - if (!gotFocus) { - selectDefaultButton(); - gotFocus = true; - } - } - - @Override - public void windowOpened(WindowEvent e) { - if (e.getSource() instanceof SecurityWarningDialog) { - SecurityWarningDialog dialog = (SecurityWarningDialog) e.getSource(); - dialog.setResizable(true); - centerDialog(dialog); - dialog.setValue(null); - } - } - }; - addWindowListener(adapter); - addWindowFocusListener(adapter); - - } - - public AccessType getAccessType() { - return accessType; - } - - public JNLPFile getFile() { - return file; - } - - public CertVerifier getJarSigner() { - return certVerifier; - } - - public X509Certificate getCert() { - return cert; - } - - /** - * Adds the appropriate JPanel to this Dialog, based on {@link DialogType}. - */ - private void installPanel() { - - if (dialogType == DialogType.CERT_WARNING) - panel = new CertWarningPane(this, this.certVerifier); - else if (dialogType == DialogType.MORE_INFO) - panel = new MoreInfoPane(this, this.certVerifier); - else if (dialogType == DialogType.CERT_INFO) - panel = new CertsInfoPane(this, this.certVerifier); - else if (dialogType == DialogType.SINGLE_CERT_INFO) - panel = new SingleCertInfoPane(this, this.certVerifier); - else if (dialogType == DialogType.ACCESS_WARNING) - panel = new AccessWarningPane(this, extras, this.certVerifier); - else if (dialogType == DialogType.APPLET_WARNING) - panel = new AppletWarningPane(this, this.certVerifier); - else if (dialogType == DialogType.NOTALLSIGNED_WARNING) - panel = new NotAllSignedWarningPane(this); - - add(panel, BorderLayout.CENTER); - } - - private static void centerDialog(JDialog dialog) { - Dimension screen = Toolkit.getDefaultToolkit().getScreenSize(); - Dimension dialogSize = dialog.getSize(); - - dialog.setLocation((screen.width - dialogSize.width) / 2, - (screen.height - dialogSize.height) / 2); - } - - private void selectDefaultButton() { - if (panel == null) { - System.out.println("initial value panel is null"); - } - panel.requestFocusOnDefaultButton(); - } - - protected void setValue(Object value) { - if (JNLPRuntime.isDebug()) { - System.out.println("Setting value:" + value); - } - this.value = value; - } - - public Object getValue() { - if (JNLPRuntime.isDebug()) { - System.out.println("Returning value:" + value); - } - return value; - } - - /** - * Called when the SecurityWarningDialog is hidden - either because the user - * made a choice (Ok, Cancel, etc) or closed the window - */ - @Override - public void dispose() { - notifySelectionMade(); - super.dispose(); - } - - /** - * Updates the look and feel of the window to be the system look and feel - */ - protected void setSystemLookAndFeel() { - try { - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName()); - } catch (Exception e) { - //don't worry if we can't. - } - } - - private List listeners = new CopyOnWriteArrayList(); - - /** - * Notify all the listeners that the user has made a decision using this - * security dialog. - */ - public void notifySelectionMade() { - for (ActionListener listener : listeners) { - listener.actionPerformed(null); - } - } - - /** - * Adds an {@link ActionListener} which will be notified if the user makes a - * choice using this SecurityWarningDialog. The listener should use {@link #getValue()} - * to actually get the user's response. - */ - public void addActionListener(ActionListener listener) { - listeners.add(listener); - } - -} diff --git a/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java b/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java index c60a084..1ed6b66 100644 --- a/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java +++ b/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java @@ -46,7 +46,7 @@ import javax.swing.tree.TreeSelectionModel; public class SingleCertInfoPane extends CertsInfoPane { - public SingleCertInfoPane(SecurityWarningDialog x, CertVerifier certVerifier) { + public SingleCertInfoPane(SecurityDialog x, CertVerifier certVerifier) { super(x, certVerifier); } diff --git a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java index 01689ba..3285b85 100644 --- a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java +++ b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java @@ -54,7 +54,7 @@ import sun.security.validator.ValidatorException; import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; /** * This class implements an X509 Trust Manager. The certificates it trusts are @@ -378,7 +378,7 @@ final public class VariableX509TrustManager extends X509ExtendedTrustManager { private boolean askUser(X509Certificate[] chain, String authType, boolean isTrusted, boolean hostMatched, String hostName) { - return SecurityWarning.showCertWarningDialog( + return SecurityDialogs.showCertWarningDialog( AccessType.UNVERIFIED, null, new HttpsCertVerifier(this, chain, authType, isTrusted, hostMatched, diff --git a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java index 21666d7..ed71d0d 100644 --- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java +++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java @@ -75,7 +75,7 @@ import javax.swing.table.DefaultTableModel; import net.sourceforge.jnlp.security.CertificateUtils; import net.sourceforge.jnlp.security.KeyStores; import net.sourceforge.jnlp.security.SecurityUtil; -import net.sourceforge.jnlp.security.SecurityWarningDialog; +import net.sourceforge.jnlp.security.SecurityDialog; import net.sourceforge.jnlp.security.KeyStores.Level; import net.sourceforge.jnlp.util.FileUtils; @@ -478,7 +478,7 @@ public class CertificatePane extends JPanel { int selectedRow = table.getSelectedRow(); if (selectedRow != -1 && selectedRow >= 0) { X509Certificate c = certs.get(selectedRow); - SecurityWarningDialog.showSingleCertInfoDialog(c, parent); + SecurityDialog.showSingleCertInfoDialog(c, parent); } } } diff --git a/netx/net/sourceforge/jnlp/services/ServiceUtil.java b/netx/net/sourceforge/jnlp/services/ServiceUtil.java index d030395..55c2172 100644 --- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java +++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java @@ -40,8 +40,8 @@ import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.ApplicationInstance; import net.sourceforge.jnlp.runtime.JNLPRuntime; -import net.sourceforge.jnlp.security.SecurityWarning; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; /** * Provides static methods to interact useful for using the JNLP @@ -280,7 +280,7 @@ public class ServiceUtil { //from resources.jar. Boolean b = AccessController.doPrivileged(new PrivilegedAction() { public Boolean run() { - boolean b = SecurityWarning.showAccessWarningDialog(tmpType, + boolean b = SecurityDialogs.showAccessWarningDialog(tmpType, tmpApp.getJNLPFile(), tmpExtras); return new Boolean(b); } diff --git a/netx/net/sourceforge/jnlp/services/XClipboardService.java b/netx/net/sourceforge/jnlp/services/XClipboardService.java index 6f462e5..22fb0cb 100644 --- a/netx/net/sourceforge/jnlp/services/XClipboardService.java +++ b/netx/net/sourceforge/jnlp/services/XClipboardService.java @@ -39,7 +39,7 @@ package net.sourceforge.jnlp.services; import javax.jnlp.*; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import java.awt.datatransfer.Transferable; import java.awt.Toolkit; diff --git a/netx/net/sourceforge/jnlp/services/XExtendedService.java b/netx/net/sourceforge/jnlp/services/XExtendedService.java index 88da724..f03c199 100644 --- a/netx/net/sourceforge/jnlp/services/XExtendedService.java +++ b/netx/net/sourceforge/jnlp/services/XExtendedService.java @@ -22,7 +22,7 @@ import java.io.IOException; import javax.jnlp.ExtendedService; import javax.jnlp.FileContents; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; /** * Implementation of ExtendedService diff --git a/netx/net/sourceforge/jnlp/services/XFileOpenService.java b/netx/net/sourceforge/jnlp/services/XFileOpenService.java index ebda3cb..7e004e3 100644 --- a/netx/net/sourceforge/jnlp/services/XFileOpenService.java +++ b/netx/net/sourceforge/jnlp/services/XFileOpenService.java @@ -40,7 +40,7 @@ package net.sourceforge.jnlp.services; import java.io.*; import javax.jnlp.*; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import javax.swing.JFileChooser; diff --git a/netx/net/sourceforge/jnlp/services/XFileSaveService.java b/netx/net/sourceforge/jnlp/services/XFileSaveService.java index ff35756..a50afe0 100644 --- a/netx/net/sourceforge/jnlp/services/XFileSaveService.java +++ b/netx/net/sourceforge/jnlp/services/XFileSaveService.java @@ -40,7 +40,7 @@ package net.sourceforge.jnlp.services; import java.io.*; import javax.jnlp.*; -import net.sourceforge.jnlp.security.SecurityWarning.AccessType; +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType; import net.sourceforge.jnlp.util.FileUtils; import javax.swing.JFileChooser; -- cgit v1.2.3