[icedtea-web] RFC: integrate jnlp authenticator into rest of security system
Dr Andrew John Hughes
ahughes at redhat.com
Mon Dec 20 10:26:10 PST 2010
On 13:15 Mon 20 Dec , Omair Majid wrote:
> Hi,
>
> The attached patches further integrates JNLPAuthenticator and
> PasswordAuthenticationDialog into icedtea-web. The patches shows the
> dialogs using the secure thread, localizes strings, and removes
> hardcoded mention of the icedteaplugin.
>
> I have split the change into two patches: one deals with renaming files,
> the other deals with the actual code changes.
>
> The first patch renames classes to ensure consistency. It contains no
> functional changes (other than those required for renaming). The class
> net.sourceforge.jnlp.security.SecurityWarning is renamed to
> net.sourceforge.jnlp.security.SecurityDialogs,
> net.sourceforge.jnlp.security.SecurityWarningDialog is renamed to
> net.sourceforge.jnlp.security.SecurityDialog and
> net.sourceforge.jnlp.security.PasswordAuthenticationDialog is renamed to
> net.sourceforge.jnlp.PasswordAuthenticationPanel.
>
What is the reason for the renaming? Could we not delay this until the 2.0 series?
> The second patch actually integrates PasswordAuthenticationPanel into
> the security system.
>
> Any thoughts or concerns?
>
> Cheers,
> Omair
> diff --git a/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java b/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java
> --- a/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java
> +++ b/netx/net/sourceforge/jnlp/runtime/ApplicationInstance.java
> @@ -35,8 +35,8 @@
> import net.sourceforge.jnlp.config.DeploymentConfiguration;
> import net.sourceforge.jnlp.event.ApplicationEvent;
> import net.sourceforge.jnlp.event.ApplicationListener;
> -import net.sourceforge.jnlp.security.SecurityWarning;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.services.ServiceUtil;
> import net.sourceforge.jnlp.util.WeakList;
> import net.sourceforge.jnlp.util.XDesktopEntry;
> @@ -185,12 +185,12 @@
> } else if (currentSetting.equals(ShortcutDesc.CREATE_ALWAYS)) {
> createShortcut = true;
> } else if (currentSetting.equals(ShortcutDesc.CREATE_ASK_USER)) {
> - if (SecurityWarning.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) {
> + if (SecurityDialogs.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) {
> createShortcut = true;
> }
> } else if (currentSetting.equals(ShortcutDesc.CREATE_ASK_USER_IF_HINTED)) {
> if (sd != null && sd.onDesktop()) {
> - if (SecurityWarning.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) {
> + if (SecurityDialogs.showAccessWarningDialog(AccessType.CREATE_DESTKOP_SHORTCUT, file)) {
> createShortcut = true;
> }
> }
> diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
> @@ -57,8 +57,8 @@
> import net.sourceforge.jnlp.cache.CacheUtil;
> import net.sourceforge.jnlp.cache.ResourceTracker;
> import net.sourceforge.jnlp.cache.UpdatePolicy;
> -import net.sourceforge.jnlp.security.SecurityWarning;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.tools.JarSigner;
> import net.sourceforge.jnlp.util.FileUtils;
> import sun.misc.JarIndex;
> @@ -289,7 +289,7 @@
>
> if (extLoader != null && extLoader != loader) {
> if (loader.signing && !extLoader.signing)
> - if (!SecurityWarning.showNotAllSignedWarningDialog(file))
> + if (!SecurityDialogs.showNotAllSignedWarningDialog(file))
> throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
>
> loader.merge(extLoader);
> @@ -435,7 +435,7 @@
> signing = true;
>
> if (!js.allJarsSigned() &&
> - !SecurityWarning.showNotAllSignedWarningDialog(file))
> + !SecurityDialogs.showNotAllSignedWarningDialog(file))
> throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedAppJarUsingUnsignedJar"), R("LSignedAppJarUsingUnsignedJarInfo"));
>
> //user does not trust this publisher
> @@ -496,7 +496,7 @@
>
> private void checkTrustWithUser(JarSigner js) throws LaunchException {
> if (!js.getRootInCacerts()) { //root cert is not in cacerts
> - boolean b = SecurityWarning.showCertWarningDialog(
> + boolean b = SecurityDialogs.showCertWarningDialog(
> AccessType.UNVERIFIED, file, js);
> if (!b)
> throw new LaunchException(null, null, R("LSFatal"),
> @@ -504,10 +504,10 @@
> } else if (js.getRootInCacerts()) { //root cert is in cacerts
> boolean b = false;
> if (js.noSigningIssues())
> - b = SecurityWarning.showCertWarningDialog(
> + b = SecurityDialogs.showCertWarningDialog(
> AccessType.VERIFIED, file, js);
> else if (!js.noSigningIssues())
> - b = SecurityWarning.showCertWarningDialog(
> + b = SecurityDialogs.showCertWarningDialog(
> AccessType.SIGNING_ERROR, file, js);
> if (!b)
> throw new LaunchException(null, null, R("LSFatal"),
> diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java b/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java
> --- a/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java
> +++ b/netx/net/sourceforge/jnlp/runtime/JNLPSecurityManager.java
> @@ -35,7 +35,7 @@
> import javax.swing.JWindow;
>
> import net.sourceforge.jnlp.JNLPFile;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.services.ServiceUtil;
> import net.sourceforge.jnlp.util.WeakList;
> import sun.awt.AWTSecurityManager;
> diff --git a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java b/netx/net/sourceforge/jnlp/security/AccessWarningPane.java
> --- a/netx/net/sourceforge/jnlp/security/AccessWarningPane.java
> +++ b/netx/net/sourceforge/jnlp/security/AccessWarningPane.java
> @@ -58,11 +58,11 @@
> import javax.swing.SwingConstants;
>
> import net.sourceforge.jnlp.JNLPFile;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.util.FileUtils;
>
> /**
> - * Provides a panel to show inside a SecurityWarningDialog. These dialogs are
> + * Provides a panel to show inside a SecurityDialog. These dialogs are
> * used to warn the user when either signed code (with or without signing
> * issues) is going to be run, or when service permission (file, clipboard,
> * printer, etc) is needed with unsigned code.
> @@ -74,12 +74,12 @@
> JCheckBox alwaysAllow;
> Object[] extras;
>
> - public AccessWarningPane(SecurityWarningDialog x, CertVerifier certVerifier) {
> + public AccessWarningPane(SecurityDialog x, CertVerifier certVerifier) {
> super(x, certVerifier);
> addComponents();
> }
>
> - public AccessWarningPane(SecurityWarningDialog x, Object[] extras, CertVerifier certVerifier) {
> + public AccessWarningPane(SecurityDialog x, Object[] extras, CertVerifier certVerifier) {
> super(x, certVerifier);
> this.extras = extras;
> addComponents();
> diff --git a/netx/net/sourceforge/jnlp/security/AppletWarningPane.java b/netx/net/sourceforge/jnlp/security/AppletWarningPane.java
> --- a/netx/net/sourceforge/jnlp/security/AppletWarningPane.java
> +++ b/netx/net/sourceforge/jnlp/security/AppletWarningPane.java
> @@ -51,7 +51,7 @@
>
> public class AppletWarningPane extends SecurityDialogPanel {
>
> - public AppletWarningPane(SecurityWarningDialog x, CertVerifier certVerifier) {
> + public AppletWarningPane(SecurityDialog x, CertVerifier certVerifier) {
> super(x, certVerifier);
> addComponents();
> }
> diff --git a/netx/net/sourceforge/jnlp/security/CertWarningPane.java b/netx/net/sourceforge/jnlp/security/CertWarningPane.java
> --- a/netx/net/sourceforge/jnlp/security/CertWarningPane.java
> +++ b/netx/net/sourceforge/jnlp/security/CertWarningPane.java
> @@ -68,11 +68,11 @@
> import net.sourceforge.jnlp.runtime.JNLPRuntime;
> import net.sourceforge.jnlp.security.KeyStores.Level;
> import net.sourceforge.jnlp.security.KeyStores.Type;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.util.FileUtils;
>
> /**
> - * Provides the panel for using inside a SecurityWarningDialog. These dialogs are
> + * Provides the panel for using inside a SecurityDialog. These dialogs are
> * used to warn the user when either signed code (with or without signing
> * issues) is going to be run, or when service permission (file, clipboard,
> * printer, etc) is needed with unsigned code.
> @@ -84,7 +84,7 @@
> JCheckBox alwaysTrust;
> CertVerifier certVerifier;
>
> - public CertWarningPane(SecurityWarningDialog x, CertVerifier certVerifier) {
> + public CertWarningPane(SecurityDialog x, CertVerifier certVerifier) {
> super(x, certVerifier);
> this.certVerifier = certVerifier;
> addComponents();
> @@ -231,7 +231,7 @@
>
> private class MoreInfoButtonListener implements ActionListener {
> public void actionPerformed(ActionEvent e) {
> - SecurityWarningDialog.showMoreInfoDialog(parent.getJarSigner(),
> + SecurityDialog.showMoreInfoDialog(parent.getJarSigner(),
> parent);
> }
> }
> diff --git a/netx/net/sourceforge/jnlp/security/CertsInfoPane.java b/netx/net/sourceforge/jnlp/security/CertsInfoPane.java
> --- a/netx/net/sourceforge/jnlp/security/CertsInfoPane.java
> +++ b/netx/net/sourceforge/jnlp/security/CertsInfoPane.java
> @@ -78,7 +78,7 @@
> private String[] columnNames = { R("Field"), R("Value") };
> protected ArrayList<String[][]> certsData;
>
> - public CertsInfoPane(SecurityWarningDialog x, CertVerifier certVerifier) {
> + public CertsInfoPane(SecurityDialog x, CertVerifier certVerifier) {
> super(x, certVerifier);
> addComponents();
> }
> diff --git a/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java b/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java
> --- a/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java
> +++ b/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java
> @@ -51,7 +51,7 @@
> String type = this.getRequestorType() == RequestorType.PROXY ? "proxy" : "web";
>
> // request auth info from user
> - PasswordAuthenticationDialog pwDialog = new PasswordAuthenticationDialog();
> + PasswordAuthenticationPane pwDialog = new PasswordAuthenticationPane();
> PasswordAuthentication auth = pwDialog.askUser(this.getRequestingHost(), this.getRequestingPort(), this.getRequestingPrompt(), type);
>
> // send it along
> diff --git a/netx/net/sourceforge/jnlp/security/MoreInfoPane.java b/netx/net/sourceforge/jnlp/security/MoreInfoPane.java
> --- a/netx/net/sourceforge/jnlp/security/MoreInfoPane.java
> +++ b/netx/net/sourceforge/jnlp/security/MoreInfoPane.java
> @@ -61,7 +61,7 @@
> */
> public class MoreInfoPane extends SecurityDialogPanel {
>
> - public MoreInfoPane(SecurityWarningDialog x, CertVerifier certVerifier) {
> + public MoreInfoPane(SecurityDialog x, CertVerifier certVerifier) {
> super(x, certVerifier);
> addComponents();
> }
> @@ -105,7 +105,7 @@
>
> private class CertInfoButtonListener implements ActionListener {
> public void actionPerformed(ActionEvent e) {
> - SecurityWarningDialog.showCertInfoDialog(parent.getJarSigner(),
> + SecurityDialog.showCertInfoDialog(parent.getJarSigner(),
> parent);
> }
> }
> diff --git a/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java b/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java
> --- a/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java
> +++ b/netx/net/sourceforge/jnlp/security/NotAllSignedWarningPane.java
> @@ -57,7 +57,7 @@
>
> public class NotAllSignedWarningPane extends SecurityDialogPanel {
>
> - public NotAllSignedWarningPane(SecurityWarningDialog x) {
> + public NotAllSignedWarningPane(SecurityDialog x) {
> super(x);
> addComponents();
> }
> diff --git a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java
> deleted file mode 100644
> --- a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationDialog.java
> +++ /dev/null
> @@ -1,247 +0,0 @@
> -/* PasswordAuthenticationDialog -- requests authentication information from users
> - Copyright (C) 2009 Red Hat
> -
> -This file is part of IcedTea.
> -
> -IcedTea is free software; you can redistribute it and/or modify
> -it under the terms of the GNU General Public License as published by
> -the Free Software Foundation; either version 2, or (at your option)
> -any later version.
> -
> -IcedTea is distributed in the hope that it will be useful, but
> -WITHOUT ANY WARRANTY; without even the implied warranty of
> -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> -General Public License for more details.
> -
> -You should have received a copy of the GNU General Public License
> -along with IcedTea; see the file COPYING. If not, write to the
> -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> -02110-1301 USA.
> -
> -Linking this library statically or dynamically with other modules is
> -making a combined work based on this library. Thus, the terms and
> -conditions of the GNU General Public License cover the whole
> -combination.
> -
> -As a special exception, the copyright holders of this library give you
> -permission to link this library with independent modules to produce an
> -executable, regardless of the license terms of these independent
> -modules, and to copy and distribute the resulting executable under
> -terms of your choice, provided that you also meet, for each linked
> -independent module, the terms and conditions of the license of that
> -module. An independent module is a module which is not derived from
> -or based on this library. If you modify this library, you may extend
> -this exception to your version of the library, but you are not
> -obligated to do so. If you do not wish to do so, delete this
> -exception statement from your version. */
> -
> -package net.sourceforge.jnlp.security;
> -
> -import java.awt.Dimension;
> -import java.awt.GridBagConstraints;
> -import java.awt.GridBagLayout;
> -import java.awt.Insets;
> -import java.awt.event.ActionEvent;
> -import java.awt.event.ActionListener;
> -import java.net.PasswordAuthentication;
> -
> -import javax.swing.JButton;
> -import javax.swing.JDialog;
> -import javax.swing.JLabel;
> -import javax.swing.JPasswordField;
> -import javax.swing.JTextField;
> -import javax.swing.SwingUtilities;
> -
> -import net.sourceforge.jnlp.runtime.JNLPRuntime;
> -
> -/**
> - * Modal non-minimizable dialog to request http authentication credentials
> - */
> -
> -public class PasswordAuthenticationDialog extends JDialog {
> -
> - private JLabel jlInfo = new JLabel("");
> - private JTextField jtfUserName = new JTextField();
> - private JPasswordField jpfPassword = new JPasswordField();
> - private boolean userCancelled;
> -
> - public PasswordAuthenticationDialog() {
> - initialize();
> - }
> -
> - /**
> - * Initialized the dialog components
> - */
> -
> - public void initialize() {
> -
> - setTitle("IcedTea Java Plugin - Authorization needed to proceed");
> -
> - setLayout(new GridBagLayout());
> -
> - JLabel jlUserName = new JLabel("Username: ");
> - JLabel jlPassword = new JLabel("Password: ");
> - JButton jbOK = new JButton("OK");
> - JButton jbCancel = new JButton("Cancel");
> -
> - jtfUserName.setSize(20, 10);
> - jpfPassword.setSize(20, 10);
> -
> - GridBagConstraints c;
> -
> - c = new GridBagConstraints();
> - c.fill = c.HORIZONTAL;
> - c.gridx = 0;
> - c.gridy = 0;
> - c.gridwidth = 2;
> - c.insets = new Insets(10, 5, 3, 3);
> - add(jlInfo, c);
> -
> - c = new GridBagConstraints();
> - c.gridx = 0;
> - c.gridy = 1;
> - c.insets = new Insets(10, 5, 3, 3);
> - add(jlUserName, c);
> -
> - c = new GridBagConstraints();
> - c.fill = c.HORIZONTAL;
> - c.gridx = 1;
> - c.gridy = 1;
> - c.insets = new Insets(10, 5, 3, 3);
> - c.weightx = 1.0;
> - add(jtfUserName, c);
> -
> - c = new GridBagConstraints();
> - c.gridx = 0;
> - c.gridy = 2;
> - c.insets = new Insets(5, 5, 3, 3);
> - add(jlPassword, c);
> -
> - c = new GridBagConstraints();
> - c.fill = c.HORIZONTAL;
> - c.gridx = 1;
> - c.gridy = 2;
> - c.insets = new Insets(5, 5, 3, 3);
> - c.weightx = 1.0;
> - add(jpfPassword, c);
> -
> - c = new GridBagConstraints();
> - c.anchor = c.SOUTHEAST;
> - c.gridx = 1;
> - c.gridy = 3;
> - c.insets = new Insets(5, 5, 3, 70);
> - c.weightx = 0.0;
> - add(jbCancel, c);
> -
> - c = new GridBagConstraints();
> - c.anchor = c.SOUTHEAST;
> - c.gridx = 1;
> - c.gridy = 3;
> - c.insets = new Insets(5, 5, 3, 3);
> - c.weightx = 0.0;
> - add(jbOK, c);
> -
> - setMinimumSize(new Dimension(400, 150));
> - setMaximumSize(new Dimension(1024, 150));
> - setAlwaysOnTop(true);
> -
> - setSize(400, 150);
> - setLocationRelativeTo(null);
> -
> - // OK => read supplied info and pass it on
> - jbOK.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = false;
> - dispose();
> - }
> - });
> -
> - // Cancel => discard supplied info and pass on an empty auth
> - jbCancel.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = true;
> - dispose();
> - }
> - });
> -
> - // "return" key in either user or password field => OK
> -
> - jtfUserName.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = false;
> - dispose();
> - }
> - });
> -
> - jpfPassword.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = false;
> - dispose();
> - }
> - });
> - }
> -
> - /**
> - * Present a dialog to the user asking them for authentication information
> - *
> - * @param host The host for with authentication is needed
> - * @param port The port being accessed
> - * @param prompt The prompt (realm) as presented by the server
> - * @param type The type of server (proxy/web)
> - * @return PasswordAuthentication containing the credentials (empty credentials if user cancelled)
> - */
> - protected PasswordAuthentication askUser(String host, int port, String prompt, String type) {
> - PasswordAuthentication auth = null;
> -
> - host += port != -1 ? ":" + port : "";
> -
> - // This frame is reusable. So reset everything first.
> - userCancelled = true;
> - jlInfo.setText("<html>The " + type + " server at " + host +
> - " is requesting authentication. It says \"" + prompt + "\"</html>");
> -
> - try {
> - SwingUtilities.invokeAndWait(new Runnable() {
> - public void run() {
> - // show dialog to user
> - setVisible(true);
> - }
> - });
> -
> - if (JNLPRuntime.isDebug()) {
> - System.out.println("password dialog shown");
> - }
> -
> - // wait until dialog is gone
> - while (this.isShowing()) {
> - try {
> - Thread.sleep(200);
> - } catch (InterruptedException ie) {
> - }
> - }
> -
> - if (JNLPRuntime.isDebug()) {
> - System.out.println("password dialog closed");
> - }
> -
> - if (!userCancelled) {
> - auth = new PasswordAuthentication(jtfUserName.getText(), jpfPassword.getPassword());
> - }
> - } catch (Exception e) {
> - e.printStackTrace();
> -
> - // Nothing else we can do. Empty auth will be returned
> - }
> -
> - return auth;
> - }
> -
> - public static void main(String[] args) {
> - PasswordAuthenticationDialog frame = new PasswordAuthenticationDialog();
> -
> - PasswordAuthentication auth = frame.askUser("127.0.0.1", 3128, "Password for local proxy", "proxy");
> -
> - System.err.println("Auth info: " + auth.getUserName() + ":" + new String(auth.getPassword()));
> - System.exit(0);
> - }
> -}
> diff --git a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java
> @@ -0,0 +1,247 @@
> +/* PasswordAuthenticationPane -- requests authentication information from users
> + Copyright (C) 2010 Red Hat
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or modify
> +it under the terms of the GNU General Public License as published by
> +the Free Software Foundation; either version 2, or (at your option)
> +any later version.
> +
> +IcedTea is distributed in the hope that it will be useful, but
> +WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to the
> +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version. */
> +
> +package net.sourceforge.jnlp.security;
> +
> +import java.awt.Dimension;
> +import java.awt.GridBagConstraints;
> +import java.awt.GridBagLayout;
> +import java.awt.Insets;
> +import java.awt.event.ActionEvent;
> +import java.awt.event.ActionListener;
> +import java.net.PasswordAuthentication;
> +
> +import javax.swing.JButton;
> +import javax.swing.JDialog;
> +import javax.swing.JLabel;
> +import javax.swing.JPasswordField;
> +import javax.swing.JTextField;
> +import javax.swing.SwingUtilities;
> +
> +import net.sourceforge.jnlp.runtime.JNLPRuntime;
> +
> +/**
> + * Modal non-minimizable dialog to request http authentication credentials
> + */
> +
> +public class PasswordAuthenticationPane extends JDialog {
> +
> + private final JLabel jlInfo = new JLabel("");
> + private final JTextField jtfUserName = new JTextField();
> + private final JPasswordField jpfPassword = new JPasswordField();
> + private boolean userCancelled;
> +
> + public PasswordAuthenticationPane() {
> + initialize();
> + }
> +
> + /**
> + * Initialized the dialog components
> + */
> +
> + public void initialize() {
> +
> + setTitle("IcedTea Java Plugin - Authorization needed to proceed");
> +
> + setLayout(new GridBagLayout());
> +
> + JLabel jlUserName = new JLabel("Username: ");
> + JLabel jlPassword = new JLabel("Password: ");
> + JButton jbOK = new JButton("OK");
> + JButton jbCancel = new JButton("Cancel");
> +
> + jtfUserName.setSize(20, 10);
> + jpfPassword.setSize(20, 10);
> +
> + GridBagConstraints c;
> +
> + c = new GridBagConstraints();
> + c.fill = c.HORIZONTAL;
> + c.gridx = 0;
> + c.gridy = 0;
> + c.gridwidth = 2;
> + c.insets = new Insets(10, 5, 3, 3);
> + add(jlInfo, c);
> +
> + c = new GridBagConstraints();
> + c.gridx = 0;
> + c.gridy = 1;
> + c.insets = new Insets(10, 5, 3, 3);
> + add(jlUserName, c);
> +
> + c = new GridBagConstraints();
> + c.fill = c.HORIZONTAL;
> + c.gridx = 1;
> + c.gridy = 1;
> + c.insets = new Insets(10, 5, 3, 3);
> + c.weightx = 1.0;
> + add(jtfUserName, c);
> +
> + c = new GridBagConstraints();
> + c.gridx = 0;
> + c.gridy = 2;
> + c.insets = new Insets(5, 5, 3, 3);
> + add(jlPassword, c);
> +
> + c = new GridBagConstraints();
> + c.fill = c.HORIZONTAL;
> + c.gridx = 1;
> + c.gridy = 2;
> + c.insets = new Insets(5, 5, 3, 3);
> + c.weightx = 1.0;
> + add(jpfPassword, c);
> +
> + c = new GridBagConstraints();
> + c.anchor = c.SOUTHEAST;
> + c.gridx = 1;
> + c.gridy = 3;
> + c.insets = new Insets(5, 5, 3, 70);
> + c.weightx = 0.0;
> + add(jbCancel, c);
> +
> + c = new GridBagConstraints();
> + c.anchor = c.SOUTHEAST;
> + c.gridx = 1;
> + c.gridy = 3;
> + c.insets = new Insets(5, 5, 3, 3);
> + c.weightx = 0.0;
> + add(jbOK, c);
> +
> + setMinimumSize(new Dimension(400, 150));
> + setMaximumSize(new Dimension(1024, 150));
> + setAlwaysOnTop(true);
> +
> + setSize(400, 150);
> + setLocationRelativeTo(null);
> +
> + // OK => read supplied info and pass it on
> + jbOK.addActionListener(new ActionListener() {
> + public void actionPerformed(ActionEvent e) {
> + userCancelled = false;
> + dispose();
> + }
> + });
> +
> + // Cancel => discard supplied info and pass on an empty auth
> + jbCancel.addActionListener(new ActionListener() {
> + public void actionPerformed(ActionEvent e) {
> + userCancelled = true;
> + dispose();
> + }
> + });
> +
> + // "return" key in either user or password field => OK
> +
> + jtfUserName.addActionListener(new ActionListener() {
> + public void actionPerformed(ActionEvent e) {
> + userCancelled = false;
> + dispose();
> + }
> + });
> +
> + jpfPassword.addActionListener(new ActionListener() {
> + public void actionPerformed(ActionEvent e) {
> + userCancelled = false;
> + dispose();
> + }
> + });
> + }
> +
> + /**
> + * Present a dialog to the user asking them for authentication information
> + *
> + * @param host The host for with authentication is needed
> + * @param port The port being accessed
> + * @param prompt The prompt (realm) as presented by the server
> + * @param type The type of server (proxy/web)
> + * @return PasswordAuthentication containing the credentials (empty credentials if user cancelled)
> + */
> + protected PasswordAuthentication askUser(String host, int port, String prompt, String type) {
> + PasswordAuthentication auth = null;
> +
> + host += port != -1 ? ":" + port : "";
> +
> + // This frame is reusable. So reset everything first.
> + userCancelled = true;
> + jlInfo.setText("<html>The " + type + " server at " + host +
> + " is requesting authentication. It says \"" + prompt + "\"</html>");
> +
> + try {
> + SwingUtilities.invokeAndWait(new Runnable() {
> + public void run() {
> + // show dialog to user
> + setVisible(true);
> + }
> + });
> +
> + if (JNLPRuntime.isDebug()) {
> + System.out.println("password dialog shown");
> + }
> +
> + // wait until dialog is gone
> + while (this.isShowing()) {
> + try {
> + Thread.sleep(200);
> + } catch (InterruptedException ie) {
> + }
> + }
> +
> + if (JNLPRuntime.isDebug()) {
> + System.out.println("password dialog closed");
> + }
> +
> + if (!userCancelled) {
> + auth = new PasswordAuthentication(jtfUserName.getText(), jpfPassword.getPassword());
> + }
> + } catch (Exception e) {
> + e.printStackTrace();
> +
> + // Nothing else we can do. Empty auth will be returned
> + }
> +
> + return auth;
> + }
> +
> + public static void main(String[] args) {
> + PasswordAuthenticationPane frame = new PasswordAuthenticationPane();
> +
> + PasswordAuthentication auth = frame.askUser("127.0.0.1", 3128, "Password for local proxy", "proxy");
> +
> + System.err.println("Auth info: " + auth.getUserName() + ":" + new String(auth.getPassword()));
> + System.exit(0);
> + }
> +}
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialog.java b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java
> @@ -0,0 +1,369 @@
> +/* SecurityDialog.java
> + Copyright (C) 2010 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> +*/
> +
> +package net.sourceforge.jnlp.security;
> +
> +import net.sourceforge.jnlp.JNLPFile;
> +import net.sourceforge.jnlp.runtime.JNLPRuntime;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
> +
> +import java.awt.*;
> +
> +import javax.swing.*;
> +
> +import java.awt.event.*;
> +import java.security.cert.X509Certificate;
> +import java.util.concurrent.CopyOnWriteArrayList;
> +
> +import java.util.List;
> +
> +/**
> + * Provides methods for showing security warning dialogs for a wide range of
> + * JNLP security issues. Note that the security dialogs should be running in the
> + * secure AppContext - this class should not be used directly from an applet or
> + * application. See {@link SecurityDialogs} for a way to show security dialogs.
> + *
> + * @author <a href="mailto:jsumali at redhat.com">Joshua Sumali</a>
> + */
> +public class SecurityDialog extends JDialog {
> +
> + /** The type of dialog we want to show */
> + private final DialogType dialogType;
> +
> + /** The type of access that this dialog is for */
> + private final AccessType accessType;
> +
> + private SecurityDialogPanel panel;
> +
> + /** The application file associated with this security warning */
> + private final JNLPFile file;
> +
> + private final CertVerifier certVerifier;
> +
> + private final X509Certificate cert;
> +
> + /** An optional String array that's only necessary when a dialog
> + * label requires some parameters (e.g. showing which address an application
> + * is trying to connect to).
> + */
> + private final Object[] extras;
> +
> + /** Whether or not this object has been fully initialized */
> + private boolean initialized = false;
> +
> + /**
> + * the return value of this dialog. result: 0 = Yes, 1 = No, 2 = Cancel,
> + * null = Window closed.
> + */
> + private Object value;
> +
> + SecurityDialog(DialogType dialogType, AccessType accessType,
> + JNLPFile file, CertVerifier jarSigner, X509Certificate cert, Object[] extras) {
> + super();
> + this.dialogType = dialogType;
> + this.accessType = accessType;
> + this.file = file;
> + this.certVerifier = jarSigner;
> + this.cert = cert;
> + this.extras = extras;
> + initialized = true;
> +
> + initDialog();
> + }
> +
> + /**
> + * Construct a SecurityDialog to display some sort of access warning
> + */
> + SecurityDialog(DialogType dialogType, AccessType accessType,
> + JNLPFile file) {
> + this(dialogType, accessType, file, null, null, null);
> + }
> +
> + /**
> + * Create a SecurityDialog to display a certificate-related warning
> + */
> + SecurityDialog(DialogType dialogType, AccessType accessType,
> + JNLPFile file, CertVerifier jarSigner) {
> + this(dialogType, accessType, file, jarSigner, null, null);
> + }
> +
> + /**
> + * Create a SecurityDialog to display a certificate-related warning
> + */
> + SecurityDialog(DialogType dialogType, AccessType accessType,
> + CertVerifier certVerifier) {
> + this(dialogType, accessType, null, certVerifier, null, null);
> + }
> +
> + /**
> + * Create a SecurityDialog to display some sort of access warning
> + * with more information
> + */
> + SecurityDialog(DialogType dialogType, AccessType accessType,
> + JNLPFile file, Object[] extras) {
> + this(dialogType, accessType, file, null, null, extras);
> + }
> +
> + /**
> + * Create a SecurityWarningDailog to display information about a single
> + * certificate
> + */
> + SecurityDialog(DialogType dialogType, X509Certificate c) {
> + this(dialogType, null, null, null, c, null);
> + }
> +
> + /**
> + * Returns if this dialog has been fully initialized yet.
> + * @return true if this dialog has been initialized, and false otherwise.
> + */
> + public boolean isInitialized() {
> + return initialized;
> + }
> +
> + /**
> + * Shows more information regarding jar code signing
> + *
> + * @param jarSigner the JarSigner used to verify this application
> + * @param parent the parent option pane
> + */
> + public static void showMoreInfoDialog(
> + CertVerifier jarSigner, SecurityDialog parent) {
> +
> + SecurityDialog dialog =
> + new SecurityDialog(DialogType.MORE_INFO, null, null,
> + jarSigner);
> + dialog.setModalityType(ModalityType.APPLICATION_MODAL);
> + dialog.setVisible(true);
> + dialog.dispose();
> + }
> +
> + /**
> + * Displays CertPath information in a readable table format.
> + *
> + * @param jarSigner the JarSigner used to verify this application
> + * @param parent the parent option pane
> + */
> + public static void showCertInfoDialog(CertVerifier jarSigner,
> + SecurityDialog parent) {
> + SecurityDialog dialog = new SecurityDialog(DialogType.CERT_INFO,
> + null, null, jarSigner);
> + dialog.setLocationRelativeTo(parent);
> + dialog.setModalityType(ModalityType.APPLICATION_MODAL);
> + dialog.setVisible(true);
> + dialog.dispose();
> + }
> +
> + /**
> + * Displays a single certificate's information.
> + *
> + * @param c the X509 certificate.
> + * @param parent the parent pane.
> + */
> + public static void showSingleCertInfoDialog(X509Certificate c,
> + JDialog parent) {
> + SecurityDialog dialog = new SecurityDialog(DialogType.SINGLE_CERT_INFO, c);
> + dialog.setLocationRelativeTo(parent);
> + dialog.setModalityType(ModalityType.APPLICATION_MODAL);
> + dialog.setVisible(true);
> + dialog.dispose();
> + }
> +
> + private void initDialog() {
> + setSystemLookAndFeel();
> +
> + String dialogTitle = "";
> + if (dialogType == DialogType.CERT_WARNING)
> + dialogTitle = "Warning - Security";
> + else if (dialogType == DialogType.MORE_INFO)
> + dialogTitle = "More Information";
> + else if (dialogType == DialogType.CERT_INFO)
> + dialogTitle = "Details - Certificate";
> + else if (dialogType == DialogType.ACCESS_WARNING)
> + dialogTitle = "Security Warning";
> + else if (dialogType == DialogType.APPLET_WARNING)
> + dialogTitle = "Applet Warning";
> + else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> + dialogTitle = "Security Warning";
> +
> + setTitle(dialogTitle);
> + setModalityType(ModalityType.MODELESS);
> +
> + setDefaultCloseOperation(DISPOSE_ON_CLOSE);
> +
> + installPanel();
> +
> + pack();
> +
> + WindowAdapter adapter = new WindowAdapter() {
> + private boolean gotFocus = false;
> +
> + @Override
> + public void windowGainedFocus(WindowEvent we) {
> + // Once window gets focus, set initial focus
> + if (!gotFocus) {
> + selectDefaultButton();
> + gotFocus = true;
> + }
> + }
> +
> + @Override
> + public void windowOpened(WindowEvent e) {
> + if (e.getSource() instanceof SecurityDialog) {
> + SecurityDialog dialog = (SecurityDialog) e.getSource();
> + dialog.setResizable(true);
> + centerDialog(dialog);
> + dialog.setValue(null);
> + }
> + }
> + };
> + addWindowListener(adapter);
> + addWindowFocusListener(adapter);
> +
> + }
> +
> + public AccessType getAccessType() {
> + return accessType;
> + }
> +
> + public JNLPFile getFile() {
> + return file;
> + }
> +
> + public CertVerifier getJarSigner() {
> + return certVerifier;
> + }
> +
> + public X509Certificate getCert() {
> + return cert;
> + }
> +
> + /**
> + * Adds the appropriate JPanel to this Dialog, based on {@link DialogType}.
> + */
> + private void installPanel() {
> +
> + if (dialogType == DialogType.CERT_WARNING)
> + panel = new CertWarningPane(this, this.certVerifier);
> + else if (dialogType == DialogType.MORE_INFO)
> + panel = new MoreInfoPane(this, this.certVerifier);
> + else if (dialogType == DialogType.CERT_INFO)
> + panel = new CertsInfoPane(this, this.certVerifier);
> + else if (dialogType == DialogType.SINGLE_CERT_INFO)
> + panel = new SingleCertInfoPane(this, this.certVerifier);
> + else if (dialogType == DialogType.ACCESS_WARNING)
> + panel = new AccessWarningPane(this, extras, this.certVerifier);
> + else if (dialogType == DialogType.APPLET_WARNING)
> + panel = new AppletWarningPane(this, this.certVerifier);
> + else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> + panel = new NotAllSignedWarningPane(this);
> +
> + add(panel, BorderLayout.CENTER);
> + }
> +
> + private static void centerDialog(JDialog dialog) {
> + Dimension screen = Toolkit.getDefaultToolkit().getScreenSize();
> + Dimension dialogSize = dialog.getSize();
> +
> + dialog.setLocation((screen.width - dialogSize.width) / 2,
> + (screen.height - dialogSize.height) / 2);
> + }
> +
> + private void selectDefaultButton() {
> + if (panel == null) {
> + System.out.println("initial value panel is null");
> + }
> + panel.requestFocusOnDefaultButton();
> + }
> +
> + protected void setValue(Object value) {
> + if (JNLPRuntime.isDebug()) {
> + System.out.println("Setting value:" + value);
> + }
> + this.value = value;
> + }
> +
> + public Object getValue() {
> + if (JNLPRuntime.isDebug()) {
> + System.out.println("Returning value:" + value);
> + }
> + return value;
> + }
> +
> + /**
> + * Called when the SecurityDialog is hidden - either because the user
> + * made a choice (Ok, Cancel, etc) or closed the window
> + */
> + @Override
> + public void dispose() {
> + notifySelectionMade();
> + super.dispose();
> + }
> +
> + /**
> + * Updates the look and feel of the window to be the system look and feel
> + */
> + protected void setSystemLookAndFeel() {
> + try {
> + UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
> + } catch (Exception e) {
> + //don't worry if we can't.
> + }
> + }
> +
> + private final List<ActionListener> listeners = new CopyOnWriteArrayList<ActionListener>();
> +
> + /**
> + * Notify all the listeners that the user has made a decision using this
> + * security dialog.
> + */
> + public void notifySelectionMade() {
> + for (ActionListener listener : listeners) {
> + listener.actionPerformed(null);
> + }
> + }
> +
> + /**
> + * Adds an {@link ActionListener} which will be notified if the user makes a
> + * choice using this SecurityDialog. The listener should use {@link #getValue()}
> + * to actually get the user's response.
> + */
> + public void addActionListener(ActionListener listener) {
> + listeners.add(listener);
> + }
> +
> +}
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java b/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessage.java
> @@ -6,8 +6,8 @@
> import javax.swing.JDialog;
>
> import net.sourceforge.jnlp.JNLPFile;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> -import net.sourceforge.jnlp.security.SecurityWarning.DialogType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.DialogType;
>
> /**
> * Represents a message to the security framework to show a specific security
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java b/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogMessageHandler.java
> @@ -50,7 +50,7 @@
> * Handles {@link SecurityDialogMessage}s and shows appropriate security
> * dialogs.
> * <p>
> - * In the current architecture, {@link SecurityWarningDialog}s are shown from a
> + * In the current architecture, {@link SecurityDialog}s are shown from a
> * different {@link AppContext} than the {@link AppContext} that asks for a
> * security prompt. This ensures that all security prompts are isolated and
> * their Look and Feel is not affected by the Look and Feel of the
> @@ -86,7 +86,7 @@
>
> /**
> * Handles a single {@link SecurityDialogMessage} by showing a
> - * {@link SecurityWarningDialog}.
> + * {@link SecurityDialog}.
> * <p>
> * Once the user has made a choice the
> * {@link SecurityDialogMessage#toDispose} (if not null) is disposed and
> @@ -98,7 +98,7 @@
> private void handleMessage(SecurityDialogMessage message) {
> final SecurityDialogMessage msg = message;
>
> - final SecurityWarningDialog dialog = new SecurityWarningDialog(message.dialogType,
> + final SecurityDialog dialog = new SecurityDialog(message.dialogType,
> message.accessType, message.file, message.certVerifier, message.certificate, message.extras);
>
> dialog.addActionListener(new ActionListener() {
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java b/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogPanel.java
> @@ -49,19 +49,19 @@
> */
> public abstract class SecurityDialogPanel extends JPanel {
>
> - protected SecurityWarningDialog parent;
> + protected SecurityDialog parent;
>
> JComponent initialFocusComponent = null;
>
> CertVerifier certVerifier = null;
>
> - public SecurityDialogPanel(SecurityWarningDialog dialog, CertVerifier certVerifier) {
> + public SecurityDialogPanel(SecurityDialog dialog, CertVerifier certVerifier) {
> this.parent = dialog;
> this.certVerifier = certVerifier;
> this.setLayout(new BorderLayout());
> }
>
> - public SecurityDialogPanel(SecurityWarningDialog dialog) {
> + public SecurityDialogPanel(SecurityDialog dialog) {
> this.parent = dialog;
> this.setLayout(new BorderLayout());
> }
> @@ -75,12 +75,12 @@
>
> /**
> * Create an ActionListener suitable for use with buttons. When this {@link ActionListener}
> - * is invoked, it will set the value of the {@link SecurityWarningDialog} and then dispossed.
> + * is invoked, it will set the value of the {@link SecurityDialog} and then dispossed.
> *
> * @param buttonIndex the index of the button. By convention 0 = Yes. 1 = No, 2 = Cancel
> * @return the ActionListener instance.
> */
> - protected ActionListener createSetValueListener(SecurityWarningDialog dialog, int buttonIndex) {
> + protected ActionListener createSetValueListener(SecurityDialog dialog, int buttonIndex) {
> return new SetValueHandler(dialog, buttonIndex);
> }
>
> @@ -103,9 +103,9 @@
> private class SetValueHandler implements ActionListener {
>
> Integer buttonIndex;
> - SecurityWarningDialog dialog;
> + SecurityDialog dialog;
>
> - public SetValueHandler(SecurityWarningDialog dialog, int buttonIndex) {
> + public SetValueHandler(SecurityDialog dialog, int buttonIndex) {
> this.dialog = dialog;
> this.buttonIndex = buttonIndex;
> }
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java
> new file mode 100644
> --- /dev/null
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java
> @@ -0,0 +1,331 @@
> +/* SecurityDialogs.java
> + Copyright (C) 2010 Red Hat, Inc.
> +
> +This file is part of IcedTea.
> +
> +IcedTea is free software; you can redistribute it and/or
> +modify it under the terms of the GNU General Public License as published by
> +the Free Software Foundation, version 2.
> +
> +IcedTea is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> +General Public License for more details.
> +
> +You should have received a copy of the GNU General Public License
> +along with IcedTea; see the file COPYING. If not, write to
> +the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> +02110-1301 USA.
> +
> +Linking this library statically or dynamically with other modules is
> +making a combined work based on this library. Thus, the terms and
> +conditions of the GNU General Public License cover the whole
> +combination.
> +
> +As a special exception, the copyright holders of this library give you
> +permission to link this library with independent modules to produce an
> +executable, regardless of the license terms of these independent
> +modules, and to copy and distribute the resulting executable under
> +terms of your choice, provided that you also meet, for each linked
> +independent module, the terms and conditions of the license of that
> +module. An independent module is a module which is not derived from
> +or based on this library. If you modify this library, you may extend
> +this exception to your version of the library, but you are not
> +obligated to do so. If you do not wish to do so, delete this
> +exception statement from your version.
> +*/
> +
> +package net.sourceforge.jnlp.security;
> +
> +import java.awt.Dialog.ModalityType;
> +import java.awt.event.WindowAdapter;
> +import java.awt.event.WindowEvent;
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
> +import java.util.concurrent.Semaphore;
> +
> +import javax.swing.JDialog;
> +import javax.swing.SwingUtilities;
> +
> +import net.sourceforge.jnlp.JNLPFile;
> +import net.sourceforge.jnlp.config.DeploymentConfiguration;
> +import net.sourceforge.jnlp.runtime.JNLPRuntime;
> +
> +/**
> + * A factory for showing many possible types of security warning to the user.<p>
> + *
> + * This contains all the public methods that classes outside this package should
> + * use instead of using {@link SecurityDialog} directly.
> + *
> + * All of these methods post a message to the
> + * {@link SecurityDialogMessageHandler} and block waiting for a response.
> + */
> +public class SecurityDialogs {
> + /** Types of dialogs we can create */
> + public static enum DialogType {
> + CERT_WARNING,
> + MORE_INFO,
> + CERT_INFO,
> + SINGLE_CERT_INFO,
> + ACCESS_WARNING,
> + NOTALLSIGNED_WARNING,
> + APPLET_WARNING
> + }
> +
> + /** The types of access which may need user permission. */
> + public static enum AccessType {
> + READ_FILE,
> + WRITE_FILE,
> + CREATE_DESTKOP_SHORTCUT,
> + CLIPBOARD_READ,
> + CLIPBOARD_WRITE,
> + PRINTER,
> + NETWORK,
> + VERIFIED,
> + UNVERIFIED,
> + NOTALLSIGNED,
> + SIGNING_ERROR
> + }
> +
> + /**
> + * Shows a warning dialog for different types of system access (i.e. file
> + * open/save, clipboard read/write, printing, etc).
> + *
> + * @param accessType the type of system access requested.
> + * @param file the jnlp file associated with the requesting application.
> + * @return true if permission was granted by the user, false otherwise.
> + */
> + public static boolean showAccessWarningDialog(AccessType accessType, JNLPFile file) {
> + return showAccessWarningDialog(accessType, file, null);
> + }
> +
> + /**
> + * Shows a warning dialog for different types of system access (i.e. file
> + * open/save, clipboard read/write, printing, etc).
> + *
> + * @param accessType the type of system access requested.
> + * @param file the jnlp file associated with the requesting application.
> + * @param extras an optional array of Strings (typically) that gets
> + * passed to the dialog labels.
> + * @return true if permission was granted by the user, false otherwise.
> + */
> + public static boolean showAccessWarningDialog(final AccessType accessType,
> + final JNLPFile file, final Object[] extras) {
> +
> + if (!shouldPromptUser()) {
> + return false;
> + }
> +
> + final SecurityDialogMessage message = new SecurityDialogMessage();
> +
> + message.dialogType = DialogType.ACCESS_WARNING;
> + message.accessType = accessType;
> + message.file = file;
> + message.extras = extras;
> +
> + Object selectedValue = getUserResponse(message);
> +
> + if (selectedValue == null) {
> + return false;
> + } else if (selectedValue instanceof Integer) {
> + if (((Integer) selectedValue).intValue() == 0)
> + return true;
> + else
> + return false;
> + } else {
> + return false;
> + }
> + }
> +
> + /**
> + * Shows a warning dialog for when the main application jars are signed,
> + * but extensions aren't
> + *
> + * @return true if permission was granted by the user, false otherwise.
> + */
> + public static boolean showNotAllSignedWarningDialog(JNLPFile file) {
> +
> + if (!shouldPromptUser()) {
> + return false;
> + }
> +
> + final SecurityDialogMessage message = new SecurityDialogMessage();
> + message.dialogType = DialogType.NOTALLSIGNED_WARNING;
> + message.accessType = AccessType.NOTALLSIGNED;
> + message.file = file;
> + message.extras = new Object[0];
> +
> + Object selectedValue = getUserResponse(message);
> +
> + if (selectedValue == null) {
> + return false;
> + } else if (selectedValue instanceof Integer) {
> + if (((Integer) selectedValue).intValue() == 0) {
> + return true;
> + } else {
> + return false;
> + }
> + } else {
> + return false;
> + }
> + }
> +
> + /**
> + * Shows a security warning dialog according to the specified type of
> + * access. If <code>type</code> is one of AccessType.VERIFIED or
> + * AccessType.UNVERIFIED, extra details will be available with regards
> + * to code signing and signing certificates.
> + *
> + * @param accessType the type of warning dialog to show
> + * @param file the JNLPFile associated with this warning
> + * @param jarSigner the JarSigner used to verify this application
> + */
> + public static boolean showCertWarningDialog(AccessType accessType,
> + JNLPFile file, CertVerifier jarSigner) {
> +
> + if (!shouldPromptUser()) {
> + return false;
> + }
> +
> + final SecurityDialogMessage message = new SecurityDialogMessage();
> + message.dialogType = DialogType.CERT_WARNING;
> + message.accessType = accessType;
> + message.file = file;
> + message.certVerifier = jarSigner;
> +
> + Object selectedValue = getUserResponse(message);
> +
> + if (selectedValue == null) {
> + return false;
> + } else if (selectedValue instanceof Integer) {
> + if (((Integer) selectedValue).intValue() == 0)
> + return true;
> + else
> + return false;
> + } else {
> + return false;
> + }
> + }
> +
> + /**
> + * FIXME This is unused. Remove it?
> + * @return (0, 1, 2) => (Yes, No, Cancel)
> + */
> + public static int showAppletWarning() {
> +
> + if (!shouldPromptUser()) {
> + return 2;
> + }
> +
> + SecurityDialogMessage message = new SecurityDialogMessage();
> + message.dialogType = DialogType.APPLET_WARNING;
> +
> + Object selectedValue = getUserResponse(message);
> +
> + // result 0 = Yes, 1 = No, 2 = Cancel
> + if (selectedValue == null) {
> + return 2;
> + } else if (selectedValue instanceof Integer) {
> + return ((Integer) selectedValue).intValue();
> + } else {
> + return 2;
> + }
> + }
> +
> + /**
> + * Posts the message to the SecurityThread and gets the response. Blocks
> + * until a response has been recieved. It's safe to call this from an
> + * EventDispatchThread.
> + *
> + * @param message the SecuritDialogMessage indicating what type of dialog to
> + * display
> + * @return The user's response. Can be null. The exact answer depends on the
> + * type of message, but generally an Integer corresponding to the value 0
> + * indicates success/proceed, and everything else indicates failure
> + */
> + private static Object getUserResponse(final SecurityDialogMessage message) {
> + /*
> + * Want to show a security warning, while blocking the client
> + * application. This would be easy except there is a bug in showing
> + * modal JDialogs in a different AppContext. The source EventQueue -
> + * that sends the message to the (destination) EventQueue which is
> + * supposed to actually show the dialog - must not block. If the source
> + * EventQueue blocks, the destination EventQueue stops responding. So we
> + * have a hack here to work around it.
> + */
> +
> + /*
> + * If this is the event dispatch thread the use the hack
> + */
> + if (SwingUtilities.isEventDispatchThread()) {
> + /*
> + * Create a tiny modal dialog (which creates a new EventQueue for
> + * this AppContext, but blocks the original client EventQueue) and
> + * then post the message - this makes the source EventQueue continue
> + * running - but dot not allow the actual applet/application to
> + * continue processing
> + */
> + final JDialog fakeDialog = new JDialog();
> + fakeDialog.setSize(0, 0);
> + fakeDialog.setResizable(false);
> + fakeDialog.setModalityType(ModalityType.APPLICATION_MODAL);
> + fakeDialog.addWindowListener(new WindowAdapter() {
> +
> + @Override
> + public void windowOpened(WindowEvent e) {
> + message.toDispose = fakeDialog;
> + message.lock = null;
> + AccessController.doPrivileged(new PrivilegedAction<Void>() {
> + @Override
> + public Void run() {
> + JNLPRuntime.getSecurityDialogHandler().postMessage(message);
> + return null;
> + }
> + });
> + }
> + });
> +
> + /* this dialog will be disposed/hidden when the user closes the security prompt */
> + fakeDialog.setVisible(true);
> + } else {
> + /*
> + * Otherwise do it the normal way. Post a message to the security
> + * thread to make it show the security dialog. Wait until it tells us
> + * to proceed.
> + */
> + message.toDispose = null;
> + message.lock = new Semaphore(0);
> + JNLPRuntime.getSecurityDialogHandler().postMessage(message);
> +
> + boolean done = false;
> + while (!done) {
> + try {
> + message.lock.acquire();
> + done = true;
> + } catch (InterruptedException e) {
> + // ignore; retry
> + }
> + }
> +
> + }
> +
> + return message.userResponse;
> + }
> +
> + /**
> + * Returns whether the current runtime configuration allows prompting user
> + * for security warnings.
> + *
> + * @return true if security warnings should be shown to the user.
> + */
> + private static boolean shouldPromptUser() {
> + return AccessController.doPrivileged(new PrivilegedAction<Boolean >() {
> + @Override
> + public Boolean run() {
> + return Boolean.valueOf(JNLPRuntime.getConfiguration()
> + .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER));
> + }
> + });
> + }
> +
> +}
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityWarning.java b/netx/net/sourceforge/jnlp/security/SecurityWarning.java
> deleted file mode 100644
> --- a/netx/net/sourceforge/jnlp/security/SecurityWarning.java
> +++ /dev/null
> @@ -1,331 +0,0 @@
> -/* SecurityWarningDialogFactory.java
> - Copyright (C) 2010 Red Hat, Inc.
> -
> -This file is part of IcedTea.
> -
> -IcedTea is free software; you can redistribute it and/or
> -modify it under the terms of the GNU General Public License as published by
> -the Free Software Foundation, version 2.
> -
> -IcedTea is distributed in the hope that it will be useful,
> -but WITHOUT ANY WARRANTY; without even the implied warranty of
> -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> -General Public License for more details.
> -
> -You should have received a copy of the GNU General Public License
> -along with IcedTea; see the file COPYING. If not, write to
> -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> -02110-1301 USA.
> -
> -Linking this library statically or dynamically with other modules is
> -making a combined work based on this library. Thus, the terms and
> -conditions of the GNU General Public License cover the whole
> -combination.
> -
> -As a special exception, the copyright holders of this library give you
> -permission to link this library with independent modules to produce an
> -executable, regardless of the license terms of these independent
> -modules, and to copy and distribute the resulting executable under
> -terms of your choice, provided that you also meet, for each linked
> -independent module, the terms and conditions of the license of that
> -module. An independent module is a module which is not derived from
> -or based on this library. If you modify this library, you may extend
> -this exception to your version of the library, but you are not
> -obligated to do so. If you do not wish to do so, delete this
> -exception statement from your version.
> -*/
> -
> -package net.sourceforge.jnlp.security;
> -
> -import java.awt.Dialog.ModalityType;
> -import java.awt.event.WindowAdapter;
> -import java.awt.event.WindowEvent;
> -import java.security.AccessController;
> -import java.security.PrivilegedAction;
> -import java.util.concurrent.Semaphore;
> -
> -import javax.swing.JDialog;
> -import javax.swing.SwingUtilities;
> -
> -import net.sourceforge.jnlp.JNLPFile;
> -import net.sourceforge.jnlp.config.DeploymentConfiguration;
> -import net.sourceforge.jnlp.runtime.JNLPRuntime;
> -
> -/**
> - * A factory for showing many possible types of security warning to the user.<p>
> - *
> - * This contains all the public methods that classes outside this package should
> - * use instead of using {@link SecurityWarningDialog} directly.
> - *
> - * All of these methods post a message to the
> - * {@link SecurityDialogMessageHandler} and block waiting for a response.
> - */
> -public class SecurityWarning {
> - /** Types of dialogs we can create */
> - public static enum DialogType {
> - CERT_WARNING,
> - MORE_INFO,
> - CERT_INFO,
> - SINGLE_CERT_INFO,
> - ACCESS_WARNING,
> - NOTALLSIGNED_WARNING,
> - APPLET_WARNING
> - }
> -
> - /** The types of access which may need user permission. */
> - public static enum AccessType {
> - READ_FILE,
> - WRITE_FILE,
> - CREATE_DESTKOP_SHORTCUT,
> - CLIPBOARD_READ,
> - CLIPBOARD_WRITE,
> - PRINTER,
> - NETWORK,
> - VERIFIED,
> - UNVERIFIED,
> - NOTALLSIGNED,
> - SIGNING_ERROR
> - }
> -
> - /**
> - * Shows a warning dialog for different types of system access (i.e. file
> - * open/save, clipboard read/write, printing, etc).
> - *
> - * @param accessType the type of system access requested.
> - * @param file the jnlp file associated with the requesting application.
> - * @return true if permission was granted by the user, false otherwise.
> - */
> - public static boolean showAccessWarningDialog(AccessType accessType, JNLPFile file) {
> - return showAccessWarningDialog(accessType, file, null);
> - }
> -
> - /**
> - * Shows a warning dialog for different types of system access (i.e. file
> - * open/save, clipboard read/write, printing, etc).
> - *
> - * @param accessType the type of system access requested.
> - * @param file the jnlp file associated with the requesting application.
> - * @param extras an optional array of Strings (typically) that gets
> - * passed to the dialog labels.
> - * @return true if permission was granted by the user, false otherwise.
> - */
> - public static boolean showAccessWarningDialog(final AccessType accessType,
> - final JNLPFile file, final Object[] extras) {
> -
> - if (!shouldPromptUser()) {
> - return false;
> - }
> -
> - final SecurityDialogMessage message = new SecurityDialogMessage();
> -
> - message.dialogType = DialogType.ACCESS_WARNING;
> - message.accessType = accessType;
> - message.file = file;
> - message.extras = extras;
> -
> - Object selectedValue = getUserResponse(message);
> -
> - if (selectedValue == null) {
> - return false;
> - } else if (selectedValue instanceof Integer) {
> - if (((Integer) selectedValue).intValue() == 0)
> - return true;
> - else
> - return false;
> - } else {
> - return false;
> - }
> - }
> -
> - /**
> - * Shows a warning dialog for when the main application jars are signed,
> - * but extensions aren't
> - *
> - * @return true if permission was granted by the user, false otherwise.
> - */
> - public static boolean showNotAllSignedWarningDialog(JNLPFile file) {
> -
> - if (!shouldPromptUser()) {
> - return false;
> - }
> -
> - final SecurityDialogMessage message = new SecurityDialogMessage();
> - message.dialogType = DialogType.NOTALLSIGNED_WARNING;
> - message.accessType = AccessType.NOTALLSIGNED;
> - message.file = file;
> - message.extras = new Object[0];
> -
> - Object selectedValue = getUserResponse(message);
> -
> - if (selectedValue == null) {
> - return false;
> - } else if (selectedValue instanceof Integer) {
> - if (((Integer) selectedValue).intValue() == 0) {
> - return true;
> - } else {
> - return false;
> - }
> - } else {
> - return false;
> - }
> - }
> -
> - /**
> - * Shows a security warning dialog according to the specified type of
> - * access. If <code>type</code> is one of AccessType.VERIFIED or
> - * AccessType.UNVERIFIED, extra details will be available with regards
> - * to code signing and signing certificates.
> - *
> - * @param accessType the type of warning dialog to show
> - * @param file the JNLPFile associated with this warning
> - * @param jarSigner the JarSigner used to verify this application
> - */
> - public static boolean showCertWarningDialog(AccessType accessType,
> - JNLPFile file, CertVerifier jarSigner) {
> -
> - if (!shouldPromptUser()) {
> - return false;
> - }
> -
> - final SecurityDialogMessage message = new SecurityDialogMessage();
> - message.dialogType = DialogType.CERT_WARNING;
> - message.accessType = accessType;
> - message.file = file;
> - message.certVerifier = jarSigner;
> -
> - Object selectedValue = getUserResponse(message);
> -
> - if (selectedValue == null) {
> - return false;
> - } else if (selectedValue instanceof Integer) {
> - if (((Integer) selectedValue).intValue() == 0)
> - return true;
> - else
> - return false;
> - } else {
> - return false;
> - }
> - }
> -
> - /**
> - * FIXME This is unused. Remove it?
> - * @return (0, 1, 2) => (Yes, No, Cancel)
> - */
> - public static int showAppletWarning() {
> -
> - if (!shouldPromptUser()) {
> - return 2;
> - }
> -
> - SecurityDialogMessage message = new SecurityDialogMessage();
> - message.dialogType = DialogType.APPLET_WARNING;
> -
> - Object selectedValue = getUserResponse(message);
> -
> - // result 0 = Yes, 1 = No, 2 = Cancel
> - if (selectedValue == null) {
> - return 2;
> - } else if (selectedValue instanceof Integer) {
> - return ((Integer) selectedValue).intValue();
> - } else {
> - return 2;
> - }
> - }
> -
> - /**
> - * Posts the message to the SecurityThread and gets the response. Blocks
> - * until a response has been recieved. It's safe to call this from an
> - * EventDispatchThread.
> - *
> - * @param message the SecuritDialogMessage indicating what type of dialog to
> - * display
> - * @return The user's response. Can be null. The exact answer depends on the
> - * type of message, but generally an Integer corresponding to the value 0
> - * indicates success/proceed, and everything else indicates failure
> - */
> - private static Object getUserResponse(final SecurityDialogMessage message) {
> - /*
> - * Want to show a security warning, while blocking the client
> - * application. This would be easy except there is a bug in showing
> - * modal JDialogs in a different AppContext. The source EventQueue -
> - * that sends the message to the (destination) EventQueue which is
> - * supposed to actually show the dialog - must not block. If the source
> - * EventQueue blocks, the destination EventQueue stops responding. So we
> - * have a hack here to work around it.
> - */
> -
> - /*
> - * If this is the event dispatch thread the use the hack
> - */
> - if (SwingUtilities.isEventDispatchThread()) {
> - /*
> - * Create a tiny modal dialog (which creates a new EventQueue for
> - * this AppContext, but blocks the original client EventQueue) and
> - * then post the message - this makes the source EventQueue continue
> - * running - but dot not allow the actual applet/application to
> - * continue processing
> - */
> - final JDialog fakeDialog = new JDialog();
> - fakeDialog.setSize(0, 0);
> - fakeDialog.setResizable(false);
> - fakeDialog.setModalityType(ModalityType.APPLICATION_MODAL);
> - fakeDialog.addWindowListener(new WindowAdapter() {
> -
> - @Override
> - public void windowOpened(WindowEvent e) {
> - message.toDispose = fakeDialog;
> - message.lock = null;
> - AccessController.doPrivileged(new PrivilegedAction<Void>() {
> - @Override
> - public Void run() {
> - JNLPRuntime.getSecurityDialogHandler().postMessage(message);
> - return null;
> - }
> - });
> - }
> - });
> -
> - /* this dialog will be disposed/hidden when the user closes the security prompt */
> - fakeDialog.setVisible(true);
> - } else {
> - /*
> - * Otherwise do it the normal way. Post a message to the security
> - * thread to make it show the security dialog. Wait until it tells us
> - * to proceed.
> - */
> - message.toDispose = null;
> - message.lock = new Semaphore(0);
> - JNLPRuntime.getSecurityDialogHandler().postMessage(message);
> -
> - boolean done = false;
> - while (!done) {
> - try {
> - message.lock.acquire();
> - done = true;
> - } catch (InterruptedException e) {
> - // ignore; retry
> - }
> - }
> -
> - }
> -
> - return message.userResponse;
> - }
> -
> - /**
> - * Returns whether the current runtime configuration allows prompting user
> - * for security warnings.
> - *
> - * @return true if security warnings should be shown to the user.
> - */
> - private static boolean shouldPromptUser() {
> - return AccessController.doPrivileged(new PrivilegedAction<Boolean >() {
> - @Override
> - public Boolean run() {
> - return Boolean.valueOf(JNLPRuntime.getConfiguration()
> - .getProperty(DeploymentConfiguration.KEY_SECURITY_PROMPT_USER));
> - }
> - });
> - }
> -
> -}
> diff --git a/netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java b/netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java
> deleted file mode 100644
> --- a/netx/net/sourceforge/jnlp/security/SecurityWarningDialog.java
> +++ /dev/null
> @@ -1,369 +0,0 @@
> -/* SecurityWarningDialog.java
> - Copyright (C) 2008 Red Hat, Inc.
> -
> -This file is part of IcedTea.
> -
> -IcedTea is free software; you can redistribute it and/or
> -modify it under the terms of the GNU General Public License as published by
> -the Free Software Foundation, version 2.
> -
> -IcedTea is distributed in the hope that it will be useful,
> -but WITHOUT ANY WARRANTY; without even the implied warranty of
> -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> -General Public License for more details.
> -
> -You should have received a copy of the GNU General Public License
> -along with IcedTea; see the file COPYING. If not, write to
> -the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
> -02110-1301 USA.
> -
> -Linking this library statically or dynamically with other modules is
> -making a combined work based on this library. Thus, the terms and
> -conditions of the GNU General Public License cover the whole
> -combination.
> -
> -As a special exception, the copyright holders of this library give you
> -permission to link this library with independent modules to produce an
> -executable, regardless of the license terms of these independent
> -modules, and to copy and distribute the resulting executable under
> -terms of your choice, provided that you also meet, for each linked
> -independent module, the terms and conditions of the license of that
> -module. An independent module is a module which is not derived from
> -or based on this library. If you modify this library, you may extend
> -this exception to your version of the library, but you are not
> -obligated to do so. If you do not wish to do so, delete this
> -exception statement from your version.
> -*/
> -
> -package net.sourceforge.jnlp.security;
> -
> -import net.sourceforge.jnlp.JNLPFile;
> -import net.sourceforge.jnlp.runtime.JNLPRuntime;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> -import net.sourceforge.jnlp.security.SecurityWarning.DialogType;
> -
> -import java.awt.*;
> -
> -import javax.swing.*;
> -
> -import java.awt.event.*;
> -import java.security.cert.X509Certificate;
> -import java.util.concurrent.CopyOnWriteArrayList;
> -
> -import java.util.List;
> -
> -/**
> - * Provides methods for showing security warning dialogs for a wide range of
> - * JNLP security issues. Note that the security dialogs should be running in the
> - * secure AppContext - this class should not be used directly from an applet or
> - * application. See {@link SecurityWarning} for a way to show security dialogs.
> - *
> - * @author <a href="mailto:jsumali at redhat.com">Joshua Sumali</a>
> - */
> -public class SecurityWarningDialog extends JDialog {
> -
> - /** The type of dialog we want to show */
> - private DialogType dialogType;
> -
> - /** The type of access that this dialog is for */
> - private AccessType accessType;
> -
> - private SecurityDialogPanel panel;
> -
> - /** The application file associated with this security warning */
> - private JNLPFile file;
> -
> - private CertVerifier certVerifier;
> -
> - private X509Certificate cert;
> -
> - /** An optional String array that's only necessary when a dialog
> - * label requires some parameters (e.g. showing which address an application
> - * is trying to connect to).
> - */
> - private Object[] extras;
> -
> - /** Whether or not this object has been fully initialized */
> - private boolean initialized = false;
> -
> - /**
> - * the return value of this dialog. result: 0 = Yes, 1 = No, 2 = Cancel,
> - * null = Window closed.
> - */
> - private Object value;
> -
> - SecurityWarningDialog(DialogType dialogType, AccessType accessType,
> - JNLPFile file, CertVerifier jarSigner, X509Certificate cert, Object[] extras) {
> - super();
> - this.dialogType = dialogType;
> - this.accessType = accessType;
> - this.file = file;
> - this.certVerifier = jarSigner;
> - this.cert = cert;
> - this.extras = extras;
> - initialized = true;
> -
> - initDialog();
> - }
> -
> - /**
> - * Construct a SecurityWarningDialog to display some sort of access warning
> - */
> - SecurityWarningDialog(DialogType dialogType, AccessType accessType,
> - JNLPFile file) {
> - this(dialogType, accessType, file, null, null, null);
> - }
> -
> - /**
> - * Create a SecurityWarningDialog to display a certificate-related warning
> - */
> - SecurityWarningDialog(DialogType dialogType, AccessType accessType,
> - JNLPFile file, CertVerifier jarSigner) {
> - this(dialogType, accessType, file, jarSigner, null, null);
> - }
> -
> - /**
> - * Create a SecurityWarningDialog to display a certificate-related warning
> - */
> - SecurityWarningDialog(DialogType dialogType, AccessType accessType,
> - CertVerifier certVerifier) {
> - this(dialogType, accessType, null, certVerifier, null, null);
> - }
> -
> - /**
> - * Create a SecurityWarningDialog to display some sort of access warning
> - * with more information
> - */
> - SecurityWarningDialog(DialogType dialogType, AccessType accessType,
> - JNLPFile file, Object[] extras) {
> - this(dialogType, accessType, file, null, null, extras);
> - }
> -
> - /**
> - * Create a SecurityWarningDailog to display information about a single
> - * certificate
> - */
> - SecurityWarningDialog(DialogType dialogType, X509Certificate c) {
> - this(dialogType, null, null, null, c, null);
> - }
> -
> - /**
> - * Returns if this dialog has been fully initialized yet.
> - * @return true if this dialog has been initialized, and false otherwise.
> - */
> - public boolean isInitialized() {
> - return initialized;
> - }
> -
> - /**
> - * Shows more information regarding jar code signing
> - *
> - * @param jarSigner the JarSigner used to verify this application
> - * @param parent the parent option pane
> - */
> - public static void showMoreInfoDialog(
> - CertVerifier jarSigner, SecurityWarningDialog parent) {
> -
> - SecurityWarningDialog dialog =
> - new SecurityWarningDialog(DialogType.MORE_INFO, null, null,
> - jarSigner);
> - dialog.setModalityType(ModalityType.APPLICATION_MODAL);
> - dialog.setVisible(true);
> - dialog.dispose();
> - }
> -
> - /**
> - * Displays CertPath information in a readable table format.
> - *
> - * @param jarSigner the JarSigner used to verify this application
> - * @param parent the parent option pane
> - */
> - public static void showCertInfoDialog(CertVerifier jarSigner,
> - SecurityWarningDialog parent) {
> - SecurityWarningDialog dialog = new SecurityWarningDialog(DialogType.CERT_INFO,
> - null, null, jarSigner);
> - dialog.setLocationRelativeTo(parent);
> - dialog.setModalityType(ModalityType.APPLICATION_MODAL);
> - dialog.setVisible(true);
> - dialog.dispose();
> - }
> -
> - /**
> - * Displays a single certificate's information.
> - *
> - * @param c the X509 certificate.
> - * @param parent the parent pane.
> - */
> - public static void showSingleCertInfoDialog(X509Certificate c,
> - JDialog parent) {
> - SecurityWarningDialog dialog = new SecurityWarningDialog(DialogType.SINGLE_CERT_INFO, c);
> - dialog.setLocationRelativeTo(parent);
> - dialog.setModalityType(ModalityType.APPLICATION_MODAL);
> - dialog.setVisible(true);
> - dialog.dispose();
> - }
> -
> - private void initDialog() {
> - setSystemLookAndFeel();
> -
> - String dialogTitle = "";
> - if (dialogType == DialogType.CERT_WARNING)
> - dialogTitle = "Warning - Security";
> - else if (dialogType == DialogType.MORE_INFO)
> - dialogTitle = "More Information";
> - else if (dialogType == DialogType.CERT_INFO)
> - dialogTitle = "Details - Certificate";
> - else if (dialogType == DialogType.ACCESS_WARNING)
> - dialogTitle = "Security Warning";
> - else if (dialogType == DialogType.APPLET_WARNING)
> - dialogTitle = "Applet Warning";
> - else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> - dialogTitle = "Security Warning";
> -
> - setTitle(dialogTitle);
> - setModalityType(ModalityType.MODELESS);
> -
> - setDefaultCloseOperation(DISPOSE_ON_CLOSE);
> -
> - installPanel();
> -
> - pack();
> -
> - WindowAdapter adapter = new WindowAdapter() {
> - private boolean gotFocus = false;
> -
> - @Override
> - public void windowGainedFocus(WindowEvent we) {
> - // Once window gets focus, set initial focus
> - if (!gotFocus) {
> - selectDefaultButton();
> - gotFocus = true;
> - }
> - }
> -
> - @Override
> - public void windowOpened(WindowEvent e) {
> - if (e.getSource() instanceof SecurityWarningDialog) {
> - SecurityWarningDialog dialog = (SecurityWarningDialog) e.getSource();
> - dialog.setResizable(true);
> - centerDialog(dialog);
> - dialog.setValue(null);
> - }
> - }
> - };
> - addWindowListener(adapter);
> - addWindowFocusListener(adapter);
> -
> - }
> -
> - public AccessType getAccessType() {
> - return accessType;
> - }
> -
> - public JNLPFile getFile() {
> - return file;
> - }
> -
> - public CertVerifier getJarSigner() {
> - return certVerifier;
> - }
> -
> - public X509Certificate getCert() {
> - return cert;
> - }
> -
> - /**
> - * Adds the appropriate JPanel to this Dialog, based on {@link DialogType}.
> - */
> - private void installPanel() {
> -
> - if (dialogType == DialogType.CERT_WARNING)
> - panel = new CertWarningPane(this, this.certVerifier);
> - else if (dialogType == DialogType.MORE_INFO)
> - panel = new MoreInfoPane(this, this.certVerifier);
> - else if (dialogType == DialogType.CERT_INFO)
> - panel = new CertsInfoPane(this, this.certVerifier);
> - else if (dialogType == DialogType.SINGLE_CERT_INFO)
> - panel = new SingleCertInfoPane(this, this.certVerifier);
> - else if (dialogType == DialogType.ACCESS_WARNING)
> - panel = new AccessWarningPane(this, extras, this.certVerifier);
> - else if (dialogType == DialogType.APPLET_WARNING)
> - panel = new AppletWarningPane(this, this.certVerifier);
> - else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> - panel = new NotAllSignedWarningPane(this);
> -
> - add(panel, BorderLayout.CENTER);
> - }
> -
> - private static void centerDialog(JDialog dialog) {
> - Dimension screen = Toolkit.getDefaultToolkit().getScreenSize();
> - Dimension dialogSize = dialog.getSize();
> -
> - dialog.setLocation((screen.width - dialogSize.width) / 2,
> - (screen.height - dialogSize.height) / 2);
> - }
> -
> - private void selectDefaultButton() {
> - if (panel == null) {
> - System.out.println("initial value panel is null");
> - }
> - panel.requestFocusOnDefaultButton();
> - }
> -
> - protected void setValue(Object value) {
> - if (JNLPRuntime.isDebug()) {
> - System.out.println("Setting value:" + value);
> - }
> - this.value = value;
> - }
> -
> - public Object getValue() {
> - if (JNLPRuntime.isDebug()) {
> - System.out.println("Returning value:" + value);
> - }
> - return value;
> - }
> -
> - /**
> - * Called when the SecurityWarningDialog is hidden - either because the user
> - * made a choice (Ok, Cancel, etc) or closed the window
> - */
> - @Override
> - public void dispose() {
> - notifySelectionMade();
> - super.dispose();
> - }
> -
> - /**
> - * Updates the look and feel of the window to be the system look and feel
> - */
> - protected void setSystemLookAndFeel() {
> - try {
> - UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
> - } catch (Exception e) {
> - //don't worry if we can't.
> - }
> - }
> -
> - private List<ActionListener> listeners = new CopyOnWriteArrayList<ActionListener>();
> -
> - /**
> - * Notify all the listeners that the user has made a decision using this
> - * security dialog.
> - */
> - public void notifySelectionMade() {
> - for (ActionListener listener : listeners) {
> - listener.actionPerformed(null);
> - }
> - }
> -
> - /**
> - * Adds an {@link ActionListener} which will be notified if the user makes a
> - * choice using this SecurityWarningDialog. The listener should use {@link #getValue()}
> - * to actually get the user's response.
> - */
> - public void addActionListener(ActionListener listener) {
> - listeners.add(listener);
> - }
> -
> -}
> diff --git a/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java b/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java
> --- a/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java
> +++ b/netx/net/sourceforge/jnlp/security/SingleCertInfoPane.java
> @@ -46,7 +46,7 @@
>
> public class SingleCertInfoPane extends CertsInfoPane {
>
> - public SingleCertInfoPane(SecurityWarningDialog x, CertVerifier certVerifier) {
> + public SingleCertInfoPane(SecurityDialog x, CertVerifier certVerifier) {
> super(x, certVerifier);
> }
>
> diff --git a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java
> --- a/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java
> +++ b/netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java
> @@ -54,7 +54,7 @@
>
> import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager;
>
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
>
> /**
> * This class implements an X509 Trust Manager. The certificates it trusts are
> @@ -378,7 +378,7 @@
> private boolean askUser(X509Certificate[] chain, String authType,
> boolean isTrusted, boolean hostMatched,
> String hostName) {
> - return SecurityWarning.showCertWarningDialog(
> + return SecurityDialogs.showCertWarningDialog(
> AccessType.UNVERIFIED, null,
> new HttpsCertVerifier(this, chain, authType,
> isTrusted, hostMatched,
> diff --git a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
> --- a/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
> +++ b/netx/net/sourceforge/jnlp/security/viewer/CertificatePane.java
> @@ -75,7 +75,7 @@
> import net.sourceforge.jnlp.security.CertificateUtils;
> import net.sourceforge.jnlp.security.KeyStores;
> import net.sourceforge.jnlp.security.SecurityUtil;
> -import net.sourceforge.jnlp.security.SecurityWarningDialog;
> +import net.sourceforge.jnlp.security.SecurityDialog;
> import net.sourceforge.jnlp.security.KeyStores.Level;
> import net.sourceforge.jnlp.util.FileUtils;
>
> @@ -478,7 +478,7 @@
> int selectedRow = table.getSelectedRow();
> if (selectedRow != -1 && selectedRow >= 0) {
> X509Certificate c = certs.get(selectedRow);
> - SecurityWarningDialog.showSingleCertInfoDialog(c, parent);
> + SecurityDialog.showSingleCertInfoDialog(c, parent);
> }
> }
> }
> diff --git a/netx/net/sourceforge/jnlp/services/ServiceUtil.java b/netx/net/sourceforge/jnlp/services/ServiceUtil.java
> --- a/netx/net/sourceforge/jnlp/services/ServiceUtil.java
> +++ b/netx/net/sourceforge/jnlp/services/ServiceUtil.java
> @@ -40,8 +40,8 @@
> import net.sourceforge.jnlp.config.DeploymentConfiguration;
> import net.sourceforge.jnlp.runtime.ApplicationInstance;
> import net.sourceforge.jnlp.runtime.JNLPRuntime;
> -import net.sourceforge.jnlp.security.SecurityWarning;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
>
> /**
> * Provides static methods to interact useful for using the JNLP
> @@ -280,7 +280,7 @@
> //from resources.jar.
> Boolean b = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
> public Boolean run() {
> - boolean b = SecurityWarning.showAccessWarningDialog(tmpType,
> + boolean b = SecurityDialogs.showAccessWarningDialog(tmpType,
> tmpApp.getJNLPFile(), tmpExtras);
> return new Boolean(b);
> }
> diff --git a/netx/net/sourceforge/jnlp/services/XClipboardService.java b/netx/net/sourceforge/jnlp/services/XClipboardService.java
> --- a/netx/net/sourceforge/jnlp/services/XClipboardService.java
> +++ b/netx/net/sourceforge/jnlp/services/XClipboardService.java
> @@ -39,7 +39,7 @@
>
> import javax.jnlp.*;
>
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
>
> import java.awt.datatransfer.Transferable;
> import java.awt.Toolkit;
> diff --git a/netx/net/sourceforge/jnlp/services/XExtendedService.java b/netx/net/sourceforge/jnlp/services/XExtendedService.java
> --- a/netx/net/sourceforge/jnlp/services/XExtendedService.java
> +++ b/netx/net/sourceforge/jnlp/services/XExtendedService.java
> @@ -22,7 +22,7 @@
> import javax.jnlp.ExtendedService;
> import javax.jnlp.FileContents;
>
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
>
> /**
> * Implementation of ExtendedService
> diff --git a/netx/net/sourceforge/jnlp/services/XFileOpenService.java b/netx/net/sourceforge/jnlp/services/XFileOpenService.java
> --- a/netx/net/sourceforge/jnlp/services/XFileOpenService.java
> +++ b/netx/net/sourceforge/jnlp/services/XFileOpenService.java
> @@ -45,7 +45,7 @@
>
> import net.sourceforge.jnlp.*;
> import net.sourceforge.jnlp.runtime.*;
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
>
> import javax.swing.JFileChooser;
> import javax.swing.JOptionPane;
> diff --git a/netx/net/sourceforge/jnlp/services/XFileSaveService.java b/netx/net/sourceforge/jnlp/services/XFileSaveService.java
> --- a/netx/net/sourceforge/jnlp/services/XFileSaveService.java
> +++ b/netx/net/sourceforge/jnlp/services/XFileSaveService.java
> @@ -43,7 +43,7 @@
> import java.lang.ref.*;
> import javax.jnlp.*;
>
> -import net.sourceforge.jnlp.security.SecurityWarning.AccessType;
> +import net.sourceforge.jnlp.security.SecurityDialogs.AccessType;
> import net.sourceforge.jnlp.util.FileUtils;
>
> import javax.swing.JFileChooser;
> diff -r f997471ebe57 netx/net/sourceforge/jnlp/resources/Messages.properties
> --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Dec 20 12:34:16 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Dec 20 13:02:33 2010 -0500
> @@ -20,8 +20,10 @@
> Field=Field
> From=From
> Name=Name
> +Password=Password:
> Publisher=Publisher
> Unknown=<Unknown>
> +Username=Username:
> Value=Value
> Version=Version
>
> @@ -189,6 +191,7 @@
> SNotAllSignedSummary=Only parts of this application code are signed.
> SNotAllSignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control.
> SNotAllSignedQuestion=Do you wish to proceed and run this application anyway?
> +SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}"
>
> # Security - used for the More Information dialog
> SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing.
> diff -r f997471ebe57 netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java
> --- a/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java Mon Dec 20 12:34:16 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/security/JNLPAuthenticator.java Mon Dec 20 13:02:33 2010 -0500
> @@ -42,6 +42,7 @@
>
> public class JNLPAuthenticator extends Authenticator {
>
> + @Override
> public PasswordAuthentication getPasswordAuthentication() {
>
> // No security check is required here, because the only way to set
> @@ -50,12 +51,16 @@
>
> String type = this.getRequestorType() == RequestorType.PROXY ? "proxy" : "web";
>
> - // request auth info from user
> - PasswordAuthenticationPane pwDialog = new PasswordAuthenticationPane();
> - PasswordAuthentication auth = pwDialog.askUser(this.getRequestingHost(), this.getRequestingPort(), this.getRequestingPrompt(), type);
> + String host = getRequestingHost();
> + int port = getRequestingPort();
> + String prompt = getRequestingPrompt();
>
> - // send it along
> - return auth;
> + Object[] response = SecurityDialogs.showAuthenicationPrompt(host, port, prompt, type);
> + if (response == null) {
> + return null;
> + } else {
> + return new PasswordAuthentication((String) response[0], (char[]) response[1]);
> + }
> }
>
> }
> diff -r f997471ebe57 netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java
> --- a/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java Mon Dec 20 12:34:16 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/security/PasswordAuthenticationPane.java Mon Dec 20 13:02:33 2010 -0500
> @@ -37,52 +37,59 @@
>
> package net.sourceforge.jnlp.security;
>
> +import static net.sourceforge.jnlp.runtime.Translator.R;
> +
> import java.awt.Dimension;
> import java.awt.GridBagConstraints;
> import java.awt.GridBagLayout;
> import java.awt.Insets;
> import java.awt.event.ActionEvent;
> import java.awt.event.ActionListener;
> -import java.net.PasswordAuthentication;
>
> import javax.swing.JButton;
> -import javax.swing.JDialog;
> import javax.swing.JLabel;
> import javax.swing.JPasswordField;
> import javax.swing.JTextField;
> -import javax.swing.SwingUtilities;
> -
> -import net.sourceforge.jnlp.runtime.JNLPRuntime;
>
> /**
> * Modal non-minimizable dialog to request http authentication credentials
> */
>
> -public class PasswordAuthenticationPane extends JDialog {
> +public class PasswordAuthenticationPane extends SecurityDialogPanel {
>
> - private final JLabel jlInfo = new JLabel("");
> private final JTextField jtfUserName = new JTextField();
> private final JPasswordField jpfPassword = new JPasswordField();
> - private boolean userCancelled;
>
> - public PasswordAuthenticationPane() {
> - initialize();
> - }
> + private final String host;
> + private final int port;
> + private final String prompt;
> + private final String type;
> +
> + public PasswordAuthenticationPane(SecurityDialog parent, Object[] extras) {
> + super(parent);
> + host = (String) extras[0];
> + port = (Integer) extras[1];
> + prompt = (String) extras[2];
> + type = (String) extras[3];
> +
> + addComponents();
> + }
>
> /**
> * Initialized the dialog components
> */
>
> - public void initialize() {
> + public void addComponents() {
>
> - setTitle("IcedTea Java Plugin - Authorization needed to proceed");
> + JLabel jlInfo = new JLabel("");
> + jlInfo.setText("<html>" + R("SAuthenticationPrompt", type, host, prompt) + "</html>");
>
> setLayout(new GridBagLayout());
>
> - JLabel jlUserName = new JLabel("Username: ");
> - JLabel jlPassword = new JLabel("Password: ");
> - JButton jbOK = new JButton("OK");
> - JButton jbCancel = new JButton("Cancel");
> + JLabel jlUserName = new JLabel(R("Username"));
> + JLabel jlPassword = new JLabel(R("Password"));
> + JButton jbOK = new JButton(R("ButOk"));
> + JButton jbCancel = new JButton(R("ButCancel"));
>
> jtfUserName.setSize(20, 10);
> jpfPassword.setSize(20, 10);
> @@ -90,7 +97,7 @@
> GridBagConstraints c;
>
> c = new GridBagConstraints();
> - c.fill = c.HORIZONTAL;
> + c.fill = GridBagConstraints.HORIZONTAL;
> c.gridx = 0;
> c.gridy = 0;
> c.gridwidth = 2;
> @@ -104,7 +111,7 @@
> add(jlUserName, c);
>
> c = new GridBagConstraints();
> - c.fill = c.HORIZONTAL;
> + c.fill = GridBagConstraints.HORIZONTAL;
> c.gridx = 1;
> c.gridy = 1;
> c.insets = new Insets(10, 5, 3, 3);
> @@ -118,7 +125,7 @@
> add(jlPassword, c);
>
> c = new GridBagConstraints();
> - c.fill = c.HORIZONTAL;
> + c.fill = GridBagConstraints.HORIZONTAL;
> c.gridx = 1;
> c.gridy = 2;
> c.insets = new Insets(5, 5, 3, 3);
> @@ -126,7 +133,7 @@
> add(jpfPassword, c);
>
> c = new GridBagConstraints();
> - c.anchor = c.SOUTHEAST;
> + c.anchor = GridBagConstraints.SOUTHEAST;
> c.gridx = 1;
> c.gridy = 3;
> c.insets = new Insets(5, 5, 3, 70);
> @@ -134,7 +141,7 @@
> add(jbCancel, c);
>
> c = new GridBagConstraints();
> - c.anchor = c.SOUTHEAST;
> + c.anchor = GridBagConstraints.SOUTHEAST;
> c.gridx = 1;
> c.gridy = 3;
> c.insets = new Insets(5, 5, 3, 3);
> @@ -143,105 +150,33 @@
>
> setMinimumSize(new Dimension(400, 150));
> setMaximumSize(new Dimension(1024, 150));
> - setAlwaysOnTop(true);
>
> setSize(400, 150);
> - setLocationRelativeTo(null);
> + parent.setLocationRelativeTo(null);
> + initialFocusComponent = jtfUserName;
> +
> + ActionListener acceptActionListener = new ActionListener() {
> + public void actionPerformed(ActionEvent e) {
> + parent.setValue(new Object[] { jtfUserName.getText(), jpfPassword.getPassword() });
> + parent.dispose();
> + }
> + };
> +
> + ActionListener cancelActionListener = new ActionListener() {
> + public void actionPerformed(ActionEvent e) {
> + parent.setValue(null);
> + parent.dispose();
> + }
> + };
>
> // OK => read supplied info and pass it on
> - jbOK.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = false;
> - dispose();
> - }
> - });
> + jbOK.addActionListener(acceptActionListener);
>
> // Cancel => discard supplied info and pass on an empty auth
> - jbCancel.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = true;
> - dispose();
> - }
> - });
> + jbCancel.addActionListener(cancelActionListener);
>
> // "return" key in either user or password field => OK
> -
> - jtfUserName.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = false;
> - dispose();
> - }
> - });
> -
> - jpfPassword.addActionListener(new ActionListener() {
> - public void actionPerformed(ActionEvent e) {
> - userCancelled = false;
> - dispose();
> - }
> - });
> - }
> -
> - /**
> - * Present a dialog to the user asking them for authentication information
> - *
> - * @param host The host for with authentication is needed
> - * @param port The port being accessed
> - * @param prompt The prompt (realm) as presented by the server
> - * @param type The type of server (proxy/web)
> - * @return PasswordAuthentication containing the credentials (empty credentials if user cancelled)
> - */
> - protected PasswordAuthentication askUser(String host, int port, String prompt, String type) {
> - PasswordAuthentication auth = null;
> -
> - host += port != -1 ? ":" + port : "";
> -
> - // This frame is reusable. So reset everything first.
> - userCancelled = true;
> - jlInfo.setText("<html>The " + type + " server at " + host +
> - " is requesting authentication. It says \"" + prompt + "\"</html>");
> -
> - try {
> - SwingUtilities.invokeAndWait(new Runnable() {
> - public void run() {
> - // show dialog to user
> - setVisible(true);
> - }
> - });
> -
> - if (JNLPRuntime.isDebug()) {
> - System.out.println("password dialog shown");
> - }
> -
> - // wait until dialog is gone
> - while (this.isShowing()) {
> - try {
> - Thread.sleep(200);
> - } catch (InterruptedException ie) {
> - }
> - }
> -
> - if (JNLPRuntime.isDebug()) {
> - System.out.println("password dialog closed");
> - }
> -
> - if (!userCancelled) {
> - auth = new PasswordAuthentication(jtfUserName.getText(), jpfPassword.getPassword());
> - }
> - } catch (Exception e) {
> - e.printStackTrace();
> -
> - // Nothing else we can do. Empty auth will be returned
> - }
> -
> - return auth;
> - }
> -
> - public static void main(String[] args) {
> - PasswordAuthenticationPane frame = new PasswordAuthenticationPane();
> -
> - PasswordAuthentication auth = frame.askUser("127.0.0.1", 3128, "Password for local proxy", "proxy");
> -
> - System.err.println("Auth info: " + auth.getUserName() + ":" + new String(auth.getPassword()));
> - System.exit(0);
> + jtfUserName.addActionListener(acceptActionListener);
> + jpfPassword.addActionListener(acceptActionListener);
> }
> }
> diff -r f997471ebe57 netx/net/sourceforge/jnlp/security/SecurityDialog.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Mon Dec 20 12:34:16 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Mon Dec 20 13:02:33 2010 -0500
> @@ -1,5 +1,5 @@
> /* SecurityDialog.java
> - Copyright (C) 2010 Red Hat, Inc.
> + Copyright (C) 2008 Red Hat, Inc.
>
> This file is part of IcedTea.
>
> @@ -219,6 +219,8 @@
> dialogTitle = "Applet Warning";
> else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> dialogTitle = "Security Warning";
> + else if (dialogType == DialogType.AUTHENTICATION)
> + dialogTitle = "Authentication Required";
>
> setTitle(dialogTitle);
> setModalityType(ModalityType.MODELESS);
> @@ -291,6 +293,8 @@
> panel = new AppletWarningPane(this, this.certVerifier);
> else if (dialogType == DialogType.NOTALLSIGNED_WARNING)
> panel = new NotAllSignedWarningPane(this);
> + else if (dialogType == DialogType.AUTHENTICATION)
> + panel = new PasswordAuthenticationPane(this, extras);
>
> add(panel, BorderLayout.CENTER);
> }
> diff -r f997471ebe57 netx/net/sourceforge/jnlp/security/SecurityDialogs.java
> --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Mon Dec 20 12:34:16 2010 -0500
> +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Mon Dec 20 13:02:33 2010 -0500
> @@ -1,4 +1,4 @@
> -/* SecurityDialogs.java
> +/* SecurityWarningDialogFactory.java
> Copyright (C) 2010 Red Hat, Inc.
>
> This file is part of IcedTea.
> @@ -40,6 +40,7 @@
> import java.awt.Dialog.ModalityType;
> import java.awt.event.WindowAdapter;
> import java.awt.event.WindowEvent;
> +import java.net.NetPermission;
> import java.security.AccessController;
> import java.security.PrivilegedAction;
> import java.util.concurrent.Semaphore;
> @@ -69,7 +70,8 @@
> SINGLE_CERT_INFO,
> ACCESS_WARNING,
> NOTALLSIGNED_WARNING,
> - APPLET_WARNING
> + APPLET_WARNING,
> + AUTHENTICATION,
> }
>
> /** The types of access which may need user permission. */
> @@ -208,6 +210,40 @@
> }
>
> /**
> + * Present a dialog to the user asking them for authentication information,
> + * and returns the user's response. The caller must have
> + * NetPermission("requestPasswordAuthentication") for this to work.
> + *
> + * @param host The host for with authentication is needed
> + * @param port The port being accessed
> + * @param prompt The prompt (realm) as presented by the server
> + * @param type The type of server (proxy/web)
> + * @return an array of objects representing user's authentication tokens
> + * @throws SecurityException if the caller does not have the appropriate permissions.
> + */
> + public static Object[] showAuthenicationPrompt(String host, int port, String prompt, String type) {
> +
> + SecurityManager sm = System.getSecurityManager();
> + if (sm != null) {
> + NetPermission requestPermission
> + = new NetPermission("requestPasswordAuthentication");
> + sm.checkPermission(requestPermission);
> + }
> +
> + final SecurityDialogMessage message = new SecurityDialogMessage();
> +
> + message.dialogType = DialogType.AUTHENTICATION;
> + message.extras = new Object[] { host, port, prompt, type };
> +
> + Object response = getUserResponse(message);
> + if (response == null) {
> + return null;
> + } else {
> + return (Object[]) response;
> + }
> + }
> +
> + /**
> * FIXME This is unused. Remove it?
> * @return (0, 1, 2) => (Yes, No, Cancel)
> */
--
Andrew :)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint = F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the distro-pkg-dev
mailing list