Permalink
Browse files

Cleaning, deleting and reorganising

git-svn-id: https://svn.apache.org/repos/asf/river/jtsk/trunk@1302083 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information...
1 parent 5b2f084 commit 1fa705cdeda179540b038bb28d7a6bce51c08001 Peter Firmstone committed Mar 18, 2012
View
@@ -362,6 +362,9 @@
<package name="net.jini.url.file"/>
<package name="net.jini.url.httpmd"/>
<package name="net.jini.url.https"/>
+ <package name="org.apache.river.api.lookup"/>
+ <package name="org.apache.river.api.security"/>
+ <package name="org.apache.river.api.util"/>
</javadoc>
<mkdir dir="${doc.api.dir}/doc-files"/>
<copy file="NOTICE" tofile="${doc.api.dir}/doc-files/NOTICE.txt"/>
@@ -523,6 +526,7 @@
<copy todir="lib">
<fileset refid="asm.jars"/>
<fileset refid="high-scale-lib.jars"/>
+ <fileset refid="reference-collections.jar"/>
</copy>
</target>
@@ -2176,7 +2180,7 @@
<target name="prep-tests" depends="">
<mkdir dir="${test.classes.dir}"/>
<mkdir dir="${test.results.dir}"/>
- <copy file="high-scale-lib/high-scale-lib.jar" todir="test/lib"/>
+ <copy file="dep-libs/high-scale-lib/high-scale-lib.jar" todir="test/lib"/>
</target>
<target name="clean-tests" depends="">
View
@@ -207,14 +207,16 @@
<file name="phoenix-init.jar"/>
<file name="tools.jar"/>
<file name="classserver.jar"/>
+ <file name="reference-collections-1.0.0.jar"/>
+ <file name="high-scale-lib.jar"/>
</filelist>
</move>
<move file="${river.lib-ext.dir}/jsk-policy.jar" todir="${jtreg.dir}/JTlib-tmp"/>
<jtreg dir="${jtreg.dir}" verbose="all,nopass" failonerror="false"
errorproperty="jtreg.fail" failureproperty="jtreg.fail"
reportdir="${jtreg.dir}/JTreport" workdir="${jtreg.dir}/JTwork"
jdk="${jdk1.5.home}">
- <arg value="-cpa:${jtlib.tmp}/jsk-policy.jar${path.separator}${jtlib.tmp}/jsk-lib.jar${path.separator}${jtlib.tmp}/jsk-platform.jar${path.separator}${jtlib.tmp}/jsk-resources.jar${path.separator}${jtlib.tmp}/phoenix-init.jar${path.separator}${jtlib.tmp}/tools.jar${path.separator}${jtlib.tmp}/classserver.jar"/>
+ <arg value="-cpa:${jtlib.tmp}/jsk-policy.jar${path.separator}${jtlib.tmp}/jsk-lib.jar${path.separator}${jtlib.tmp}/jsk-platform.jar${path.separator}${jtlib.tmp}/jsk-resources.jar${path.separator}${jtlib.tmp}/phoenix-init.jar${path.separator}${jtlib.tmp}/tools.jar${path.separator}${jtlib.tmp}/classserver.jar${path.separator}${jtlib.tmp}/reference-collections-1.0.0.jar${path.separator}${jtlib.tmp}/high-scale-lib.jar"/>
<arg value="-timeout:8"/>
<!--<arg value="-Djsk.home=${river.home}"/>-->
<arg value="-Djtlib.tmp=${jtlib.tmp}"/>
@@ -251,6 +253,8 @@
<file name="phoenix-init.jar"/>
<file name="tools.jar"/>
<file name="classserver.jar"/>
+ <file name="reference-collections-1.0.0.jar"/>
+ <file name="high-scale-lib.jar"/>
</filelist>
</move>
<move file="${jtreg.dir}/JTlib-tmp/jsk-policy.jar" todir="${river.lib-ext.dir}"/>
@@ -269,6 +273,8 @@
<file name="phoenix-init.jar"/>
<file name="tools.jar"/>
<file name="classserver.jar"/>
+ <file name="reference-collections-1.0.0.jar"/>
+ <file name="high-scale-lib.jar"/>
</filelist>
</move>
<move file="${jtreg.dir}/JTlib-tmp/jsk-policy.jar" todir="${river.lib-ext.dir}"/>
@@ -331,6 +337,7 @@
<include name="jsk-platform.jar"/>
<include name="jsk-lib.jar"/>
<include name="high-scale-lib.jar"/>
+ <include name="reference-collections-1.0.0.jar"/>
</fileset>
</classpath>
<env key="SOUL" value="${soul}"/>
@@ -605,7 +605,7 @@ String getWrapperClassName() {
// Uncomment the following line if you want to debug permission requests
// cmdList.add("-Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager");
// cmdList.add("-Djava.security.manager=java.lang.SecurityManager");
- cmdList.add("-Djava.security.manager=org.apache.river.api.security.DelegateCombinerSecurityManager");
+ cmdList.add("-Djava.security.manager=org.apache.river.api.security.CombinerSecurityManager");
cmdList.add("-Djava.security.policy=" + getPolicyFile());
if (getCodebase() != null) {
cmdList.add("-Djava.rmi.server.codebase=" + getCodebase());
@@ -214,7 +214,7 @@ com.sun.jini.qa.harness.actdeathdelay=5
# You might find the following debugging options useful
# -Djava.security.debug=access:failure,\
# -Djava.security.manager=com.sun.jini.tool.ProfilingSecurityManager,\
-# -Djava.security.manager=org.apache.river.api.security.DelegateCombinerSecurityManager,\
+# -Djava.security.manager=org.apache.river.api.security.CombinerSecurityManager,\
# -Dpolicy.provider=net.jini.security.policy.DynamicPolicyProvider,\
# -Djava.security.manager=java.rmi.RMISecurityManager,\
@@ -252,11 +252,11 @@ testPolicyfile=<url:harness/policy/defaulttest.policy>
# The default classpath. This property must be defined, and must include
# all Jini dependencies as components
-testClasspath=<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar
+testClasspath=<harnessJar>$:<testJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar$:${com.sun.jini.jsk.home}$/lib$/reference-collections-1.0.0.jar
# Alternate test classpath, for tests that don't use <testJar>
#
-altClasspath=<harnessJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar
+altClasspath=<harnessJar>$:${com.sun.jini.jsk.home}$/lib$/jsk-platform.jar$:${com.sun.jini.jsk.home}$/lib$/jsk-lib.jar$:${com.sun.jini.jsk.home}$/lib$/high-scale-lib.jar$:${com.sun.jini.jsk.home}$/lib$/reference-collections-1.0.0.jar
#
# Services run with server vm; test runs with client vm
@@ -19,6 +19,7 @@
package net.jini.security.policy;
import org.apache.river.api.security.ConcurrentPolicy;
+import org.apache.river.api.security.ConcurrentPolicyFile;
import java.io.IOException;
import java.rmi.RemoteException;
import org.apache.river.api.security.CachingSecurityManager;
@@ -79,10 +80,7 @@
* by granting additional permissions, this implementation adds an experimental
* feature for revoking permissions, however there are some caveats:</p>
*
- * <p>Background: if ProtectionDomain.toString(), is called a ProtectionDomain will
- * merge Permissions, from the policy with those in the ProtectionDomain,
- * in a new private instance of Permissions, thus a ProtectionDomain cannot have
- * Permission's removed, only additional merged. A ProtectionDomain must
+ * <p>A ProtectionDomain must
* be created with the dynamic constructor otherwise it will never consult
* the policy. The AccessController.checkPermission(Permission) method
* consults the current AccessControlContext, which contains all
@@ -115,43 +113,31 @@
*
* <p>So in order to prevent dynamic grants from finding
* their way into a ProtectionDomain's private PermissionCollection,
- * one would have to ensure that no dynamically grantable permissions are
+ * this policy ensures that no dynamically grantable permissions are
* returned via the method:</p>
* <p>
- * getPermissions(ProtectionDomain domain) and
* getPermissions(Codesource source) as a precaution.
* </p>
- * <p>This is different to the behaviour of the existing Jini 2.0
+ * <p>This is different to the behaviour of the previous Jini 2.0
* DynamicPolicyProvider implementation where dynamically granted Permissions
- * are added and can escape into the ProtectionDomain's private PermissionCollection.
- *
- * However when a Policy is checked via implies(ProtectionDomain d, Permission p)
- * this implementation checks the dynamic grants
- *
- * This means that if a DynamicPolicy is utilised as the base Policy class
- * and if it returns dynamically granted permissions, then those permissions
- * cannot be revoked.</p>
+ * could escape into the ProtectionDomain's private PermissionCollection.
+ * /p>
* <p>
* It is thus recommended that Static policy files only be used for setting
* up your privileged code and use UmbrellaGrantPermission's and grant
- * all other Permission's using dynamic grants. This minimises the double
- * checking of Permission, that occurs when a ProtectionDomain is constructed
- * so it contains a default PermissionCollection that is not null.
+ * all other Permission's using dynamic grants.
*
* </p><p>
* To make the best utilisation of this Policy provider, set the System property:
* </p>,<p>
* net.jini.security.policy.PolicyFileProvider.basePolicyClass =
* org.apache.river.security.concurrent.ConcurrentPolicyFile
* </p>
- * @author Peter Firmstone
- * @version 1
- * @since 2.2
+ * @since 2.0
* @see ProtectionDomain
* @see Policy
* @see ConcurrentPolicyFile
* @see net.jini.security.policy.PolicyFileProvider
- * @see ConcurrentPermissionCollection
* @see CachingSecurityManager
* @see RemotePolicy
*/
@@ -330,7 +316,7 @@ public DynamicPolicyProvider(Policy basePolicy){
policyPermissions.setReadOnly();
}
- /**
+ /*
* OLD COMMENT:
*
* Ensures that any classes depended on by this policy provider are
@@ -37,7 +37,8 @@
* Note: This class is not threadsafe, use external synchronization if required.
*
* Suggested by Dan Creswell.
- * @author peter
+ * @author Peter Firmstone.
+ * @since 2.2.1
*/
public class DefaultEntries {
private final Set<Class> entrys;
@@ -54,6 +54,7 @@
* by calling #getServiceItem().
* </p>
* @author Peter Firmstone.
+ * @since 2.2.1
*/
public abstract class ServiceItemClasspathSub extends ServiceItem{
private static final long SerialVersionUID = 1L;
@@ -39,6 +39,7 @@
* New instances can be created as required.
* <p>
* @author Peter Firmstone.
+ * @since 2.2.1
*/
public class ServiceResultStreamFilter implements ResultStream<ServiceItem> {
private final List<ServiceItemFilter> filters;
@@ -31,6 +31,7 @@
* proxy verification, or applying constraints.
*
* @author Peter Firmstone.
+ * @since 2.1.1
* @see ServiceItemClasspathSub.
* @see StreamServiceRegistrar
*/
@@ -37,16 +37,12 @@
* (on both StreamServiceRegistrar and ServiceRegistration) is atomic with
* respect to other invocations.
* <p></p>
- * The StreamServiceRegistrar is intended to perform the same function
- * as the ServiceRegistrar, but with the ability to return results as a
+ * StreamServiceRegistrar is intended to perform the same function
+ * as ServiceRegistrar, but with the ability to return results as a
* stream, so memory consumption is minimised at the client and network
* communication is minimised between the client and lookup service server.
- * <p></p>
- * All clients utilising ServiceRegistrar, should switch to the
- * StreamServiceRegistrar.
* <p>
* @see ServiceRegistrar
- * @see PortableServiceRegistrar
* @see ServiceRegistration
* @author Peter Firmstone
* @since 2.2.1
@@ -32,6 +32,7 @@
* See "Inside Java 2 Platform Security" 2nd Edition, ISBN:0-201-78791-1, page 176.
*
* @author Peter Firmstone.
+ * @since 2.2.1
*/
public interface CachingSecurityManager {
@@ -54,9 +54,12 @@
/**
* CombinerSecurityManager, is intended to be a highly scalable
- * SecurityManager implementation that softly caches the results of security checks
+ * SecurityManager implementation that caches the results of security checks
* for each context, which may be an instance of SecurityContext or
- * AccessControlContext.
+ * AccessControlContext. Stale records are pruned from the cache.
+ *
+ * The cache utilises Cliff Click's NonBlockingHashMap and Doug Lee's
+ * ConcurrentSkipListSet.
*
* This SecurityManager should be tuned for garbage collection for a large
* young generation heap, since many young objects are created and discarded.
@@ -19,7 +19,6 @@
package org.apache.river.api.security;
import java.io.Serializable;
-import java.lang.reflect.Constructor;
import java.security.AllPermission;
import java.security.Permission;
import java.security.PermissionCollection;
@@ -41,11 +40,11 @@
/**
- * ConcurrentPermission's is a replacement for java.security.Permissions.
+ * ConcurrentPermissions is a replacement for java.security.Permissions.
*
* This was originally intended to be used as a policy cache, it turns out
- * that a policy cache is not needed, due to the efficiency of
- * URLGrant.implies(ProtectionDomain pd). Scalability is better without
+ * that a policy cache is not needed, due to the efficiency of package private
+ * URIGrant.implies(ProtectionDomain pd). Scalability is better without
* a policy cache because PermissionGrant's are immutable, have no mutable shared
* state and are therefore not likely to causing cache misses.
*
@@ -73,9 +72,10 @@
* added during an Enumeration.
*
* TODO: Serialization properly
- * @version 0.4 2009/11/10
+ * @version 0.5 2012/04/18
*
* @author Peter Firmstone
+ * @since 2.2.1
* @serial permsMap
*/
public final class ConcurrentPermissions extends PermissionCollection
@@ -57,19 +57,22 @@
/**
+ * <p>
* Concurrent Policy implementation based on policy configuration files,
* it is intended to provide concurrent implies() for greatly improved
- * throughput at the expense of memory usage.
- *
+ * throughput. Caching limits scalability and consumes shared memory,
+ * so no cache exists.
+ * </p><p>
* Set the following system properties to use this Policy instead of the
* built in Java sun.security.provider.PolicyFile:
- *
+ * </p>
+ * <pre>
* net.jini.security.policy.PolicyFileProvider.basePolicyClass =
* org.apache.river.security.concurrent.ConcurrentPolicyFile
- *
+ * </pre>
*
* This
- * implementation recognizes text files, consisting of clauses with the
+ * implementation recognises text files, consisting of clauses with the
* following syntax:
*
* <pre>
@@ -154,13 +157,9 @@
* </dl>
* <br>
* <br>
- * This implementation is thread-safe. The policy caches sets of calculated
- * permissions for the requested objects (ProtectionDomains and CodeSources) via
- * WeakHashMap; the cache is cleaned either explicitly during refresh()
- * invocation, or naturally by garbage-collecting the corresponding objects.
- *
- * @see org.apache.harmony.security.PolicyUtils#getPolicyURLs(Properties, String,
- * String)
+ * This implementation is thread-safe and scalable.
+ * @author Peter Firmstone.
+ * @since 2.2.1
*/
public class ConcurrentPolicyFile extends Policy implements ConcurrentPolicy {
@@ -49,6 +49,7 @@
* FilePermissionCollection.
*
* @author Peter Firmstone.
+ * @since 2.2.1
*/
public class PermissionComparator implements Comparator<Permission>, Serializable {
private static final long serialVersionUID = 1L;
Oops, something went wrong.

0 comments on commit 1fa705c

Please sign in to comment.