import java.io.*;
import java.awt.*;
import java.awt.print.*;
import java.net.*;
import java.security.*;
import org.w3c.dom.*;
import org.w3c.dom.html.*;
import org.w3c.dom.events.*;
import com.ibm.weblet.*;
// Demonstrate security-sensitive operations in weblets
public class SecurityOps implements Weblet {
private WebletContext m_engine;
HTMLDocument doc;
public void init( WebletContext engine ){
m_engine = engine;
doc = m_engine.getOwnerDocument();
}
// convenience for putting output to document divisions
void putOut(String divisionName, String message){
Element division = doc.getElementById(divisionName);
division.appendChild( doc.createTextNode(message) );
division.appendChild( doc.createElement("br") );
}
public void start() {
// ------------------------------------------ Read a local file
try {
String fn = "SecurityOps.java";
putOut("readFileDiv", "Attempt to read local file...");
File f = new File(fn);
DataInputStream dis;
if (f.exists()) {
dis = new DataInputStream(new BufferedInputStream(new
FileInputStream(fn),128));
putOut( "readFileDiv", "First line is: " + dis.readLine() );
} else {
putOut( "readFileDiv", "But... " + fn + " doesn't exist!");
}
} catch (Exception e) {
putOut( "readFileDiv", e.getClass().getName() + ": " +
e.getMessage() );
}
// ----------------------------------------- Read visible properties
try {
putOut("propertiesDiv", "OS: " + System.getProperty("os.name") );
} catch (Exception e) {
putOut("propertiesDiv", e.getClass().getName() +": "+ e.getMessage());
}
// ----------------------------------------- Read hidden properties
try {
putOut("hiddenDiv", "User Name: " + System.getProperty("user.name") );
} catch (Exception e) {
putOut("hiddenDiv", e.getClass().getName() +": "+ e.getMessage());
}
// ----------------------------------- Get the current Security Policy
try {
putOut("policyDiv", "Attempting Policy.getPolicy()...");
Policy p = Policy.getPolicy();
putOut( "policyDiv", "Got: "+ p.toString() );
} catch (Exception e) {
putOut("policyDiv", e.getClass().getName() +": "+ e.getMessage());
}
// --------------------------------------------- Shut down the JVM
try {
putOut("killDiv", "Attempt System.exit(0)...");
System.exit(0);
} catch (Exception e) {
putOut("killDiv", e.getClass().getName() + ": "+ e.getMessage());
}
// ---------------------------------------------- Create a Print Job
try {
putOut("printDiv", "Print from a Weblet...");
PrinterJob job = PrinterJob.getPrinterJob();
job.setPrintable(new Printable() {
public int print(Graphics g, PageFormat
format, int index)
throws PrinterException {
if (index>0) return NO_SUCH_PAGE; //
prints one page
else {
g.setColor(Color.black);
int ascent =
g.getFontMetrics(g.getFont()).getAscent();
g.drawString("Hello, Weblet!",
(int)format.getImageableX(),
(int)format.getImageableY() + ascent);
return PAGE_EXISTS;
}
}
}
);
job.print();
putOut("printDiv", "...printing succeeded.");
} catch (Exception e) {
putOut("printDiv", e.getClass().getName() +": "+ e.getMessage());
e.printStackTrace(System.err);
}
// ------------------------------------------ Connect to the host
try {
String myUrl = doc.getURL();
String myHost = new URL(myUrl).getHost();
putOut("hostDiv", "Connect to host: " + myHost + "...");
Socket sHome = new Socket(myHost, 80, true);
sHome.close();
putOut("hostDiv", " ...socket created & closed.");
} catch (Exception e) {
putOut("hostDiv",
e.getClass().getName() +": " + e.getMessage() );
}
// ----------------------------------------Connect to www.ibm.com
try {
String server = "www.ibm.com";
putOut("serverDiv", "Connect to host: " + server + "...");
Socket sHome = new Socket(server, 80, true);
sHome.close();
putOut("serverDiv", " ...socket created & closed.");
} catch (Exception e) {
putOut("serverDiv",
e.getClass().getName() +": " + e.getMessage() );
}
}
public void stop(){}
public void destroy(){}
} // class SecurityOps
|
