Package org.apache.synapse.mediators.bsf.access.control

Class AccessControlUtils

java.lang.Object
org.apache.synapse.mediators.bsf.access.control.AccessControlUtils
public class AccessControlUtils extends Object
Utility methods related to Script Mediator access control.

  • Constructor Summary

    Constructors
    Constructor
    Description
    AccessControlUtils()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static org.graalvm.polyglot.Context.Builder
    createSecureGraalContext(org.apache.synapse.script.access.AccessControlConfig classAccessControlConfig)
    Creates a GraalVM Context.Builder with security restrictions applied as per the provided AccessControlConfig.
    static boolean
    isAccessAllowed(String string, org.apache.synapse.script.access.AccessControlConfig accessControlConfig, Comparator<String> comparator)
    Returns whether the provided string which represents a Java class or native object is accessible or not.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • AccessControlUtils

      public AccessControlUtils()

  • Method Details

    • isAccessAllowed

      public static boolean isAccessAllowed(String string, org.apache.synapse.script.access.AccessControlConfig accessControlConfig, Comparator<String> comparator)
      Returns whether the provided string which represents a Java class or native object is accessible or not. The allowing/blocking will be determined by the provided AccessControlConfig, based on the matching/comparing done as specified in the comparator.
      Parameters:
      string - Java class name or native object name.
      accessControlConfig - Access control config of the Script Mediator.
      comparator - The comparator based on which, the provided Java class/native object name is matched against the provided access control config.
      Returns:
      Whether the access is allowed or not.

    • createSecureGraalContext

      public static org.graalvm.polyglot.Context.Builder createSecureGraalContext(org.apache.synapse.script.access.AccessControlConfig classAccessControlConfig)
      Creates a GraalVM Context.Builder with security restrictions applied as per the provided AccessControlConfig. Since we have used Nashorn compatibility mode, we need to allow experimental options and set the other parameters as below which were the defaults when using the GraalJSEngineFactory directly.
      Parameters:
      classAccessControlConfig - Access control config related to Java class access
      Returns:
      Context.Builder with security restrictions applied