org.apache.xerces.util
Class SecurityManager

java.lang.Object
  extended by org.apache.xerces.util.SecurityManager

public final class SecurityManager
extends java.lang.Object

This class is a container for parser settings that relate to security, or more specifically, it is intended to be used to prevent denial-of-service attacks from being launched against a system running Xerces. Any component that is aware of a denial-of-service attack that can arise from its processing of a certain kind of document may query its Component Manager for the property (http://apache.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care.

Version:
$Id: SecurityManager.java 447241 2006-09-18 05:12:57Z mrglavas $
Author:
Neil Graham, IBM

Constructor Summary
SecurityManager()
          Default constructor.
 
Method Summary
 int getEntityExpansionLimit()
          Returns the number of entity expansions that the parser permits in a document.
 int getMaxOccurNodeLimit()
          Returns the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".
 void setEntityExpansionLimit(int limit)
          Sets the number of entity expansions that the parser should permit in a document.
 void setMaxOccurNodeLimit(int limit)
          Sets the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityManager

public SecurityManager()
Default constructor. Establishes default values for known security vulnerabilities.

Method Detail

setEntityExpansionLimit

public void setEntityExpansionLimit(int limit)

Sets the number of entity expansions that the parser should permit in a document.

Parameters:
limit - the number of entity expansions permitted in a document

getEntityExpansionLimit

public int getEntityExpansionLimit()

Returns the number of entity expansions that the parser permits in a document.

Returns:
the number of entity expansions permitted in a document

setMaxOccurNodeLimit

public void setMaxOccurNodeLimit(int limit)

Sets the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".

Parameters:
limit - the maximum value for maxOccurs other than "unbounded"

getMaxOccurNodeLimit

public int getMaxOccurNodeLimit()

Returns the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".

Returns:
the maximum value for maxOccurs other than "unbounded"


Copyright 1999-2010 The Apache Software Foundation. All Rights Reserved.