org.apache.xerces.util: public final class: SecurityManager

org.apache.xerces.util
public final class: SecurityManager [javadoc | source]

java.lang.Object
   org.apache.xerces.util.SecurityManager

This class is a container for parser settings that relate to security, or more specifically, it is intended to be used to prevent denial-of-service attacks from being launched against a system running Xerces. Any component that is aware of a denial-of-service attack that can arise from its processing of a certain kind of document may query its Component Manager for the property (http://apache.org/xml/properties/security-manager) whose value will be an instance of this class. If no value has been set for the property, the component should proceed in the "usual" (spec-compliant) manner. If a value has been set, then it must be the case that the component in question needs to know what method of this class to query. This class will provide defaults for all known security issues, but will also provide setters so that those values can be tailored by applications that care.

author: Neil - Graham, IBM

version: $ - Id: SecurityManager.java 447241 2006-09-18 05:12:57Z mrglavas $

Constructor:
public SecurityManager() { entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT; maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ; } Default constructor. Establishes default values for known security vulnerabilities.

Constructor:

 public SecurityManager() {
                      
        entityExpansionLimit = DEFAULT_ENTITY_EXPANSION_LIMIT;
        maxOccurLimit = DEFAULT_MAX_OCCUR_NODE_LIMIT ;
}

Default constructor. Establishes default values for known security vulnerabilities.

Method from org.apache.xerces.util.SecurityManager Summary:
getEntityExpansionLimit, getMaxOccurNodeLimit, setEntityExpansionLimit, setMaxOccurNodeLimit

Methods from java.lang.Object:
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from org.apache.xerces.util.SecurityManager Detail:
public int getEntityExpansionLimit() { return entityExpansionLimit; } Returns the number of entity expansions that the parser permits in a document.
public int getMaxOccurNodeLimit() { return maxOccurLimit; } Returns the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".
public void setEntityExpansionLimit(int limit) { entityExpansionLimit = limit; } Sets the number of entity expansions that the parser should permit in a document.
public void setMaxOccurNodeLimit(int limit) { maxOccurLimit = limit; } Sets the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".

Method from org.apache.xerces.util.SecurityManager Detail:

 public int getEntityExpansionLimit() {
        return entityExpansionLimit;
}

Returns the number of entity expansions that the parser permits in a document.

 public int getMaxOccurNodeLimit() {
        return maxOccurLimit;
}

Returns the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".

 public  void setEntityExpansionLimit(int limit) {
        entityExpansionLimit = limit;
}

Sets the number of entity expansions that the parser should permit in a document.

 public  void setMaxOccurNodeLimit(int limit) {
        maxOccurLimit = limit;
}

Sets the limit of the number of content model nodes that may be created when building a grammar for a W3C XML Schema that contains maxOccurs attributes with values other than "unbounded".