Search in sources :

Example 66 with AccessControlContext

use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.

the class SystemClassLoaderAction method checkPackageAccess.

// Invoked by the VM after loading class with this loader.
private void checkPackageAccess(Class<?> cls, ProtectionDomain pd) {
    final SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        if (ReflectUtil.isNonPublicProxyClass(cls)) {
            for (Class<?> intf : cls.getInterfaces()) {
                checkPackageAccess(intf, pd);
            }
            return;
        }
        final String name = cls.getName();
        final int i = name.lastIndexOf('.');
        if (i != -1) {
            AccessController.doPrivileged(new PrivilegedAction<Void>() {

                public Void run() {
                    sm.checkPackageAccess(name.substring(0, i));
                    return null;
                }
            }, new AccessControlContext(new ProtectionDomain[] { pd }));
        }
    }
    domains.add(pd);
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext)

Example 67 with AccessControlContext

use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.

the class ServerNotifForwarder method checkMBeanPermission.

static void checkMBeanPermission(final MBeanServer mbs, final ObjectName name, final String actions) throws InstanceNotFoundException, SecurityException {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        AccessControlContext acc = AccessController.getContext();
        ObjectInstance oi;
        try {
            oi = AccessController.doPrivileged(new PrivilegedExceptionAction<ObjectInstance>() {

                public ObjectInstance run() throws InstanceNotFoundException {
                    return mbs.getObjectInstance(name);
                }
            });
        } catch (PrivilegedActionException e) {
            throw (InstanceNotFoundException) extractException(e);
        }
        String classname = oi.getClassName();
        MBeanPermission perm = new MBeanPermission(classname, null, name, actions);
        sm.checkPermission(perm, acc);
    }
}
Also used : AccessControlContext(java.security.AccessControlContext) PrivilegedActionException(java.security.PrivilegedActionException) MBeanPermission(javax.management.MBeanPermission) ObjectInstance(javax.management.ObjectInstance) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)

Example 68 with AccessControlContext

use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.

the class Subject method doAs.

/**
     * Perform work as a particular {@code Subject}.
     *
     * <p> This method first retrieves the current Thread's
     * {@code AccessControlContext} via
     * {@code AccessController.getContext},
     * and then instantiates a new {@code AccessControlContext}
     * using the retrieved context along with a new
     * {@code SubjectDomainCombiner} (constructed using
     * the provided {@code Subject}).
     * Finally, this method invokes {@code AccessController.doPrivileged},
     * passing it the provided {@code PrivilegedAction},
     * as well as the newly constructed {@code AccessControlContext}.
     *
     * <p>
     *
     * @param subject the {@code Subject} that the specified
     *                  {@code action} will run as.  This parameter
     *                  may be {@code null}. <p>
     *
     * @param <T> the type of the value returned by the PrivilegedAction's
     *                  {@code run} method.
     *
     * @param action the code to be run as the specified
     *                  {@code Subject}. <p>
     *
     * @return the value returned by the PrivilegedAction's
     *                  {@code run} method.
     *
     * @exception NullPointerException if the {@code PrivilegedAction}
     *                  is {@code null}. <p>
     *
     * @exception SecurityException if the caller does not have permission
     *                  to invoke this method.
     */
public static <T> T doAs(final Subject subject, final java.security.PrivilegedAction<T> action) {
    java.lang.SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        sm.checkPermission(AuthPermissionHolder.DO_AS_PERMISSION);
    }
    if (action == null)
        throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
    // set up the new Subject-based AccessControlContext
    // for doPrivileged
    final AccessControlContext currentAcc = AccessController.getContext();
    // call doPrivileged and push this new context on the stack
    return java.security.AccessController.doPrivileged(action, createContext(subject, currentAcc));
}
Also used : AccessControlContext(java.security.AccessControlContext)

Example 69 with AccessControlContext

use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.

the class Subject method doAsPrivileged.

/**
     * Perform privileged work as a particular {@code Subject}.
     *
     * <p> This method behaves exactly as {@code Subject.doAs},
     * except that instead of retrieving the current Thread's
     * {@code AccessControlContext}, it uses the provided
     * {@code AccessControlContext}.  If the provided
     * {@code AccessControlContext} is {@code null},
     * this method instantiates a new {@code AccessControlContext}
     * with an empty collection of ProtectionDomains.
     *
     * <p>
     *
     * @param subject the {@code Subject} that the specified
     *                  {@code action} will run as.  This parameter
     *                  may be {@code null}. <p>
     *
     * @param <T> the type of the value returned by the PrivilegedAction's
     *                  {@code run} method.
     *
     * @param action the code to be run as the specified
     *                  {@code Subject}. <p>
     *
     * @param acc the {@code AccessControlContext} to be tied to the
     *                  specified <i>subject</i> and <i>action</i>. <p>
     *
     * @return the value returned by the PrivilegedAction's
     *                  {@code run} method.
     *
     * @exception NullPointerException if the {@code PrivilegedAction}
     *                  is {@code null}. <p>
     *
     * @exception SecurityException if the caller does not have permission
     *                  to invoke this method.
     */
public static <T> T doAsPrivileged(final Subject subject, final java.security.PrivilegedAction<T> action, final java.security.AccessControlContext acc) {
    java.lang.SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        sm.checkPermission(AuthPermissionHolder.DO_AS_PRIVILEGED_PERMISSION);
    }
    if (action == null)
        throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
    // set up the new Subject-based AccessControlContext
    // for doPrivileged
    final AccessControlContext callerAcc = (acc == null ? new AccessControlContext(NULL_PD_ARRAY) : acc);
    // call doPrivileged and push this new context on the stack
    return java.security.AccessController.doPrivileged(action, createContext(subject, callerAcc));
}
Also used : AccessControlContext(java.security.AccessControlContext)

Example 70 with AccessControlContext

use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.

the class Subject method doAs.

/**
     * Perform work as a particular {@code Subject}.
     *
     * <p> This method first retrieves the current Thread's
     * {@code AccessControlContext} via
     * {@code AccessController.getContext},
     * and then instantiates a new {@code AccessControlContext}
     * using the retrieved context along with a new
     * {@code SubjectDomainCombiner} (constructed using
     * the provided {@code Subject}).
     * Finally, this method invokes {@code AccessController.doPrivileged},
     * passing it the provided {@code PrivilegedExceptionAction},
     * as well as the newly constructed {@code AccessControlContext}.
     *
     * <p>
     *
     * @param subject the {@code Subject} that the specified
     *                  {@code action} will run as.  This parameter
     *                  may be {@code null}. <p>
     *
     * @param <T> the type of the value returned by the
     *                  PrivilegedExceptionAction's {@code run} method.
     *
     * @param action the code to be run as the specified
     *                  {@code Subject}. <p>
     *
     * @return the value returned by the
     *                  PrivilegedExceptionAction's {@code run} method.
     *
     * @exception PrivilegedActionException if the
     *                  {@code PrivilegedExceptionAction.run}
     *                  method throws a checked exception. <p>
     *
     * @exception NullPointerException if the specified
     *                  {@code PrivilegedExceptionAction} is
     *                  {@code null}. <p>
     *
     * @exception SecurityException if the caller does not have permission
     *                  to invoke this method.
     */
public static <T> T doAs(final Subject subject, final java.security.PrivilegedExceptionAction<T> action) throws java.security.PrivilegedActionException {
    java.lang.SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        sm.checkPermission(AuthPermissionHolder.DO_AS_PERMISSION);
    }
    if (action == null)
        throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
    // set up the new Subject-based AccessControlContext for doPrivileged
    final AccessControlContext currentAcc = AccessController.getContext();
    // call doPrivileged and push this new context on the stack
    return java.security.AccessController.doPrivileged(action, createContext(subject, currentAcc));
}
Also used : AccessControlContext(java.security.AccessControlContext)

Aggregations

AccessControlContext (java.security.AccessControlContext)96 Subject (javax.security.auth.Subject)23 ProtectionDomain (java.security.ProtectionDomain)20 PrivilegedAction (java.security.PrivilegedAction)18 Permissions (java.security.Permissions)13 PrivilegedActionException (java.security.PrivilegedActionException)12 IOException (java.io.IOException)10 SocketPermission (java.net.SocketPermission)10 Test (org.testng.annotations.Test)8 Principal (java.security.Principal)7 DatagramSocket (java.net.DatagramSocket)5 InetAddress (java.net.InetAddress)4 MulticastSocket (java.net.MulticastSocket)4 CodeSource (java.security.CodeSource)4 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)4 ExecutorService (java.util.concurrent.ExecutorService)4 RejectedExecutionException (java.util.concurrent.RejectedExecutionException)4 ReflectionException (javax.management.ReflectionException)4 Test (org.junit.Test)4 InvocationTargetException (java.lang.reflect.InvocationTargetException)3