use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class SystemClassLoaderAction method checkPackageAccess.
// Invoked by the VM after loading class with this loader.
private void checkPackageAccess(Class<?> cls, ProtectionDomain pd) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (ReflectUtil.isNonPublicProxyClass(cls)) {
for (Class<?> intf : cls.getInterfaces()) {
checkPackageAccess(intf, pd);
}
return;
}
final String name = cls.getName();
final int i = name.lastIndexOf('.');
if (i != -1) {
AccessController.doPrivileged(new PrivilegedAction<Void>() {
public Void run() {
sm.checkPackageAccess(name.substring(0, i));
return null;
}
}, new AccessControlContext(new ProtectionDomain[] { pd }));
}
}
domains.add(pd);
}
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class ServerNotifForwarder method checkMBeanPermission.
static void checkMBeanPermission(final MBeanServer mbs, final ObjectName name, final String actions) throws InstanceNotFoundException, SecurityException {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
AccessControlContext acc = AccessController.getContext();
ObjectInstance oi;
try {
oi = AccessController.doPrivileged(new PrivilegedExceptionAction<ObjectInstance>() {
public ObjectInstance run() throws InstanceNotFoundException {
return mbs.getObjectInstance(name);
}
});
} catch (PrivilegedActionException e) {
throw (InstanceNotFoundException) extractException(e);
}
String classname = oi.getClassName();
MBeanPermission perm = new MBeanPermission(classname, null, name, actions);
sm.checkPermission(perm, acc);
}
}
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class Subject method doAs.
/**
* Perform work as a particular {@code Subject}.
*
* <p> This method first retrieves the current Thread's
* {@code AccessControlContext} via
* {@code AccessController.getContext},
* and then instantiates a new {@code AccessControlContext}
* using the retrieved context along with a new
* {@code SubjectDomainCombiner} (constructed using
* the provided {@code Subject}).
* Finally, this method invokes {@code AccessController.doPrivileged},
* passing it the provided {@code PrivilegedAction},
* as well as the newly constructed {@code AccessControlContext}.
*
* <p>
*
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the PrivilegedAction's
* {@code run} method.
*
* @param action the code to be run as the specified
* {@code Subject}. <p>
*
* @return the value returned by the PrivilegedAction's
* {@code run} method.
*
* @exception NullPointerException if the {@code PrivilegedAction}
* is {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
*/
public static <T> T doAs(final Subject subject, final java.security.PrivilegedAction<T> action) {
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(AuthPermissionHolder.DO_AS_PERMISSION);
}
if (action == null)
throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext
// for doPrivileged
final AccessControlContext currentAcc = AccessController.getContext();
// call doPrivileged and push this new context on the stack
return java.security.AccessController.doPrivileged(action, createContext(subject, currentAcc));
}
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class Subject method doAsPrivileged.
/**
* Perform privileged work as a particular {@code Subject}.
*
* <p> This method behaves exactly as {@code Subject.doAs},
* except that instead of retrieving the current Thread's
* {@code AccessControlContext}, it uses the provided
* {@code AccessControlContext}. If the provided
* {@code AccessControlContext} is {@code null},
* this method instantiates a new {@code AccessControlContext}
* with an empty collection of ProtectionDomains.
*
* <p>
*
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the PrivilegedAction's
* {@code run} method.
*
* @param action the code to be run as the specified
* {@code Subject}. <p>
*
* @param acc the {@code AccessControlContext} to be tied to the
* specified <i>subject</i> and <i>action</i>. <p>
*
* @return the value returned by the PrivilegedAction's
* {@code run} method.
*
* @exception NullPointerException if the {@code PrivilegedAction}
* is {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
*/
public static <T> T doAsPrivileged(final Subject subject, final java.security.PrivilegedAction<T> action, final java.security.AccessControlContext acc) {
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(AuthPermissionHolder.DO_AS_PRIVILEGED_PERMISSION);
}
if (action == null)
throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext
// for doPrivileged
final AccessControlContext callerAcc = (acc == null ? new AccessControlContext(NULL_PD_ARRAY) : acc);
// call doPrivileged and push this new context on the stack
return java.security.AccessController.doPrivileged(action, createContext(subject, callerAcc));
}
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class Subject method doAs.
/**
* Perform work as a particular {@code Subject}.
*
* <p> This method first retrieves the current Thread's
* {@code AccessControlContext} via
* {@code AccessController.getContext},
* and then instantiates a new {@code AccessControlContext}
* using the retrieved context along with a new
* {@code SubjectDomainCombiner} (constructed using
* the provided {@code Subject}).
* Finally, this method invokes {@code AccessController.doPrivileged},
* passing it the provided {@code PrivilegedExceptionAction},
* as well as the newly constructed {@code AccessControlContext}.
*
* <p>
*
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the
* PrivilegedExceptionAction's {@code run} method.
*
* @param action the code to be run as the specified
* {@code Subject}. <p>
*
* @return the value returned by the
* PrivilegedExceptionAction's {@code run} method.
*
* @exception PrivilegedActionException if the
* {@code PrivilegedExceptionAction.run}
* method throws a checked exception. <p>
*
* @exception NullPointerException if the specified
* {@code PrivilegedExceptionAction} is
* {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
*/
public static <T> T doAs(final Subject subject, final java.security.PrivilegedExceptionAction<T> action) throws java.security.PrivilegedActionException {
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(AuthPermissionHolder.DO_AS_PERMISSION);
}
if (action == null)
throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext for doPrivileged
final AccessControlContext currentAcc = AccessController.getContext();
// call doPrivileged and push this new context on the stack
return java.security.AccessController.doPrivileged(action, createContext(subject, currentAcc));
}
Aggregations