Example 36 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class Krb5AcceptCredential method getInstance.
static Krb5AcceptCredential getInstance(final GSSCaller caller, Krb5NameElement name) throws GSSException {
final String serverPrinc = (name == null ? null : name.getKrb5PrincipalName().getName());
final AccessControlContext acc = AccessController.getContext();
ServiceCreds creds = null;
try {
creds = AccessController.doPrivileged(new PrivilegedExceptionAction<ServiceCreds>() {
public ServiceCreds run() throws Exception {
return Krb5Util.getServiceCreds(caller == GSSCaller.CALLER_UNKNOWN ? GSSCaller.CALLER_ACCEPT : caller, serverPrinc, acc);
}
});
} catch (PrivilegedActionException e) {
GSSException ge = new GSSException(GSSException.NO_CRED, -1, "Attempt to obtain new ACCEPT credentials failed!");
ge.initCause(e.getException());
throw ge;
}
if (creds == null)
throw new GSSException(GSSException.NO_CRED, -1, "Failed to find any Kerberos credentails");
if (name == null) {
String fullName = creds.getName();
if (fullName != null) {
name = Krb5NameElement.getInstance(fullName, Krb5MechFactory.NT_GSS_KRB5_PRINCIPAL);
}
}
return new Krb5AcceptCredential(name, creds);
}
Also used :
AccessControlContext(java.security.AccessControlContext)
PrivilegedActionException(java.security.PrivilegedActionException)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
Example 37 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class RMIConnectionImpl method withPermissions.
private static AccessControlContext withPermissions(Permission... perms) {
Permissions col = new Permissions();
for (Permission thePerm : perms) {
col.add(thePerm);
}
final ProtectionDomain pd = new ProtectionDomain(null, col);
return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
AccessControlContext(java.security.AccessControlContext)
Permissions(java.security.Permissions)
Permission(java.security.Permission)
Example 38 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class RMIConnectionImpl method doPrivilegedOperation.
private Object doPrivilegedOperation(final int operation, final Object[] params, final Subject delegationSubject) throws PrivilegedActionException, IOException {
serverCommunicatorAdmin.reqIncoming();
try {
final AccessControlContext reqACC;
if (delegationSubject == null)
reqACC = acc;
else {
if (subject == null) {
final String msg = "Subject delegation cannot be enabled unless " + "an authenticated subject is put in place";
throw new SecurityException(msg);
}
reqACC = subjectDelegator.delegatedContext(acc, delegationSubject, removeCallerContext);
}
PrivilegedOperation op = new PrivilegedOperation(operation, params);
if (reqACC == null) {
try {
return op.run();
} catch (Exception e) {
if (e instanceof RuntimeException)
throw (RuntimeException) e;
throw new PrivilegedActionException(e);
}
} else {
return AccessController.doPrivileged(op, reqACC);
}
} catch (Error e) {
throw new JMXServerErrorException(e.toString(), e);
} finally {
serverCommunicatorAdmin.rspOutgoing();
}
}
Also used :
AccessControlContext(java.security.AccessControlContext)
PrivilegedActionException(java.security.PrivilegedActionException)
JMXServerErrorException(javax.management.remote.JMXServerErrorException)
UnmarshalException(java.rmi.UnmarshalException)
JMXServerErrorException(javax.management.remote.JMXServerErrorException)
PrivilegedActionException(java.security.PrivilegedActionException)
IOException(java.io.IOException)
Example 39 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class Subject method doAsPrivileged.
/**
* Perform privileged work as a particular {@code Subject}.
*
* <p> This method behaves exactly as {@code Subject.doAs},
* except that instead of retrieving the current Thread's
* {@code AccessControlContext}, it uses the provided
* {@code AccessControlContext}. If the provided
* {@code AccessControlContext} is {@code null},
* this method instantiates a new {@code AccessControlContext}
* with an empty collection of ProtectionDomains.
*
* <p>
*
* @param subject the {@code Subject} that the specified
* {@code action} will run as. This parameter
* may be {@code null}. <p>
*
* @param <T> the type of the value returned by the
* PrivilegedExceptionAction's {@code run} method.
*
* @param action the code to be run as the specified
* {@code Subject}. <p>
*
* @param acc the {@code AccessControlContext} to be tied to the
* specified <i>subject</i> and <i>action</i>. <p>
*
* @return the value returned by the
* PrivilegedExceptionAction's {@code run} method.
*
* @exception PrivilegedActionException if the
* {@code PrivilegedExceptionAction.run}
* method throws a checked exception. <p>
*
* @exception NullPointerException if the specified
* {@code PrivilegedExceptionAction} is
* {@code null}. <p>
*
* @exception SecurityException if the caller does not have permission
* to invoke this method.
*/
public static <T> T doAsPrivileged(final Subject subject, final java.security.PrivilegedExceptionAction<T> action, final java.security.AccessControlContext acc) throws java.security.PrivilegedActionException {
java.lang.SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(AuthPermissionHolder.DO_AS_PRIVILEGED_PERMISSION);
}
if (action == null)
throw new NullPointerException(ResourcesMgr.getString("invalid.null.action.provided"));
// set up the new Subject-based AccessControlContext for doPrivileged
final AccessControlContext callerAcc = (acc == null ? new AccessControlContext(NULL_PD_ARRAY) : acc);
// call doPrivileged and push this new context on the stack
return java.security.AccessController.doPrivileged(action, createContext(subject, callerAcc));
}
Also used :
AccessControlContext(java.security.AccessControlContext)
Example 40 with AccessControlContext
use of java.security.AccessControlContext in project jdk8u_jdk by JetBrains.
the class RepaintManager method validateInvalidComponents.
/**
* Validate all of the components that have been marked invalid.
* @see #addInvalidComponent
*/
public void validateInvalidComponents() {
final java.util.List<Component> ic;
synchronized (this) {
if (invalidComponents == null) {
return;
}
ic = invalidComponents;
invalidComponents = null;
}
int n = ic.size();
for (int i = 0; i < n; i++) {
final Component c = ic.get(i);
AccessControlContext stack = AccessController.getContext();
AccessControlContext acc = AWTAccessor.getComponentAccessor().getAccessControlContext(c);
javaSecurityAccess.doIntersectionPrivilege(new PrivilegedAction<Void>() {
public Void run() {
c.validate();
return null;
}
}, stack, acc);
}
}
Also used :
java.util(java.util)
AccessControlContext(java.security.AccessControlContext)
Aggregations
AccessControlContext (java.security.AccessControlContext)100
ProtectionDomain (java.security.ProtectionDomain)24
Subject (javax.security.auth.Subject)24
PrivilegedAction (java.security.PrivilegedAction)18
Permissions (java.security.Permissions)14
PrivilegedActionException (java.security.PrivilegedActionException)13
IOException (java.io.IOException)11
SocketPermission (java.net.SocketPermission)10
Test (org.testng.annotations.Test)8
Principal (java.security.Principal)7
CodeSource (java.security.CodeSource)6
Permission (java.security.Permission)6
DatagramSocket (java.net.DatagramSocket)5
PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)5
MulticastSocket (java.net.MulticastSocket)4
Set (java.util.Set)4
ExecutorService (java.util.concurrent.ExecutorService)4
RejectedExecutionException (java.util.concurrent.RejectedExecutionException)4
ReflectionException (javax.management.ReflectionException)4
Test (org.junit.Test)4
