Example 36 with PrivilegedAction
use of java.security.PrivilegedAction in project felix by apache.
the class MX4JMBeanServer method createMBeanRepository.
/**
* Creates a new repository for MBeans.
* The system property {@link mx4j.MX4JSystemKeys#MX4J_MBEANSERVER_REPOSITORY} is tested
* for a full qualified name of a class implementing the {@link MBeanRepository} interface.
* In case the system property is not defined or the class is not loadable or instantiable, a default
* implementation is returned.
*/
private MBeanRepository createMBeanRepository() {
Logger logger = getLogger();
if (logger.isEnabledFor(Logger.TRACE))
logger.trace("Checking for system property " + MX4JSystemKeys.MX4J_MBEANSERVER_REPOSITORY);
String value = (String) AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
return System.getProperty(MX4JSystemKeys.MX4J_MBEANSERVER_REPOSITORY);
}
});
if (value != null) {
if (logger.isEnabledFor(Logger.DEBUG))
logger.debug("Property found for custom MBeanServer registry; class is: " + value);
try {
MBeanRepository registry = (MBeanRepository) Thread.currentThread().getContextClassLoader().loadClass(value).newInstance();
if (logger.isEnabledFor(Logger.TRACE)) {
logger.trace("Custom MBeanServer registry created successfully");
}
return registry;
} catch (Exception x) {
if (logger.isEnabledFor(Logger.TRACE)) {
logger.trace("Custom MBeanServer registry could not be created", x);
}
}
}
return new DefaultMBeanRepository();
}
Also used :
PrivilegedAction(java.security.PrivilegedAction)
Logger(org.apache.felix.mosgi.jmx.agent.mx4j.log.Logger)
IntrospectionException(javax.management.IntrospectionException)
OperationsException(javax.management.OperationsException)
BadBinaryOpValueExpException(javax.management.BadBinaryOpValueExpException)
InstanceAlreadyExistsException(javax.management.InstanceAlreadyExistsException)
BadStringOperationException(javax.management.BadStringOperationException)
ReflectionException(javax.management.ReflectionException)
NotCompliantMBeanException(javax.management.NotCompliantMBeanException)
RuntimeErrorException(javax.management.RuntimeErrorException)
MalformedObjectNameException(javax.management.MalformedObjectNameException)
ListenerNotFoundException(javax.management.ListenerNotFoundException)
RuntimeOperationsException(javax.management.RuntimeOperationsException)
AttributeNotFoundException(javax.management.AttributeNotFoundException)
MBeanRegistrationException(javax.management.MBeanRegistrationException)
InstanceNotFoundException(javax.management.InstanceNotFoundException)
JMRuntimeException(javax.management.JMRuntimeException)
PrivilegedActionException(java.security.PrivilegedActionException)
BadAttributeValueExpException(javax.management.BadAttributeValueExpException)
IOException(java.io.IOException)
ImplementationException(org.apache.felix.mosgi.jmx.agent.mx4j.ImplementationException)
InvalidAttributeValueException(javax.management.InvalidAttributeValueException)
MBeanException(javax.management.MBeanException)
InvalidApplicationException(javax.management.InvalidApplicationException)
Example 37 with PrivilegedAction
use of java.security.PrivilegedAction in project felix by apache.
the class SecurityMBeanServerInterceptor method checkTrustRegistration.
private void checkTrustRegistration(final Class cls) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
ProtectionDomain domain = (ProtectionDomain) AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
return cls.getProtectionDomain();
}
});
MBeanTrustPermission permission = new MBeanTrustPermission("register");
if (!domain.implies(permission)) {
throw new AccessControlException("Access denied " + permission + ": MBean class " + cls.getName() + " is not trusted for registration");
}
}
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
PrivilegedAction(java.security.PrivilegedAction)
MBeanTrustPermission(javax.management.MBeanTrustPermission)
AccessControlException(java.security.AccessControlException)
Example 38 with PrivilegedAction
use of java.security.PrivilegedAction in project jdk8u_jdk by JetBrains.
the class PKCS12KeyStore method encryptPrivateKey.
/*
* Encrypt private key using Password-based encryption (PBE)
* as defined in PKCS#5.
*
* NOTE: By default, pbeWithSHAAnd3-KeyTripleDES-CBC algorithmID is
* used to derive the key and IV.
*
* @return encrypted private key encoded as EncryptedPrivateKeyInfo
*/
private byte[] encryptPrivateKey(byte[] data, KeyStore.PasswordProtection passwordProtection) throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException {
byte[] key = null;
try {
String algorithm;
AlgorithmParameters algParams;
AlgorithmId algid;
// Initialize PBE algorithm and parameters
algorithm = passwordProtection.getProtectionAlgorithm();
if (algorithm != null) {
AlgorithmParameterSpec algParamSpec = passwordProtection.getProtectionParameters();
if (algParamSpec != null) {
algParams = AlgorithmParameters.getInstance(algorithm);
algParams.init(algParamSpec);
} else {
algParams = getAlgorithmParameters(algorithm);
}
} else {
// Check default key protection algorithm for PKCS12 keystores
algorithm = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
String prop = Security.getProperty(KEY_PROTECTION_ALGORITHM[0]);
if (prop == null) {
prop = Security.getProperty(KEY_PROTECTION_ALGORITHM[1]);
}
return prop;
}
});
if (algorithm == null || algorithm.isEmpty()) {
algorithm = "PBEWithSHA1AndDESede";
}
algParams = getAlgorithmParameters(algorithm);
}
ObjectIdentifier pbeOID = mapPBEAlgorithmToOID(algorithm);
if (pbeOID == null) {
throw new IOException("PBE algorithm '" + algorithm + " 'is not supported for key entry protection");
}
// Use JCE
SecretKey skey = getPBEKey(passwordProtection.getPassword());
Cipher cipher = Cipher.getInstance(algorithm);
cipher.init(Cipher.ENCRYPT_MODE, skey, algParams);
byte[] encryptedKey = cipher.doFinal(data);
algid = new AlgorithmId(pbeOID, cipher.getParameters());
if (debug != null) {
debug.println(" (Cipher algorithm: " + cipher.getAlgorithm() + ")");
}
// wrap encrypted private key in EncryptedPrivateKeyInfo
// as defined in PKCS#8
EncryptedPrivateKeyInfo encrInfo = new EncryptedPrivateKeyInfo(algid, encryptedKey);
key = encrInfo.getEncoded();
} catch (Exception e) {
UnrecoverableKeyException uke = new UnrecoverableKeyException("Encrypt Private Key failed: " + e.getMessage());
uke.initCause(e);
throw uke;
}
return key;
}
Also used :
KeyStoreException(java.security.KeyStoreException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
DestroyFailedException(javax.security.auth.DestroyFailedException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SecretKey(javax.crypto.SecretKey)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
AlgorithmId(sun.security.x509.AlgorithmId)
PrivilegedAction(java.security.PrivilegedAction)
EncryptedPrivateKeyInfo(sun.security.pkcs.EncryptedPrivateKeyInfo)
Cipher(javax.crypto.Cipher)
AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)
AlgorithmParameters(java.security.AlgorithmParameters)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 39 with PrivilegedAction
use of java.security.PrivilegedAction in project jdk8u_jdk by JetBrains.
the class JRELocaleProviderAdapter method isNonENLangSupported.
/*
* Returns true if the non EN resources jar file exists in jre
* extension directory. @returns true if the jar file is there. Otherwise,
* returns false.
*/
private static boolean isNonENLangSupported() {
if (isNonENSupported == null) {
synchronized (JRELocaleProviderAdapter.class) {
if (isNonENSupported == null) {
final String sep = File.separator;
String localeDataJar = java.security.AccessController.doPrivileged(new sun.security.action.GetPropertyAction("java.home")) + sep + "lib" + sep + "ext" + sep + LOCALE_DATA_JAR_NAME;
/*
* Peek at the installed extension directory to see if
* localedata.jar is installed or not.
*/
final File f = new File(localeDataJar);
isNonENSupported = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
@Override
public Boolean run() {
return f.exists();
}
});
}
}
}
return isNonENSupported;
}
Also used :
PrivilegedAction(java.security.PrivilegedAction)
File(java.io.File)
Example 40 with PrivilegedAction
use of java.security.PrivilegedAction in project jdk8u_jdk by JetBrains.
the class FileDialogFilter method init.
private void init(FileDialog target) {
//new Dialog(target, target.getTitle(), false);
fileDialog = target;
this.title = target.getTitle();
this.mode = target.getMode();
this.target = target;
this.filter = target.getFilenameFilter();
savedFile = target.getFile();
savedDir = target.getDirectory();
// Shouldn't save 'user.dir' to 'savedDir'
// since getDirectory() will be incorrect after handleCancel
userDir = (String) AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
return System.getProperty("user.dir");
}
});
installStrings();
gbl = new GridBagLayout();
gblButtons = new GridBagLayout();
gbc = new GridBagConstraints();
fileDialog.setLayout(gbl);
// create components
buttons = new Panel();
buttons.setLayout(gblButtons);
actionButtonText = (target.getMode() == FileDialog.SAVE) ? saveButtonText : openButtonText;
openButton = new Button(actionButtonText);
filterButton = new Button(filterLabelText);
cancelButton = new Button(cancelButtonText);
directoryList = new List();
fileList = new List();
filterField = new TextField();
selectionField = new TextField();
boolean isMultipleMode = AWTAccessor.getFileDialogAccessor().isMultipleMode(target);
fileList.setMultipleMode(isMultipleMode);
// the insets used by the components in the fileDialog
Insets noInset = new Insets(0, 0, 0, 0);
Insets textFieldInset = new Insets(0, 8, 0, 8);
Insets leftListInset = new Insets(0, 8, 0, 4);
Insets rightListInset = new Insets(0, 4, 0, 8);
Insets separatorInset = new Insets(8, 0, 0, 0);
Insets labelInset = new Insets(0, 8, 0, 0);
Insets buttonsInset = new Insets(10, 8, 10, 8);
// add components to GridBagLayout "gbl"
Font f = new Font(Font.DIALOG, Font.PLAIN, 12);
Label label = new Label(pathLabelText);
label.setFont(f);
addComponent(label, gbl, gbc, 0, 0, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.NONE, labelInset);
// Fixed 6260650: FileDialog.getDirectory() does not return null when file dialog is cancelled
// After showing we should display 'user.dir' as current directory
// if user didn't set directory programatically
pathField = new TextField(savedDir != null ? savedDir : userDir);
pathChoice = new Choice() {
public Dimension getPreferredSize() {
return new Dimension(PATH_CHOICE_WIDTH, pathField.getPreferredSize().height);
}
};
pathPanel = new Panel();
pathPanel.setLayout(new BorderLayout());
pathPanel.add(pathField, BorderLayout.CENTER);
pathPanel.add(pathChoice, BorderLayout.EAST);
//addComponent(pathField, gbl, gbc, 0, 1, 2,
// GridBagConstraints.WEST, (Container)fileDialog,
// 1, 0, GridBagConstraints.HORIZONTAL, textFieldInset);
//addComponent(pathChoice, gbl, gbc, 1, 1, GridBagConstraints.RELATIVE,
// GridBagConstraints.WEST, (Container)fileDialog,
// 1, 0, GridBagConstraints.HORIZONTAL, textFieldInset);
addComponent(pathPanel, gbl, gbc, 0, 1, 2, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.HORIZONTAL, textFieldInset);
label = new Label(filterLabelText);
label.setFont(f);
addComponent(label, gbl, gbc, 0, 2, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.NONE, labelInset);
addComponent(filterField, gbl, gbc, 0, 3, 2, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.HORIZONTAL, textFieldInset);
label = new Label(foldersLabelText);
label.setFont(f);
addComponent(label, gbl, gbc, 0, 4, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.NONE, labelInset);
label = new Label(filesLabelText);
label.setFont(f);
addComponent(label, gbl, gbc, 1, 4, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.NONE, labelInset);
addComponent(directoryList, gbl, gbc, 0, 5, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 1, GridBagConstraints.BOTH, leftListInset);
addComponent(fileList, gbl, gbc, 1, 5, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 1, GridBagConstraints.BOTH, rightListInset);
label = new Label(enterFileNameLabelText);
label.setFont(f);
addComponent(label, gbl, gbc, 0, 6, 1, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.NONE, labelInset);
addComponent(selectionField, gbl, gbc, 0, 7, 2, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.HORIZONTAL, textFieldInset);
addComponent(new Separator(fileDialog.size().width, 2, Separator.HORIZONTAL), gbl, gbc, 0, 8, 15, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.HORIZONTAL, separatorInset);
// add buttons to GridBagLayout Buttons
addComponent(openButton, gblButtons, gbc, 0, 0, 1, GridBagConstraints.WEST, (Container) buttons, 1, 0, GridBagConstraints.NONE, noInset);
addComponent(filterButton, gblButtons, gbc, 1, 0, 1, GridBagConstraints.CENTER, (Container) buttons, 1, 0, GridBagConstraints.NONE, noInset);
addComponent(cancelButton, gblButtons, gbc, 2, 0, 1, GridBagConstraints.EAST, (Container) buttons, 1, 0, GridBagConstraints.NONE, noInset);
// add ButtonPanel to the GridBagLayout of this class
addComponent(buttons, gbl, gbc, 0, 9, 2, GridBagConstraints.WEST, (Container) fileDialog, 1, 0, GridBagConstraints.HORIZONTAL, buttonsInset);
fileDialog.setSize(400, 400);
// Update choice's popup width
XChoicePeer choicePeer = (XChoicePeer) pathChoice.getPeer();
choicePeer.setDrawSelectedItem(false);
choicePeer.setAlignUnder(pathField);
filterField.addActionListener(this);
selectionField.addActionListener(this);
directoryList.addActionListener(this);
directoryList.addItemListener(this);
fileList.addItemListener(this);
fileList.addActionListener(this);
openButton.addActionListener(this);
filterButton.addActionListener(this);
cancelButton.addActionListener(this);
pathChoice.addItemListener(this);
pathField.addActionListener(this);
// b6227750 FileDialog is not disposed when clicking the 'close' (X) button on the top right corner, XToolkit
target.addWindowListener(new WindowAdapter() {
public void windowClosing(WindowEvent e) {
handleCancel();
}
});
// 6259434 PIT: Choice in FileDialog is not responding to keyboard interactions, XToolkit
pathChoice.addItemListener(this);
}
Also used :
PrivilegedAction(java.security.PrivilegedAction)
Aggregations
PrivilegedAction (java.security.PrivilegedAction)359
IOException (java.io.IOException)85
Subject (javax.security.auth.Subject)61
AccessControlContext (java.security.AccessControlContext)31
File (java.io.File)29
HashMap (java.util.HashMap)29
UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)29
Method (java.lang.reflect.Method)24
ArrayList (java.util.ArrayList)23
ClientResponse (com.sun.jersey.api.client.ClientResponse)21
InputStream (java.io.InputStream)21
URL (java.net.URL)21
FileNotFoundException (java.io.FileNotFoundException)18
UnsupportedEncodingException (java.io.UnsupportedEncodingException)18
Iterator (java.util.Iterator)18
MalformedURLException (java.net.MalformedURLException)17
List (java.util.List)17
UnknownHostException (java.net.UnknownHostException)16
Principal (java.security.Principal)15
PrivilegedActionException (java.security.PrivilegedActionException)15
