use of java.security.ProtectionDomain in project Payara by payara.
the class ASMClassWriter method defineClass.
public String defineClass(Class similarClass, byte[] classBytes) throws Exception {
String generatedClassName = "org.glassfish.admin.rest.resources.generatedASM.";
generatedClassName = generatedClassName + className;
byte[] byteContent = getByteClass();
ProtectionDomain pd = similarClass.getProtectionDomain();
java.lang.reflect.Method jm = null;
for (java.lang.reflect.Method jm2 : ClassLoader.class.getDeclaredMethods()) {
if (jm2.getName().equals("defineClass") && jm2.getParameterTypes().length == 5) {
jm = jm2;
break;
}
}
if (jm == null) {
// should never happen, makes findbug happy
throw new RuntimeException("cannot find method called defineclass...");
}
final java.lang.reflect.Method clM = jm;
try {
java.security.AccessController.doPrivileged(new java.security.PrivilegedExceptionAction() {
public java.lang.Object run() throws Exception {
if (!clM.isAccessible()) {
clM.setAccessible(true);
}
return null;
}
});
RestLogging.restLogger.log(Level.FINEST, "Loading bytecode for {0}", generatedClassName);
clM.invoke(similarClass.getClassLoader(), /*Thread.currentThread().getContextClassLoader()*/
generatedClassName, byteContent, 0, byteContent.length, pd);
try {
similarClass.getClassLoader().loadClass(generatedClassName);
} catch (ClassNotFoundException cnfEx) {
throw new RuntimeException(cnfEx);
}
return generatedClassName;
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
use of java.security.ProtectionDomain in project Payara by payara.
the class EJBSecurityManager method authorize.
/**
* This method is called by the EJB container to decide whether or not
* a method specified in the Invocation should be allowed.
*
* @param compInv invocation object that contains all the details of the
* invocation.
* @return A boolean value indicating if the client should be allowed
* to invoke the EJB.
*/
public boolean authorize(ComponentInvocation compInv) {
if (!(compInv instanceof EjbInvocation)) {
return false;
}
// FIXME: Param type should be EjbInvocation
EjbInvocation inv = (EjbInvocation) compInv;
if (inv.getAuth() != null) {
return inv.getAuth().booleanValue();
}
boolean ret = false;
CachedPermission cp = null;
Permission ejbmp = null;
if (inv.invocationInfo == null || inv.invocationInfo.cachedPermission == null) {
ejbmp = new EJBMethodPermission(ejbName, inv.getMethodInterface(), inv.method);
cp = new CachedPermissionImpl(uncheckedMethodPermissionCache, ejbmp);
if (inv.invocationInfo != null) {
inv.invocationInfo.cachedPermission = cp;
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("JACC: permission initialized in InvocationInfo: EJBMethodPermission (Name) = " + ejbmp.getName() + " (Action) = " + ejbmp.getActions());
}
}
} else {
cp = inv.invocationInfo.cachedPermission;
ejbmp = cp.getPermission();
}
String caller = null;
SecurityContext sc = null;
pcHandlerImpl.getHandlerData().setInvocation(inv);
ret = cp.checkPermission();
if (!ret) {
sc = SecurityContext.getCurrent();
Set principalSet = sc.getPrincipalSet();
ProtectionDomain prdm = getCachedProtectionDomain(principalSet, true);
try {
// set the policy context in the TLS.
String oldContextId = setPolicyContext(this.contextId);
try {
ret = policy.implies(prdm, ejbmp);
} catch (SecurityException se) {
_logger.log(Level.SEVERE, "jacc_access_exception", se);
ret = false;
} catch (Throwable t) {
_logger.log(Level.SEVERE, "jacc_access_exception", t);
ret = false;
} finally {
resetPolicyContext(oldContextId, this.contextId);
}
} catch (Throwable t) {
_logger.log(Level.SEVERE, "jacc_policy_context_exception", t);
ret = false;
}
}
inv.setAuth((ret) ? Boolean.TRUE : Boolean.FALSE);
if (auditManager.isAuditOn()) {
if (sc == null) {
sc = SecurityContext.getCurrent();
}
caller = sc.getCallerPrincipal().getName();
auditManager.ejbInvocation(caller, ejbName, inv.method.toString(), ret);
}
if (ret && inv.isWebService && !inv.isPreInvokeDone()) {
preInvoke(inv);
}
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("JACC: Access Control Decision Result: " + ret + " EJBMethodPermission (Name) = " + ejbmp.getName() + " (Action) = " + ejbmp.getActions() + " (Caller) = " + caller);
}
return ret;
}
use of java.security.ProtectionDomain in project Payara by payara.
the class PayaraMicroLauncher method getBootClass.
/**
* Boot method via Micro.getInstance()
* @return
* @throws InstantiationException
* @throws IllegalAccessException
* @throws ClassNotFoundException
* @throws Exception
*/
public static PayaraMicroBoot getBootClass() throws InstantiationException, IllegalAccessException, ClassNotFoundException, Exception {
if (bootInstance == null) {
if (mainBoot) {
Class<?> mainClass = Thread.currentThread().getContextClassLoader().loadClass("fish.payara.micro.impl.PayaraMicroImpl");
Method instanceMethod = mainClass.getDeclaredMethod("getInstance");
bootInstance = (PayaraMicroBoot) instanceMethod.invoke(null);
} else {
PayaraMicroLauncher launcher = new PayaraMicroLauncher();
// set system property for our jar file
ProtectionDomain protectionDomain = PayaraMicroLauncher.class.getProtectionDomain();
CodeSource codeSource = protectionDomain.getCodeSource();
URI location = (codeSource == null ? null : codeSource.getLocation().toURI());
System.setProperty(MICRO_JAR_PROPERTY, location.toString());
ClassLoader loader = launcher.createClassLoader(launcher.getClassPathArchives());
fish.payara.micro.boot.loader.jar.JarFile.registerUrlProtocolHandler();
Thread.currentThread().setContextClassLoader(loader);
Class<?> mainClass = Thread.currentThread().getContextClassLoader().loadClass("fish.payara.micro.impl.PayaraMicroImpl");
Method instanceMethod = mainClass.getDeclaredMethod("getInstance");
bootInstance = (PayaraMicroBoot) instanceMethod.invoke(null);
}
}
return bootInstance;
}
use of java.security.ProtectionDomain in project Payara by payara.
the class PayaraMicroLauncher method main.
/**
* Boot method via java -jar
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
PayaraMicroLauncher launcher = new PayaraMicroLauncher();
// set system property for our jar file
ProtectionDomain protectionDomain = PayaraMicroLauncher.class.getProtectionDomain();
CodeSource codeSource = protectionDomain.getCodeSource();
URI location = (codeSource == null ? null : codeSource.getLocation().toURI());
System.setProperty(MICRO_JAR_PROPERTY, location.toString());
mainBoot = true;
launcher.launch(args);
}
use of java.security.ProtectionDomain in project Payara by payara.
the class ASURLClassLoader method findClassData.
/**
* This method is responsible for locating the url from the class bytes
* have to be read and reading the bytes. It does not actually define
* the Class object.
* <p>
* To preclude a race condition on checking 'doneCalled', as well as transient errors
* if done() is called while running, this method is 'synchronized'.
*
* @param name class name in java.lang.Object format
* @return class bytes as well protection domain information
* @throws ClassNotFoundException
*/
protected synchronized ClassData findClassData(String name) throws ClassNotFoundException {
if (doneCalled) {
_logger.log(Level.WARNING, CULoggerInfo.getString(CULoggerInfo.findClassAfterDone, name, this.toString()), new Throwable());
throw new ClassNotFoundException(name);
}
String nf = (String) notFoundClasses.get(name);
if (nf != null && nf.equals(name)) {
throw new ClassNotFoundException(name);
}
// search thru the JARs for a file of the form java/lang/Object.class
String entryName = name.replace('.', '/') + ".class";
int i = 0;
for (URLEntry u : this.urlSet) {
if (!u.hasItem(entryName)) {
i++;
continue;
}
byte[] result = loadClassData0(u, entryName);
if (result != null) {
if (System.getSecurityManager() == null)
return new ClassData(result, u.pd);
else {
// recreate the pd to include the declared permissions
CodeSource cs = u.pd.getCodeSource();
PermissionCollection pc = this.getPermissions(cs);
ProtectionDomain pdWithPemissions = new ProtectionDomain(u.pd.getCodeSource(), pc, u.pd.getClassLoader(), u.pd.getPrincipals());
return new ClassData(result, pdWithPemissions);
}
}
i++;
}
// add to the not found classes list
notFoundClasses.put(name, name);
throw new ClassNotFoundException(name);
}
Aggregations