Source for java.security.AccessController

   1: /* AccessController.java --- Access control context and permission checker
   2:    Copyright (C) 2001, 2004  Free Software Foundation, Inc.
   3: 
   4: This file is part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2, or (at your option)
   9: any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; see the file COPYING.  If not, write to the
  18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  19: 02110-1301 USA.
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version. */
  37: 
  38: package java.security;
  39: 
  40: /**
  41:  * Access control context and permission checker.
  42:  * Can check permissions in the access control context of the current thread
  43:  * through the <code>checkPermission()</code> method.
  44:  * Manipulates the access control context for code that needs to be executed
  45:  * the protection domain of the calling class (by explicitly ignoring the
  46:  * context of the calling code) in the <code>doPrivileged()</code> methods.
  47:  * And provides a <code>getContext()</code> method which gives the access
  48:  * control context of the current thread that can be used for checking
  49:  * permissions at a later time and/or in another thread.
  50:  *
  51:  * @author Mark Wielaard (mark@klomp.org)
  52:  * @since 1.2
  53:  */
  54: public final class AccessController
  55: {
  56:   /**
  57:    * This class only has static methods so there is no public contructor.
  58:    */
  59:   private AccessController()
  60:   {
  61:   }
  62: 
  63:   /**
  64:    * Checks wether the access control context of the current thread allows
  65:    * the given Permission. Throws an <code>AccessControlException</code>
  66:    * when the permission is not allowed in the current context. Otherwise
  67:    * returns silently without throwing an exception.
  68:    *
  69:    * @param perm the permission to be checked.
  70:    * @exception AccessControlException thrown if the current context does not
  71:    * allow the given permission.
  72:    */
  73:   public static void checkPermission(Permission perm)
  74:     throws AccessControlException
  75:   {
  76:     getContext().checkPermission(perm);
  77:   }
  78: 
  79:   /**
  80:    * Calls the <code>run()</code> method of the given action with as
  81:    * (initial) access control context only the protection domain of the
  82:    * calling class. Calls to <code>checkPermission()</code> in the
  83:    * <code>run()</code> method ignore all earlier protection domains of
  84:    * classes in the call chain. Note that the protection domains of classes
  85:    * called by the code in the <code>run()</code> method are not ignored.
  86:    *
  87:    * @param action the <code>PrivilegedAction</code> whose <code>run()</code>
  88:    * should be be called.
  89:    * @return the result of the <code>action.run()</code> method.
  90:    */
  91:   public static <T> T doPrivileged(PrivilegedAction<T> action)
  92:   {
  93:     VMAccessController.pushContext(null);
  94:     try
  95:       {
  96:         return action.run();
  97:       }
  98:     finally
  99:       {
 100:         VMAccessController.popContext();
 101:       }
 102:   }
 103: 
 104:   /**
 105:    * Calls the <code>run()</code> method of the given action with as
 106:    * (initial) access control context the given context combined with the
 107:    * protection domain of the calling class. Calls to
 108:    * <code>checkPermission()</code> in the <code>run()</code> method ignore
 109:    * all earlier protection domains of classes in the call chain, but add
 110:    * checks for the protection domains given in the supplied context.
 111:    *
 112:    * @param action the <code>PrivilegedAction</code> whose <code>run()</code>
 113:    * should be be called.
 114:    * @param context the <code>AccessControlContext</code> whose protection
 115:    * domains should be added to the protection domain of the calling class.
 116:    * @return the result of the <code>action.run()</code> method.
 117:    */
 118:   public static <T> T doPrivileged(PrivilegedAction<T> action,
 119:                                    AccessControlContext context)
 120:   {
 121:     VMAccessController.pushContext(context);
 122:     try
 123:       {
 124:         return action.run();
 125:       }
 126:     finally
 127:       {
 128:         VMAccessController.popContext();
 129:       }
 130:   }
 131: 
 132:   /**
 133:    * Calls the <code>run()</code> method of the given action with as
 134:    * (initial) access control context only the protection domain of the
 135:    * calling class. Calls to <code>checkPermission()</code> in the
 136:    * <code>run()</code> method ignore all earlier protection domains of
 137:    * classes in the call chain. Note that the protection domains of classes
 138:    * called by the code in the <code>run()</code> method are not ignored.
 139:    * If the <code>run()</code> method throws an exception then this method
 140:    * will wrap that exception in an <code>PrivilegedActionException</code>.
 141:    *
 142:    * @param action the <code>PrivilegedExceptionAction</code> whose
 143:    * <code>run()</code> should be be called.
 144:    * @return the result of the <code>action.run()</code> method.
 145:    * @exception PrivilegedActionException wrapped around any checked exception
 146:    * that is thrown in the <code>run()</code> method.
 147:    */
 148:   public static <T> T doPrivileged(PrivilegedExceptionAction<T> action)
 149:     throws PrivilegedActionException
 150:   {
 151:     VMAccessController.pushContext(null);
 152:     try
 153:       {
 154:         return action.run();
 155:       }
 156:     catch (RuntimeException e)
 157:       {
 158:         throw e;
 159:       }
 160:     catch (Exception e)
 161:       {
 162:         throw new PrivilegedActionException(e);
 163:       }
 164:     finally
 165:       {
 166:         VMAccessController.popContext();
 167:       }
 168:   }
 169: 
 170:   /**
 171:    * Calls the <code>run()</code> method of the given action with as
 172:    * (initial) access control context the given context combined with the
 173:    * protection domain of the calling class. Calls to
 174:    * <code>checkPermission()</code> in the <code>run()</code> method ignore
 175:    * all earlier protection domains of classes in the call chain, but add
 176:    * checks for the protection domains given in the supplied context.
 177:    * If the <code>run()</code> method throws an exception then this method
 178:    * will wrap that exception in an <code>PrivilegedActionException</code>.
 179:    *
 180:    * @param action the <code>PrivilegedExceptionAction</code> whose
 181:    * <code>run()</code> should be be called.
 182:    * @param context the <code>AccessControlContext</code> whose protection
 183:    * domains should be added to the protection domain of the calling class.
 184:    * @return the result of the <code>action.run()</code> method.
 185:    * @exception PrivilegedActionException wrapped around any checked exception
 186:    * that is thrown in the <code>run()</code> method.
 187:    */
 188:   public static <T> T doPrivileged(PrivilegedExceptionAction<T> action,
 189:                                    AccessControlContext context)
 190:     throws PrivilegedActionException
 191:   {
 192:     VMAccessController.pushContext(context);
 193:     try
 194:       {
 195:         return action.run();
 196:       }
 197:     catch (RuntimeException e)
 198:       {
 199:         throw e;
 200:       }
 201:     catch (Exception e)
 202:       {
 203:         throw new PrivilegedActionException(e);
 204:       }
 205:     finally
 206:       {
 207:         VMAccessController.popContext();
 208:       }
 209:   }
 210: 
 211:   /**
 212:    * Returns the complete access control context of the current thread.
 213:    * The returned object encompasses all {@link ProtectionDomain} objects
 214:    * for all classes in the current call stack, or the set of protection
 215:    * domains until the last call to {@link
 216:    * #doPrivileged(java.security.PrivilegedAction)}.
 217:    *
 218:    * <p>Additionally, if a call was made to {@link
 219:    * #doPrivileged(java.security.PrivilegedAction,java.security.AccessControlContext)}
 220:    * that supplied an {@link AccessControlContext}, then that context
 221:    * will be intersected with the calculated one.
 222:    *
 223:    * @return The context.
 224:    */
 225:   public static AccessControlContext getContext()
 226:   {
 227:     return VMAccessController.getContext();
 228:   }
 229: }