1: /* AccessController.java --- Access control context and permission checker 2: Copyright (C) 2001, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: package java.security; 39: 40: /** 41: * Access control context and permission checker. 42: * Can check permissions in the access control context of the current thread 43: * through the <code>checkPermission()</code> method. 44: * Manipulates the access control context for code that needs to be executed 45: * the protection domain of the calling class (by explicitly ignoring the 46: * context of the calling code) in the <code>doPrivileged()</code> methods. 47: * And provides a <code>getContext()</code> method which gives the access 48: * control context of the current thread that can be used for checking 49: * permissions at a later time and/or in another thread. 50: * 51: * @author Mark Wielaard (mark@klomp.org) 52: * @since 1.2 53: */ 54: public final class AccessController 55: { 56: /** 57: * This class only has static methods so there is no public contructor. 58: */ 59: private AccessController() 60: { 61: } 62: 63: /** 64: * Checks wether the access control context of the current thread allows 65: * the given Permission. Throws an <code>AccessControlException</code> 66: * when the permission is not allowed in the current context. Otherwise 67: * returns silently without throwing an exception. 68: * 69: * @param perm the permission to be checked. 70: * @exception AccessControlException thrown if the current context does not 71: * allow the given permission. 72: */ 73: public static void checkPermission(Permission perm) 74: throws AccessControlException 75: { 76: getContext().checkPermission(perm); 77: } 78: 79: /** 80: * Calls the <code>run()</code> method of the given action with as 81: * (initial) access control context only the protection domain of the 82: * calling class. Calls to <code>checkPermission()</code> in the 83: * <code>run()</code> method ignore all earlier protection domains of 84: * classes in the call chain. Note that the protection domains of classes 85: * called by the code in the <code>run()</code> method are not ignored. 86: * 87: * @param action the <code>PrivilegedAction</code> whose <code>run()</code> 88: * should be be called. 89: * @return the result of the <code>action.run()</code> method. 90: */ 91: public static <T> T doPrivileged(PrivilegedAction<T> action) 92: { 93: VMAccessController.pushContext(null); 94: try 95: { 96: return action.run(); 97: } 98: finally 99: { 100: VMAccessController.popContext(); 101: } 102: } 103: 104: /** 105: * Calls the <code>run()</code> method of the given action with as 106: * (initial) access control context the given context combined with the 107: * protection domain of the calling class. Calls to 108: * <code>checkPermission()</code> in the <code>run()</code> method ignore 109: * all earlier protection domains of classes in the call chain, but add 110: * checks for the protection domains given in the supplied context. 111: * 112: * @param action the <code>PrivilegedAction</code> whose <code>run()</code> 113: * should be be called. 114: * @param context the <code>AccessControlContext</code> whose protection 115: * domains should be added to the protection domain of the calling class. 116: * @return the result of the <code>action.run()</code> method. 117: */ 118: public static <T> T doPrivileged(PrivilegedAction<T> action, 119: AccessControlContext context) 120: { 121: VMAccessController.pushContext(context); 122: try 123: { 124: return action.run(); 125: } 126: finally 127: { 128: VMAccessController.popContext(); 129: } 130: } 131: 132: /** 133: * Calls the <code>run()</code> method of the given action with as 134: * (initial) access control context only the protection domain of the 135: * calling class. Calls to <code>checkPermission()</code> in the 136: * <code>run()</code> method ignore all earlier protection domains of 137: * classes in the call chain. Note that the protection domains of classes 138: * called by the code in the <code>run()</code> method are not ignored. 139: * If the <code>run()</code> method throws an exception then this method 140: * will wrap that exception in an <code>PrivilegedActionException</code>. 141: * 142: * @param action the <code>PrivilegedExceptionAction</code> whose 143: * <code>run()</code> should be be called. 144: * @return the result of the <code>action.run()</code> method. 145: * @exception PrivilegedActionException wrapped around any checked exception 146: * that is thrown in the <code>run()</code> method. 147: */ 148: public static <T> T doPrivileged(PrivilegedExceptionAction<T> action) 149: throws PrivilegedActionException 150: { 151: VMAccessController.pushContext(null); 152: try 153: { 154: return action.run(); 155: } 156: catch (RuntimeException e) 157: { 158: throw e; 159: } 160: catch (Exception e) 161: { 162: throw new PrivilegedActionException(e); 163: } 164: finally 165: { 166: VMAccessController.popContext(); 167: } 168: } 169: 170: /** 171: * Calls the <code>run()</code> method of the given action with as 172: * (initial) access control context the given context combined with the 173: * protection domain of the calling class. Calls to 174: * <code>checkPermission()</code> in the <code>run()</code> method ignore 175: * all earlier protection domains of classes in the call chain, but add 176: * checks for the protection domains given in the supplied context. 177: * If the <code>run()</code> method throws an exception then this method 178: * will wrap that exception in an <code>PrivilegedActionException</code>. 179: * 180: * @param action the <code>PrivilegedExceptionAction</code> whose 181: * <code>run()</code> should be be called. 182: * @param context the <code>AccessControlContext</code> whose protection 183: * domains should be added to the protection domain of the calling class. 184: * @return the result of the <code>action.run()</code> method. 185: * @exception PrivilegedActionException wrapped around any checked exception 186: * that is thrown in the <code>run()</code> method. 187: */ 188: public static <T> T doPrivileged(PrivilegedExceptionAction<T> action, 189: AccessControlContext context) 190: throws PrivilegedActionException 191: { 192: VMAccessController.pushContext(context); 193: try 194: { 195: return action.run(); 196: } 197: catch (RuntimeException e) 198: { 199: throw e; 200: } 201: catch (Exception e) 202: { 203: throw new PrivilegedActionException(e); 204: } 205: finally 206: { 207: VMAccessController.popContext(); 208: } 209: } 210: 211: /** 212: * Returns the complete access control context of the current thread. 213: * The returned object encompasses all {@link ProtectionDomain} objects 214: * for all classes in the current call stack, or the set of protection 215: * domains until the last call to {@link 216: * #doPrivileged(java.security.PrivilegedAction)}. 217: * 218: * <p>Additionally, if a call was made to {@link 219: * #doPrivileged(java.security.PrivilegedAction,java.security.AccessControlContext)} 220: * that supplied an {@link AccessControlContext}, then that context 221: * will be intersected with the calculated one. 222: * 223: * @return The context. 224: */ 225: public static AccessControlContext getContext() 226: { 227: return VMAccessController.getContext(); 228: } 229: }