From 28f7d9d05ad70afad626d4bc54c633d31eb7430a Mon Sep 17 00:00:00 2001 From: Bryce McKinlay Date: Wed, 25 Apr 2001 16:45:15 +0100 Subject: decl.c (init_decl_processing): Add new class "protectionDomain" field. gcc/java: 2001-04-25 Bryce McKinlay * decl.c (init_decl_processing): Add new class "protectionDomain" field. * class.c (make_class_data): Set initial value for "protectionDomain". libjava: 2001-04-25 Bryce McKinlay java.security merge and ClassLoader compliance fixes. * java/lang/Class.h (Class): Include ProtectionDomain.h. New protectionDomain field. (forName): Add initialize parameter. Fixes declaration to comply with JDK spec. * java/lang/natClass.cc (forName): Correct declaration of the three-arg variant. Honour "initialize" flag. (getProtectionDomain0): New method. * java/lang/Class.java: Fix forName() declaration. (getPackage): New method based on Classpath implementation. (getProtectionDomain0): New native method decl. (getProtectionDomain): New method. * java/lang/ClassLoader.java (getParent): Now final. (definedPackages): New field. (getPackage): New. (defineClass): New variant with protectionDomain argument. (definePackage): New. (getPackages): New. (findSystemClass): Now final. (getSystemResourceAsStream): Remove redundant "final" modifier. (getSystemResource): Remove redundant "final" modifier. (getResources): Now final. (protectionDomainPermission): New static field. (unknownProtectionDomain): Ditto. (defaultProtectionDomain): Ditto. (getSystemClassLoader): Now non-native. * java/util/ResourceBundle.java (tryGetSomeBundle): Use the correct arguments for Class.forName(). * java/lang/Package.java: New file. * gnu/gcj/runtime/VMClassLoader.java (getVMClassLoader): Removed. (instance): Static initialize singleton. (findClass): Override this, not findSystemClass. * java/lang/natClassLoader.cc (defineClass0): Set class's protectionDomain field as specified. (getSystemClassLoader): Removed. (findClass): Renamed from findSystemClass. Call the interpreter via URLClassLoader.findClass if loading class via dlopen fails. * java/security/*.java: java.security import/merge with Classpath. * java/security/acl/*.java: Likewise. * java/security/interfaces/*.java: Likewise. * java/security/spec/*.java: Likewise. * java/net/NetPermission.java: Likewise. * java/net/SocketPermission.java: Likewise. * gnu/java/security/provider/DefaultPolicy.java: Likewise. * Makefile.am: Add new classes. * Makefile.in: Rebuilt. * gcj/javaprims.h: CNI namespace rebuild. From-SVN: r41543 --- libjava/java/security/AccessController.java | 185 ++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 libjava/java/security/AccessController.java (limited to 'libjava/java/security/AccessController.java') diff --git a/libjava/java/security/AccessController.java b/libjava/java/security/AccessController.java new file mode 100644 index 0000000..c830fa4 --- /dev/null +++ b/libjava/java/security/AccessController.java @@ -0,0 +1,185 @@ +/* AccessController.java --- Access control context and permission checker + Copyright (C) 2001 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA. + +As a special exception, if you link this library with other files to +produce an executable, this library does not by itself cause the +resulting executable to be covered by the GNU General Public License. +This exception does not however invalidate any other reasons why the +executable file might be covered by the GNU General Public License. */ + +package java.security; + +/** + * Access control context and permission checker. + * Can check permissions in the access control context of the current thread + * through the checkPermission() method. + * Manipulates the access control context for code that needs to be executed + * the protection domain of the calling class (by explicitly ignoring the + * context of the calling code) in the doPriviliged() methods. + * And provides a getContext() method which gives the access + * control context of the current thread that can be used for checking + * permissions at a later time and/or in another thread. + *

+ * XXX - Mostly a stub implementation at the moment. Needs native support + * from the VM to function correctly. XXX - Do not forget to think about + * how to handle java.lang.reflect.Method.invoke() on the + * doPrivileged() methods. + * + * @author Mark Wielaard (mark@klomp.org) + * @since 1.2 + */ +public final class AccessController +{ + /** + * This class only has static methods so there is no public contructor. + */ + private AccessController() + { + } + + /** + * Checks wether the access control context of the current thread allows + * the given Permission. Throws an AccessControlException + * when the permission is not allowed in the current context. Otherwise + * returns silently without throwing an exception. + * + * @param perm the permission to be checked. + * @exception AccessControlException thrown if the current context does not + * allow the given permission. + */ + public static void checkPermission(Permission perm) + { + getContext().checkPermission(perm); + } + + /** + * Calls the run() method of the given action with as + * (initial) access control context only the protection domain of the + * calling class. Calls to checkPermission() in the + * run() method ignore all earlier protection domains of + * classes in the call chain. Note that the protection domains of classes + * called by the code in the run() method are not ignored. + * + * @param action the PrivilegedAction whose run() + * should be be called. + * @returns the result of the action.run() method. + */ + public static Object doPrivileged(PrivilegedAction action) + { + return action.run(); + } + + /** + * Calls the run() method of the given action with as + * (initial) access control context the given context combined with the + * protection domain of the calling class. Calls to + * checkPermission() in the run() method ignore + * all earlier protection domains of classes in the call chain, but add + * checks for the protection domains given in the supplied context. + * + * @param action the PrivilegedAction whose run() + * should be be called. + * @param context the AccessControlContext whose protection + * domains should be added to the protection domain of the calling class. + * @returns the result of the action.run() method. + */ + public static Object doPrivileged(PrivilegedAction action, + AccessControlContext context) + { + return action.run(); + } + + /** + * Calls the run() method of the given action with as + * (initial) access control context only the protection domain of the + * calling class. Calls to checkPermission() in the + * run() method ignore all earlier protection domains of + * classes in the call chain. Note that the protection domains of classes + * called by the code in the run() method are not ignored. + * If the run() method throws an exception then this method + * will wrap that exception in an PrivilegedActionException. + * + * @param action the PrivilegedExceptionAction whose + * run() should be be called. + * @returns the result of the action.run() method. + * @exception PriviligedActionException wrapped around any exception that + * is thrown in the run() method. + */ + public static Object doPrivileged(PrivilegedExceptionAction action) + throws PrivilegedActionException + { + + try + { + return action.run(); + } + catch (Exception e) + { + throw new PrivilegedActionException(e); + } + } + + /** + * Calls the run() method of the given action with as + * (initial) access control context the given context combined with the + * protection domain of the calling class. Calls to + * checkPermission() in the run() method ignore + * all earlier protection domains of classes in the call chain, but add + * checks for the protection domains given in the supplied context. + * If the run() method throws an exception then this method + * will wrap that exception in an PrivilegedActionException. + * + * @param action the PrivilegedExceptionAction whose + * run() should be be called. + * @param context the AccessControlContext whose protection + * domains should be added to the protection domain of the calling class. + * @returns the result of the action.run() method. + * @exception PriviligedActionException wrapped around any exception that + * is thrown in the run() method. + */ + public static Object doPrivileged(PrivilegedExceptionAction action, + AccessControlContext context) + throws PrivilegedActionException + { + + try + { + return action.run(); + } + catch (Exception e) + { + throw new PrivilegedActionException(e); + } + } + + /** + * Returns the complete access control context of the current thread. + *

+ * XXX - Should this include all the protection domains in the call chain + * or only the domains till the last doPrivileged() call? + *

+ * XXX - needs native support. Currently returns an empty context. + */ + public static AccessControlContext getContext() + { + // For now just return an new empty context + return new AccessControlContext(new ProtectionDomain[0]); + } +} -- cgit v1.1