File Doc Category Size Date Package
SecureClassLoader.java API Doc Java SE 5 API 8049 Fri Aug 26 14:57:16 BST 2005 java.security

SecureClassLoader

java.lang.Object
- java.lang.ClassLoader

public class SecureClassLoader extends ClassLoader

This class extends ClassLoader with additional support for defining classes with an associated code source and permissions which are retrieved by the system policy by default.

version: 1.85, 05/05/04
author: Li Gong
author: Roland Schemers

Fields Summary
private boolean
initialized
private HashMap
pdcache
private static final Debug
debug
Constructors Summary
protected SecureClassLoader(ClassLoader parent)
Creates a new SecureClassLoader using the specified parent class loader for delegation.
If there is a security manager, this method first calls the security manager's checkCreateClassLoader method to ensure creation of a class loader is allowed.
param
parent the parent ClassLoader
exception
SecurityException if a security manager exists and its checkCreateClassLoader method doesn't allow creation of a class loader.
see
SecurityManager#checkCreateClassLoader
super(parent); // this is to make the stack depth consistent with 1.1 SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkCreateClassLoader(); } initialized = true;
protected SecureClassLoader()
Creates a new SecureClassLoader using the default parent class loader for delegation.
If there is a security manager, this method first calls the security manager's checkCreateClassLoader method to ensure creation of a class loader is allowed.
exception
SecurityException if a security manager exists and its checkCreateClassLoader method doesn't allow creation of a class loader.
see
SecurityManager#checkCreateClassLoader
super(); // this is to make the stack depth consistent with 1.1 SecurityManager security = System.getSecurityManager(); if (security != null) { security.checkCreateClassLoader(); } initialized = true;
Methods Summary
private void check()
if (!initialized) { throw new SecurityException("ClassLoader object not initialized"); }
protected final java.lang.Class defineClass(java.lang.String name, byte[] b, int off, int len, java.security.CodeSource cs)
Converts an array of bytes into an instance of class Class, with an optional CodeSource. Before the class can be used it must be resolved.
If a non-null CodeSource is supplied a ProtectionDomain is constructed and associated with the class being defined.
param
name the expected name of the class, or null if not known, using '.' and not '/' as the separator and without a trailing ".class" suffix.
param
b the bytes that make up the class data. The bytes in positions off through off+len-1 should have the format of a valid class file as defined by the Java Virtual Machine Specification.
param
off the start offset in b of the class data
param
len the length of the class data
param
cs the associated CodeSource, or null if none
return
the Class object created from the data, and optional CodeSource.
exception
ClassFormatError if the data did not contain a valid class
exception
IndexOutOfBoundsException if either off or len is negative, or if off+len is greater than b.length.
exception
SecurityException if an attempt is made to add this class to a package that contains classes that were signed by a different set of certificates than this class, or if the class name begins with "java.".
if (cs == null) return defineClass(name, b, off, len); else return defineClass(name, b, off, len, getProtectionDomain(cs));
protected final java.lang.Class defineClass(java.lang.String name, java.nio.ByteBuffer b, java.security.CodeSource cs)
Converts a {@link java.nio.ByteBuffer ByteBuffer} into an instance of class Class, with an optional CodeSource. Before the class can be used it must be resolved.
If a non-null CodeSource is supplied a ProtectionDomain is constructed and associated with the class being defined.
param
name the expected name of the class, or null if not known, using '.' and not '/' as the separator and without a trailing ".class" suffix.
param
b the bytes that make up the class data. The bytes from positions b.position() through b.position() + b.limit() -1 should have the format of a valid class file as defined by the Java Virtual Machine Specification.
param
cs the associated CodeSource, or null if none
return
the Class object created from the data, and optional CodeSource.
exception
ClassFormatError if the data did not contain a valid class
exception
SecurityException if an attempt is made to add this class to a package that contains classes that were signed by a different set of certificates than this class, or if the class name begins with "java.".
since
1.5
if (cs == null) return defineClass(name, b, (ProtectionDomain)null); else return defineClass(name, b, getProtectionDomain(cs));
protected java.security.PermissionCollection getPermissions(java.security.CodeSource codesource)
Returns the permissions for the given CodeSource object.
This method is invoked by the defineClass method which takes a CodeSource as an argument when it is constructing the ProtectionDomain for the class being defined.
param
codesource the codesource.
return
the permissions granted to the codesource.
check(); return new Permissions(); // ProtectionDomain defers the binding
private java.security.ProtectionDomain getProtectionDomain(java.security.CodeSource cs)
if (cs == null) return null; ProtectionDomain pd = null; synchronized (pdcache) { pd = (ProtectionDomain)pdcache.get(cs); if (pd == null) { PermissionCollection perms = getPermissions(cs); pd = new ProtectionDomain(cs, perms, this, null); if (pd != null) { pdcache.put(cs, pd); if (debug != null) { debug.println(" getPermissions "+ pd); debug.println(""); } } } } return pd;