File Doc Category Size Date Package
ProtectionDomain.java API Doc Java SE 6 API 12006 Tue Jun 10 00:25:46 BST 2008 java.security

ProtectionDomain

java.lang.Object

public class ProtectionDomain extends Object

This ProtectionDomain class encapsulates the characteristics of a domain, which encloses a set of classes whose instances are granted a set of permissions when being executed on behalf of a given set of Principals.

A static set of permissions can be bound to a ProtectionDomain when it is constructed; such permissions are granted to the domain regardless of the Policy in force. However, to support dynamic security policies, a ProtectionDomain can also be constructed such that it is dynamically mapped to a set of permissions by the current Policy whenever a permission is checked.

version: 1.47, 11/17/05
author: Li Gong
author: Roland Schemers
author: Gary Ellison

Fields Summary
private CodeSource
codesource
private ClassLoader
classloader
private Principal[]
principals
private PermissionCollection
permissions
private boolean
hasAllPerm
private boolean
staticPermissions
private static final Debug
debug
Constructors Summary
public ProtectionDomain(CodeSource codesource, PermissionCollection permissions)
Creates a new ProtectionDomain with the given CodeSource and Permissions. If the permissions object is not null, then setReadOnly()) will be called on the passed in Permissions object. The only permissions granted to this domain are the ones specified; the current Policy will not be consulted.
param
codesource the codesource associated with this domain
param
permissions the permissions granted to this domain
this.codesource = codesource; if (permissions != null) { this.permissions = permissions; this.permissions.setReadOnly(); if (permissions instanceof Permissions && ((Permissions)permissions).allPermission != null) { hasAllPerm = true; } } this.classloader = null; this.principals = new Principal[0]; staticPermissions = true;
public ProtectionDomain(CodeSource codesource, PermissionCollection permissions, ClassLoader classloader, Principal[] principals)
Creates a new ProtectionDomain qualified by the given CodeSource, Permissions, ClassLoader and array of Principals. If the permissions object is not null, then setReadOnly() will be called on the passed in Permissions object. The permissions granted to this domain are dynamic; they include both the static permissions passed to this constructor, and any permissions granted to this domain by the current Policy at the time a permission is checked.
This constructor is typically used by {@link SecureClassLoader ClassLoaders} and {@link DomainCombiner DomainCombiners} which delegate to Policy to actively associate the permissions granted to this domain. This constructor affords the Policy provider the opportunity to augment the supplied PermissionCollection to reflect policy changes.
param
codesource the CodeSource associated with this domain
param
permissions the permissions granted to this domain
param
classloader the ClassLoader associated with this domain
param
principals the array of Principals associated with this domain. The contents of the array are copied to protect against subsequent modification.
see
Policy#refresh
see
Policy#getPermissions(ProtectionDomain)
since
1.4
this.codesource = codesource; if (permissions != null) { this.permissions = permissions; this.permissions.setReadOnly(); if (permissions instanceof Permissions && ((Permissions)permissions).allPermission != null) { hasAllPerm = true; } } this.classloader = classloader; this.principals = (principals != null ? (Principal[])principals.clone(): new Principal[0]); staticPermissions = false;
Methods Summary
public final java.lang.ClassLoader getClassLoader()
Returns the ClassLoader of this domain.
return
the ClassLoader of this domain which may be null.
since
1.4
return this.classloader;
public final java.security.CodeSource getCodeSource()
Returns the CodeSource of this domain.
return
the CodeSource of this domain which may be null.
since
1.2
return this.codesource;
public final java.security.PermissionCollection getPermissions()
Returns the static permissions granted to this domain.
return
the static set of permissions for this domain which may be null.
see
Policy#refresh
see
Policy#getPermissions(ProtectionDomain)
return permissions;
public final java.security.Principal[] getPrincipals()
Returns an array of principals for this domain.
return
a non-null array of principals for this domain. Returns a new array each time this method is called.
since
1.4
return (Principal[])this.principals.clone();
public boolean implies(java.security.Permission permission)
Check and see if this ProtectionDomain implies the permissions expressed in the Permission object.
The set of permissions evaluated is a function of whether the ProtectionDomain was constructed with a static set of permissions or it was bound to a dynamically mapped set of permissions.
If the ProtectionDomain was constructed to a {@link #ProtectionDomain(CodeSource, PermissionCollection) statically bound} PermissionCollection then the permission will only be checked against the PermissionCollection supplied at construction.
However, if the ProtectionDomain was constructed with the constructor variant which supports {@link #ProtectionDomain(CodeSource, PermissionCollection, ClassLoader, java.security.Principal[]) dynamically binding} permissions, then the permission will be checked against the combination of the PermissionCollection supplied at construction and the current Policy binding.
param
permission the Permission object to check.
return
true if "permission" is implicit to this ProtectionDomain.
if (hasAllPerm) { // internal permission collection already has AllPermission - // no need to go to policy return true; } if (!staticPermissions && Policy.getPolicyNoCheck().implies(this, permission)) return true; if (permissions != null) return permissions.implies(permission); return false;
private java.security.PermissionCollection mergePermissions()
if (staticPermissions) return permissions; PermissionCollection perms = (PermissionCollection) java.security.AccessController.doPrivileged (new java.security.PrivilegedAction() { public Object run() { Policy p = Policy.getPolicyNoCheck(); return p.getPermissions(ProtectionDomain.this); } }); Permissions mergedPerms = new Permissions(); int swag = 32; int vcap = 8; Enumeration e; List pdVector = new ArrayList(vcap); List plVector = new ArrayList(swag); // // Build a vector of domain permissions for subsequent merge if (permissions != null) { synchronized (permissions) { e = permissions.elements(); while (e.hasMoreElements()) { Permission p = (Permission)e.nextElement(); pdVector.add(p); } } } // // Build a vector of Policy permissions for subsequent merge if (perms != null) { synchronized (perms) { e = perms.elements(); while (e.hasMoreElements()) { plVector.add(e.nextElement()); vcap++; } } } if (perms != null && permissions != null) { // // Weed out the duplicates from the policy. Unless a refresh // has occured since the pd was consed this should result in // an empty vector. synchronized (permissions) { e = permissions.elements(); // domain vs policy while (e.hasMoreElements()) { Permission pdp = (Permission)e.nextElement(); Class pdpClass = pdp.getClass(); String pdpActions = pdp.getActions(); String pdpName = pdp.getName(); for (int i = 0; i < plVector.size(); i++) { Permission pp = (Permission) plVector.get(i); if (pdpClass.isInstance(pp)) { // The equals() method on some permissions // have some side effects so this manual // comparison is sufficient. if (pdpName.equals(pp.getName()) && pdpActions.equals(pp.getActions())) { plVector.remove(i); break; } } } } } } if (perms !=null) { // the order of adding to merged perms and permissions // needs to preserve the bugfix 4301064 for (int i = plVector.size()-1; i >= 0; i--) { mergedPerms.add((Permission)plVector.get(i)); } } if (permissions != null) { for (int i = pdVector.size()-1; i >= 0; i--) { mergedPerms.add((Permission)pdVector.get(i)); } } return mergedPerms;
private static boolean seeAllp()
Return true (merge policy permissions) in the following cases: . SecurityManager is null . SecurityManager is not null, debug is not null, SecurityManager impelmentation is in bootclasspath, Policy implementation is in bootclasspath (the bootclasspath restrictions avoid recursion) . SecurityManager is not null, debug is null, caller has Policy.getPolicy permission
SecurityManager sm = System.getSecurityManager(); if (sm == null) { return true; } else { if (debug != null) { if (sm.getClass().getClassLoader() == null && Policy.getPolicyNoCheck().getClass().getClassLoader() == null) { return true; } } else { try { sm.checkPermission(SecurityConstants.GET_POLICY_PERMISSION); return true; } catch (SecurityException se) { // fall thru and return false } } } return false;
public java.lang.String toString()
Convert a ProtectionDomain to a String.
String pals = "<no principals>"; if (principals != null && principals.length > 0) { StringBuilder palBuf = new StringBuilder("(principals "); for (int i = 0; i < principals.length; i++) { palBuf.append(principals[i].getClass().getName() + " \"" + principals[i].getName() + "\""); if (i < principals.length-1) palBuf.append(",\n"); else palBuf.append(")\n"); } pals = palBuf.toString(); } // Check if policy is set; we don't want to load // the policy prematurely here PermissionCollection pc = Policy.isSet() && seeAllp() ? mergePermissions(): getPermissions(); return "ProtectionDomain "+ " "+codesource+"\n"+ " "+classloader+"\n"+ " "+pals+"\n"+ " "+pc+"\n";