FileDocCategorySizeDatePackage
CustomSecureClassLoader.javaAPI DocExample3702Sat Jan 13 12:32:00 GMT 2001javasec.samples.ch06

CustomSecureClassLoader

public class CustomSecureClassLoader extends SecureClassLoader

Fields Summary
Constructors Summary
Methods Summary
protected java.lang.ClassfindClass(java.lang.String name)

        // First check if we have permission to access the package.
        // You could remove these 7 lines to skip the optional step 4.
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            int i = name.lastIndexOf('.");
            if (i != -1) {
                sm.checkPackageDefinition(name.substring(0, i));
            }
        }
        // Now read in the bytes and define the class
        try {
            return (Class)
                AccessController.doPrivileged(
                    new PrivilegedExceptionAction() {
                        public Object run() throws ClassNotFoundException {
                            byte[] buf = null;
                            try {
                                buf = readClassBytes(name);
                            } catch (Exception e) {
                                throw new ClassNotFoundException(name, e);
                            }
                            CodeSource cs = getCodeSource(name);
                            Class c = defineClass(name, buf,
                                               0, buf.length, cs);
		            System.out.println("defining class " + c);
		            return c;
                        }
                    }
                );
        } catch (java.security.PrivilegedActionException pae) {
            throw (ClassNotFoundException) pae.getException();
        }
protected java.security.CodeSourcegetCodeSource(java.lang.String name)

        try {
            return new CodeSource(new URL("file", "localhost", name), null);
        } catch (MalformedURLException mue) {
            mue.printStackTrace();
        }
        return null;
protected java.security.PermissionCollectiongetPermissions(java.security.CodeSource codesource)

        PermissionCollection pc = new Permissions();
        pc.add(new RuntimePermission("exitVM"));
        return pc;
public final synchronized java.lang.ClassloadClass(java.lang.String name, boolean resolve)

        // First check if we have permission to access the package.
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            int i = name.lastIndexOf('.");
            if (i != -1) {
                sm.checkPackageAccess(name.substring(0, i));
            }
        }
        System.out.println("loading class " + name);
        return super.loadClass(name, resolve);
protected byte[]readClassBytes(java.lang.String name)

        try {
            // This is the standard technique to read a class
            // from the file system; you must convert the . in 
            // the package name to the directory structure from
            // which you're reading.
            name = name.replace('.", File.separatorChar);
            // We read classes from the directoy foo (plus the
            // additional directories required by the package name).
            DataInputStream dis = new DataInputStream(
                       new FileInputStream("foo" +
                            File.separatorChar + name + ".class"));
            byte[] buf = new byte[dis.available()];
            dis.readFully(buf);
            return buf;
        } catch (IOException ioe) {
            ioe.printStackTrace();
            return null;
        }