FileDocCategorySizeDatePackage
JMXSubjectDomainCombiner.javaAPI DocJava SE 5 API3979Fri Aug 26 14:55:00 BST 2005com.sun.jmx.remote.security

JMXSubjectDomainCombiner

public class JMXSubjectDomainCombiner extends SubjectDomainCombiner

This class represents an extension to the {@link SubjectDomainCombiner} and is used to add a new {@link ProtectionDomain}, comprised of a null codesource/signers and an empty permission set, to the access control context with which this combiner is combined.

When the {@link #combine} method is called the {@link ProtectionDomain} is augmented with the permissions granted to the set of principals present in the supplied {@link Subject}.

Fields Summary
private static final CodeSource
nullCodeSource
A null CodeSource.
private static final ProtectionDomain
pdNoPerms
A ProtectionDomain with a null CodeSource and an empty permission set.
private static final Permissions
allPermissions
A permission set that grants AllPermission.
private static final ProtectionDomain
pdAllPerms
A ProtectionDomain with a null CodeSource and a permission set that grants AllPermission.
private static final AccessControlContext
systemACC
An AccessControlContext that has only system domains on the stack.
Constructors Summary
public JMXSubjectDomainCombiner(Subject s)

        super(s);
    
Methods Summary
public java.security.ProtectionDomain[]combine(java.security.ProtectionDomain[] current, java.security.ProtectionDomain[] assigned)

        // Add a new ProtectionDomain with the null codesource/signers, and
        // the empty permission set, to the end of the array containing the
	// 'current' protections domains, i.e. the ones that will be augmented
	// with the permissions granted to the set of principals present in
	// the supplied subject.
	//
        ProtectionDomain[] newCurrent;
        if (current == null || current.length == 0) {
            newCurrent = new ProtectionDomain[1];
            newCurrent[0] = pdNoPerms;
        } else {
            newCurrent = new ProtectionDomain[current.length + 1];
            for (int i = 0; i < current.length; i++) {
                newCurrent[i] = current[i];
            }
            newCurrent[current.length] = pdNoPerms;          
        }
        return super.combine(newCurrent, assigned);
    
public static java.security.AccessControlContextgetContext(javax.security.auth.Subject subject)
Get the current AccessControlContext. If all the protection domains in the current context are system domains then build a new context that combines the subject with a dummy protection domain that forces the use of the domain combiner.

	AccessControlContext currentACC = AccessController.getContext();
	if (hasOnlySystemCode(currentACC)) {
	    currentACC =
		new AccessControlContext(new ProtectionDomain[] {pdAllPerms});
	}
	return new AccessControlContext(currentACC,
					new JMXSubjectDomainCombiner(subject));
    
private static booleanhasOnlySystemCode(java.security.AccessControlContext acc)
Check if the given AccessControlContext contains only system domains.


                  
         
	return systemACC.equals(acc);