FileDocCategorySizeDatePackage
SecureClassLoader.javaAPI DocAndroid 1.5 API6629Wed May 06 22:41:06 BST 2009java.security

SecureClassLoader

public class SecureClassLoader extends ClassLoader
{@code SecureClassLoader} represents a {@code ClassLoader} which associates the classes it loads with a code source and provide mechanisms to allow the relevant permissions to be retrieved.
since
Android 1.0

Fields Summary
private HashMap
pds
Constructors Summary
protected SecureClassLoader()
Constructs a new instance of {@code SecureClassLoader}. The default parent {@code ClassLoader} is used.

If a {@code SecurityManager} is installed, code calling this constructor needs the {@code SecurityPermission} {@code checkCreateClassLoader} to be granted, otherwise a {@code SecurityException} will be thrown.

throws
SecurityException if a {@code SecurityManager} is installed and the caller does not have permission to invoke this constructor.
since
Android 1.0


                                                                                                  
      
        super();
protected SecureClassLoader(ClassLoader parent)
Constructs a new instance of {@code SecureClassLoader} with the specified parent {@code ClassLoader}.

If a {@code SecurityManager} is installed, code calling this constructor needs the {@code SecurityPermission} {@code checkCreateClassLoader} to be granted, otherwise a {@code SecurityException} will be thrown.

param
parent the parent {@code ClassLoader}.
throws
SecurityException if a {@code SecurityManager} is installed and the caller does not have permission to invoke this constructor.
since
Android 1.0

        super(parent);
Methods Summary
protected final java.lang.ClassdefineClass(java.lang.String name, byte[] b, int off, int len, java.security.CodeSource cs)
Constructs a new class from an array of bytes containing a class definition in class file format with an optional {@code CodeSource}.

param
name the name of the new class.
param
b a memory image of a class file.
param
off the start offset in b of the class data.
param
len the length of the class data.
param
cs the {@code CodeSource}, or {@code null}.
return
a new class.
throws
IndexOutOfBoundsException if {@code off} or {@code len} are not valid in respect to {@code b}.
throws
ClassFormatError if the specified data is not valid class data.
throws
SecurityException if the package to which this class is to be added, already contains classes which were signed by different certificates, or if the class name begins with "java."
since
Android 1.0

        return cs == null ? defineClass(name, b, off, len) : defineClass(name,
                b, off, len, getPD(cs));
protected final java.lang.ClassdefineClass(java.lang.String name, java.nio.ByteBuffer b, java.security.CodeSource cs)
Constructs a new class from an array of bytes containing a class definition in class file format with an optional {@code CodeSource}.

param
name the name of the new class.
param
b a memory image of a class file.
param
cs the {@code CodeSource}, or {@code null}.
return
a new class.
throws
ClassFormatError if the specified data is not valid class data.
throws
SecurityException if the package to which this class is to be added, already contains classes which were signed by different certificates, or if the class name begins with "java."
since
Android 1.0

        //FIXME 1.5 - remove b.array(), call super.defineClass(,ByteBuffer,)
        // directly
        byte[] data = b.array();
        return cs == null ? defineClass(name, data, 0, data.length)
                : defineClass(name, data, 0, data.length, getPD(cs));
private java.security.ProtectionDomaingetPD(java.security.CodeSource cs)

        if (cs == null) {
            return null;
        }
        // need to cache PDs, otherwise every class from a given CodeSource 
        // will have it's own ProtectionDomain, which does not look right.
        ProtectionDomain pd;
        synchronized (pds) {
            if ((pd = (ProtectionDomain) pds.get(cs)) != null) {
                return pd;
            }
            PermissionCollection perms = getPermissions(cs);
            pd = new ProtectionDomain(cs, perms, this, null);
            pds.put(cs, pd);
        }
        return pd;
protected java.security.PermissionCollectiongetPermissions(java.security.CodeSource codesource)
Returns the {@code PermissionCollection} for the specified {@code CodeSource}.

param
codesource the code source.
return
the {@code PermissionCollection} for the specified {@code CodeSource}.
since
Android 1.0

        // Do nothing by default, ProtectionDomain will take care about
        // permissions in dynamic
        return new Permissions();