Index (Frames) | Index (No Frames) | Package | Package Tree | Tree
java.security

Class AccessController

java.lang.Object
|
+--java.security.AccessController


public final class AccessController

extends Object

Access control context and permission checker. Can check permissions in the access control context of the current thread through the checkPermission() method. Manipulates the access control context for code that needs to be executed the protection domain of the calling class (by explicitly ignoring the context of the calling code) in the doPrivileged() methods. And provides a getContext() method which gives the access control context of the current thread that can be used for checking permissions at a later time and/or in another thread.

XXX - Mostly a stub implementation at the moment. Needs native support from the VM to function correctly. XXX - Do not forget to think about how to handle java.lang.reflect.Method.invoke() on the doPrivileged() methods.

Since:Author:

Method Summary

static voidcheckPermission(java.security.Permission perm)

Checks wether the access control context of the current thread allows the given Permission.
static java.lang.ObjectdoPrivileged(java.security.PrivilegedAction action)

Calls the run() method of the given action with as (initial) access control context only the protection domain of the calling class.
static java.lang.ObjectdoPrivileged(java.security.PrivilegedAction action, java.security.AccessControlContext context)

Calls the run() method of the given action with as (initial) access control context the given context combined with the protection domain of the calling class.
static java.lang.ObjectdoPrivileged(java.security.PrivilegedExceptionAction action)

Calls the run() method of the given action with as (initial) access control context only the protection domain of the calling class.
static java.lang.ObjectdoPrivileged(java.security.PrivilegedExceptionAction action, java.security.AccessControlContext context)

Calls the run() method of the given action with as (initial) access control context the given context combined with the protection domain of the calling class.
static java.security.AccessControlContextgetContext()

Returns the complete access control context of the current thread.

Method Details

checkPermission

public static void checkPermission(java.security.Permission perm)

Checks wether the access control context of the current thread allows the given Permission. Throws an AccessControlException when the permission is not allowed in the current context. Otherwise returns silently without throwing an exception.

Parameters:

Throws:


doPrivileged

public static Object doPrivileged(java.security.PrivilegedAction action)

Calls the run() method of the given action with as (initial) access control context only the protection domain of the calling class. Calls to checkPermission() in the run() method ignore all earlier protection domains of classes in the call chain. Note that the protection domains of classes called by the code in the run() method are not ignored.

Parameters:


doPrivileged

public static Object doPrivileged(java.security.PrivilegedAction action, java.security.AccessControlContext context)

Calls the run() method of the given action with as (initial) access control context the given context combined with the protection domain of the calling class. Calls to checkPermission() in the run() method ignore all earlier protection domains of classes in the call chain, but add checks for the protection domains given in the supplied context.

Parameters:


doPrivileged

public static Object doPrivileged(java.security.PrivilegedExceptionAction action)

Calls the run() method of the given action with as (initial) access control context only the protection domain of the calling class. Calls to checkPermission() in the run() method ignore all earlier protection domains of classes in the call chain. Note that the protection domains of classes called by the code in the run() method are not ignored. If the run() method throws an exception then this method will wrap that exception in an PrivilegedActionException.

Parameters:

Throws:


doPrivileged

public static Object doPrivileged(java.security.PrivilegedExceptionAction action, java.security.AccessControlContext context)

Calls the run() method of the given action with as (initial) access control context the given context combined with the protection domain of the calling class. Calls to checkPermission() in the run() method ignore all earlier protection domains of classes in the call chain, but add checks for the protection domains given in the supplied context. If the run() method throws an exception then this method will wrap that exception in an PrivilegedActionException.

Parameters:

Throws:


getContext

public static AccessControlContext getContext()

Returns the complete access control context of the current thread.

XXX - Should this include all the protection domains in the call chain or only the domains till the last doPrivileged() call?

XXX - needs native support. Currently returns an empty context.