java.net
Class URLClassLoader
java.lang.Object
|
+--java.lang.ClassLoader
|
+--java.security.SecureClassLoader
|
+--java.net.URLClassLoader
A secure class loader that can load classes and resources from
multiple locations. Given an array of
URL
s this class
loader will retrieve classes and resources by fetching them from
possible remote locations. Each
URL
is searched in
order in which it was added. If the file portion of the
URL
ends with a '/' character then it is interpreted
as a base directory, otherwise it is interpreted as a jar file from
which the classes/resources are resolved.
New instances can be created by two static
newInstance()
methods or by three public
contructors. Both ways give the option to supply an initial array
of URL
s and (optionally) a parent classloader (that is
different from the standard system class loader).
Normally creating a URLClassLoader
throws a
SecurityException
if a SecurityManager
is
installed and the checkCreateClassLoader()
method does
not return true. But the newInstance()
methods may be
used by any code as long as it has permission to acces the given
URL
s. URLClassLoaders
created by the
newInstance()
methods also explicitly call the
checkPackageAccess()
method of
SecurityManager
if one is installed before trying to
load a class. Note that only subclasses of
URLClassLoader
can add new URLs after the
URLClassLoader had been created. But it is always possible to get
an array of all URLs that the class loader uses to resolve classes
and resources by way of the getURLs()
method.
Open issues:
- Should the URLClassLoader actually add the locations found in
the manifest or is this the responsibility of some other
loader/(sub)class? (see
Extension Mechanism Architecture - Bundles Extensions)
- How does
definePackage()
and sealing work
precisely?
- We save and use the security context (when a created by
newInstance()
but do we have to use it in more
places?
- The use of
URLStreamHandler
s has not been tested.
Since:Authors:- Mark Wielaard (mark@klomp.org)
- Wu Gansha (gansha.wu@intel.com)
URLClassLoader
public URLClassLoader(java.net.URL[] urls)
Creates a URLClassLoader that gets classes from the supplied URLs.
To determine if this classloader may be created the constructor of
the super class (SecureClassLoader
) is called first, which
can throw a SecurityException. Then the supplied URLs are added
in the order given to the URLClassLoader which uses these URLs to
load classes and resources (after using the default parent ClassLoader).
Parameters:
Throws:
See Also:
URLClassLoader
public URLClassLoader(java.net.URL[] urls, java.lang.ClassLoader parent)
Creates a URLClassLoader
that gets classes from the supplied
URL
s.
To determine if this classloader may be created the constructor of
the super class (SecureClassLoader
) is called first, which
can throw a SecurityException. Then the supplied URLs are added
in the order given to the URLClassLoader which uses these URLs to
load classes and resources (after using the supplied parent ClassLoader).
Parameters:
Throws:
See Also:
URLClassLoader
public URLClassLoader(java.net.URL[] urls, java.lang.ClassLoader parent, java.net.URLStreamHandlerFactory factory)
Creates a URLClassLoader that gets classes from the supplied URLs.
To determine if this classloader may be created the constructor of
the super class (SecureClassLoader
) is called first, which
can throw a SecurityException. Then the supplied URLs are added
in the order given to the URLClassLoader which uses these URLs to
load classes and resources (after using the supplied parent ClassLoader).
It will use the supplied URLStreamHandlerFactory
to get the
protocol handlers of the supplied URLs.
Parameters:
Throws:
See Also:
addURL
protected void addURL(java.net.URL newUrl)
Adds a new location to the end of the internal URL store.
Parameters:
definePackage
protected Package definePackage(java.lang.String name, java.util.jar.Manifest manifest, java.net.URL url)
Defines a Package based on the given name and the supplied manifest
information. The manifest indicates the tile, version and
vendor information of the specification and implementation and wheter the
package is sealed. If the Manifest indicates that the package is sealed
then the Package will be sealed with respect to the supplied URL.
Parameters:
Returns:
Throws:
findClass
protected Class findClass(final String className)
Finds (the first) class by name from one of the locations. The locations
are searched in the order they were added to the URLClassLoader.
Parameters:
Returns:
- a Class object representing the found class
Throws:
findResource
public URL findResource(java.lang.String resourceName)
Finds the first occurrence of a resource that can be found.
Parameters:
Returns:
- the URL if found, null otherwise
findResources
public Enumeration findResources(java.lang.String resourceName)
Finds all the resources with a particular name from all the locations.
Parameters:
Returns:
- a (possible empty) enumeration of URLs where the resource can be
found
Throws:
IOException
- when an error occurs accessing one of the
locations
getPermissions
protected PermissionCollection getPermissions(java.security.CodeSource source)
Returns the permissions needed to access a particular code
source. These permissions includes those returned by
SecureClassLoader.getPermissions()
and the actual
permissions to access the objects referenced by the URL of the
code source. The extra permissions added depend on the protocol
and file portion of the URL in the code source. If the URL has
the "file" protocol ends with a '/' character then it must be a
directory and a file Permission to read everything in that
directory and all subdirectories is added. If the URL had the
"file" protocol and doesn't end with a '/' character then it must
be a normal file and a file permission to read that file is
added. If the URL
has any other protocol then a
socket permission to connect and accept connections from the host
portion of the URL is added.
Parameters:
Returns:
- the collection of permissions needed to access the code resource
See Also:
getURLs
public URL[] getURLs()
Returns all the locations that this class loader currently uses the
resolve classes and resource. This includes both the initially supplied
URLs as any URLs added later by the loader.
Returns:
- All the currently used URLs
newInstance
public static URLClassLoader newInstance(java.net.URL[] urls)
Creates a new instance of a URLClassLoader
that gets
classes from the supplied URL
s. This class loader
will have as parent the standard system class loader.
Parameters:
Throws:
SecurityException
- when the calling code does not have
permission to access the given URL
s
newInstance
public static URLClassLoader newInstance(java.net.URL[] urls, final ClassLoader parent)
Creates a new instance of a URLClassLoader
that gets
classes from the supplied URL
s and with the supplied
loader as parent class loader.
Parameters:
Throws:
SecurityException
- when the calling code does not have
permission to access the given URL
s
URL
s this class loader will retrieve classes and resources by fetching them from possible remote locations. EachURL
is searched in order in which it was added. If the file portion of theURL
ends with a '/' character then it is interpreted as a base directory, otherwise it is interpreted as a jar file from which the classes/resources are resolved.New instances can be created by two static
newInstance()
methods or by three public contructors. Both ways give the option to supply an initial array ofURL
s and (optionally) a parent classloader (that is different from the standard system class loader).Normally creating a
URLClassLoader
throws aSecurityException
if aSecurityManager
is installed and thecheckCreateClassLoader()
method does not return true. But thenewInstance()
methods may be used by any code as long as it has permission to acces the givenURL
s.URLClassLoaders
created by thenewInstance()
methods also explicitly call thecheckPackageAccess()
method ofSecurityManager
if one is installed before trying to load a class. Note that only subclasses ofURLClassLoader
can add new URLs after the URLClassLoader had been created. But it is always possible to get an array of all URLs that the class loader uses to resolve classes and resources by way of thegetURLs()
method.Open issues:
definePackage()
and sealing work precisely?newInstance()
but do we have to use it in more places?URLStreamHandler
s has not been tested.