public final class AccessController extends Object
checkPermission()
method.
Manipulates the access control context for code that needs to be executed
the protection domain of the calling class (by explicitly ignoring the
context of the calling code) in the doPrivileged()
methods.
And provides a getContext()
method which gives the access
control context of the current thread that can be used for checking
permissions at a later time and/or in another thread.Modifier and Type | Method and Description |
---|---|
static void |
checkPermission(Permission perm)
Checks wether the access control context of the current thread allows
the given Permission.
|
static <T> T |
doPrivileged(PrivilegedAction<T> action)
Calls the
run() method of the given action with as
(initial) access control context only the protection domain of the
calling class. |
static <T> T |
doPrivileged(PrivilegedAction<T> action,
AccessControlContext context)
Calls the
run() method of the given action with as
(initial) access control context the given context combined with the
protection domain of the calling class. |
static <T> T |
doPrivileged(PrivilegedExceptionAction<T> action)
Calls the
run() method of the given action with as
(initial) access control context only the protection domain of the
calling class. |
static <T> T |
doPrivileged(PrivilegedExceptionAction<T> action,
AccessControlContext context)
Calls the
run() method of the given action with as
(initial) access control context the given context combined with the
protection domain of the calling class. |
static AccessControlContext |
getContext()
Returns the complete access control context of the current thread.
|
public static void checkPermission(Permission perm) throws AccessControlException
AccessControlException
when the permission is not allowed in the current context. Otherwise
returns silently without throwing an exception.perm
- the permission to be checked.AccessControlException
- thrown if the current context does not
allow the given permission.public static <T> T doPrivileged(PrivilegedAction<T> action)
run()
method of the given action with as
(initial) access control context only the protection domain of the
calling class. Calls to checkPermission()
in the
run()
method ignore all earlier protection domains of
classes in the call chain. Note that the protection domains of classes
called by the code in the run()
method are not ignored.action
- the PrivilegedAction
whose run()
should be be called.action.run()
method.public static <T> T doPrivileged(PrivilegedAction<T> action, AccessControlContext context)
run()
method of the given action with as
(initial) access control context the given context combined with the
protection domain of the calling class. Calls to
checkPermission()
in the run()
method ignore
all earlier protection domains of classes in the call chain, but add
checks for the protection domains given in the supplied context.action
- the PrivilegedAction
whose run()
should be be called.context
- the AccessControlContext
whose protection
domains should be added to the protection domain of the calling class.action.run()
method.public static <T> T doPrivileged(PrivilegedExceptionAction<T> action) throws PrivilegedActionException
run()
method of the given action with as
(initial) access control context only the protection domain of the
calling class. Calls to checkPermission()
in the
run()
method ignore all earlier protection domains of
classes in the call chain. Note that the protection domains of classes
called by the code in the run()
method are not ignored.
If the run()
method throws an exception then this method
will wrap that exception in an PrivilegedActionException
.action
- the PrivilegedExceptionAction
whose
run()
should be be called.action.run()
method.PrivilegedActionException
- wrapped around any checked exception
that is thrown in the run()
method.public static <T> T doPrivileged(PrivilegedExceptionAction<T> action, AccessControlContext context) throws PrivilegedActionException
run()
method of the given action with as
(initial) access control context the given context combined with the
protection domain of the calling class. Calls to
checkPermission()
in the run()
method ignore
all earlier protection domains of classes in the call chain, but add
checks for the protection domains given in the supplied context.
If the run()
method throws an exception then this method
will wrap that exception in an PrivilegedActionException
.action
- the PrivilegedExceptionAction
whose
run()
should be be called.context
- the AccessControlContext
whose protection
domains should be added to the protection domain of the calling class.action.run()
method.PrivilegedActionException
- wrapped around any checked exception
that is thrown in the run()
method.public static AccessControlContext getContext()
ProtectionDomain
objects
for all classes in the current call stack, or the set of protection
domains until the last call to doPrivileged(java.security.PrivilegedAction)
.
Additionally, if a call was made to doPrivileged(java.security.PrivilegedAction,java.security.AccessControlContext)
that supplied an AccessControlContext
, then that context
will be intersected with the calculated one.