001/* AccessController.java --- Access control context and permission checker 002 Copyright (C) 2001, 2004 Free Software Foundation, Inc. 003 004This file is part of GNU Classpath. 005 006GNU Classpath is free software; you can redistribute it and/or modify 007it under the terms of the GNU General Public License as published by 008the Free Software Foundation; either version 2, or (at your option) 009any later version. 010 011GNU Classpath is distributed in the hope that it will be useful, but 012WITHOUT ANY WARRANTY; without even the implied warranty of 013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 014General Public License for more details. 015 016You should have received a copy of the GNU General Public License 017along with GNU Classpath; see the file COPYING. If not, write to the 018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 01902110-1301 USA. 020 021Linking this library statically or dynamically with other modules is 022making a combined work based on this library. Thus, the terms and 023conditions of the GNU General Public License cover the whole 024combination. 025 026As a special exception, the copyright holders of this library give you 027permission to link this library with independent modules to produce an 028executable, regardless of the license terms of these independent 029modules, and to copy and distribute the resulting executable under 030terms of your choice, provided that you also meet, for each linked 031independent module, the terms and conditions of the license of that 032module. An independent module is a module which is not derived from 033or based on this library. If you modify this library, you may extend 034this exception to your version of the library, but you are not 035obligated to do so. If you do not wish to do so, delete this 036exception statement from your version. */ 037 038package java.security; 039 040/** 041 * Access control context and permission checker. 042 * Can check permissions in the access control context of the current thread 043 * through the <code>checkPermission()</code> method. 044 * Manipulates the access control context for code that needs to be executed 045 * the protection domain of the calling class (by explicitly ignoring the 046 * context of the calling code) in the <code>doPrivileged()</code> methods. 047 * And provides a <code>getContext()</code> method which gives the access 048 * control context of the current thread that can be used for checking 049 * permissions at a later time and/or in another thread. 050 * 051 * @author Mark Wielaard (mark@klomp.org) 052 * @since 1.2 053 */ 054public final class AccessController 055{ 056 /** 057 * This class only has static methods so there is no public contructor. 058 */ 059 private AccessController() 060 { 061 } 062 063 /** 064 * Checks wether the access control context of the current thread allows 065 * the given Permission. Throws an <code>AccessControlException</code> 066 * when the permission is not allowed in the current context. Otherwise 067 * returns silently without throwing an exception. 068 * 069 * @param perm the permission to be checked. 070 * @exception AccessControlException thrown if the current context does not 071 * allow the given permission. 072 */ 073 public static void checkPermission(Permission perm) 074 throws AccessControlException 075 { 076 getContext().checkPermission(perm); 077 } 078 079 /** 080 * Calls the <code>run()</code> method of the given action with as 081 * (initial) access control context only the protection domain of the 082 * calling class. Calls to <code>checkPermission()</code> in the 083 * <code>run()</code> method ignore all earlier protection domains of 084 * classes in the call chain. Note that the protection domains of classes 085 * called by the code in the <code>run()</code> method are not ignored. 086 * 087 * @param action the <code>PrivilegedAction</code> whose <code>run()</code> 088 * should be be called. 089 * @return the result of the <code>action.run()</code> method. 090 */ 091 public static <T> T doPrivileged(PrivilegedAction<T> action) 092 { 093 VMAccessController.pushContext(null); 094 try 095 { 096 return action.run(); 097 } 098 finally 099 { 100 VMAccessController.popContext(); 101 } 102 } 103 104 /** 105 * Calls the <code>run()</code> method of the given action with as 106 * (initial) access control context the given context combined with the 107 * protection domain of the calling class. Calls to 108 * <code>checkPermission()</code> in the <code>run()</code> method ignore 109 * all earlier protection domains of classes in the call chain, but add 110 * checks for the protection domains given in the supplied context. 111 * 112 * @param action the <code>PrivilegedAction</code> whose <code>run()</code> 113 * should be be called. 114 * @param context the <code>AccessControlContext</code> whose protection 115 * domains should be added to the protection domain of the calling class. 116 * @return the result of the <code>action.run()</code> method. 117 */ 118 public static <T> T doPrivileged(PrivilegedAction<T> action, 119 AccessControlContext context) 120 { 121 VMAccessController.pushContext(context); 122 try 123 { 124 return action.run(); 125 } 126 finally 127 { 128 VMAccessController.popContext(); 129 } 130 } 131 132 /** 133 * Calls the <code>run()</code> method of the given action with as 134 * (initial) access control context only the protection domain of the 135 * calling class. Calls to <code>checkPermission()</code> in the 136 * <code>run()</code> method ignore all earlier protection domains of 137 * classes in the call chain. Note that the protection domains of classes 138 * called by the code in the <code>run()</code> method are not ignored. 139 * If the <code>run()</code> method throws an exception then this method 140 * will wrap that exception in an <code>PrivilegedActionException</code>. 141 * 142 * @param action the <code>PrivilegedExceptionAction</code> whose 143 * <code>run()</code> should be be called. 144 * @return the result of the <code>action.run()</code> method. 145 * @exception PrivilegedActionException wrapped around any checked exception 146 * that is thrown in the <code>run()</code> method. 147 */ 148 public static <T> T doPrivileged(PrivilegedExceptionAction<T> action) 149 throws PrivilegedActionException 150 { 151 VMAccessController.pushContext(null); 152 try 153 { 154 return action.run(); 155 } 156 catch (RuntimeException e) 157 { 158 throw e; 159 } 160 catch (Exception e) 161 { 162 throw new PrivilegedActionException(e); 163 } 164 finally 165 { 166 VMAccessController.popContext(); 167 } 168 } 169 170 /** 171 * Calls the <code>run()</code> method of the given action with as 172 * (initial) access control context the given context combined with the 173 * protection domain of the calling class. Calls to 174 * <code>checkPermission()</code> in the <code>run()</code> method ignore 175 * all earlier protection domains of classes in the call chain, but add 176 * checks for the protection domains given in the supplied context. 177 * If the <code>run()</code> method throws an exception then this method 178 * will wrap that exception in an <code>PrivilegedActionException</code>. 179 * 180 * @param action the <code>PrivilegedExceptionAction</code> whose 181 * <code>run()</code> should be be called. 182 * @param context the <code>AccessControlContext</code> whose protection 183 * domains should be added to the protection domain of the calling class. 184 * @return the result of the <code>action.run()</code> method. 185 * @exception PrivilegedActionException wrapped around any checked exception 186 * that is thrown in the <code>run()</code> method. 187 */ 188 public static <T> T doPrivileged(PrivilegedExceptionAction<T> action, 189 AccessControlContext context) 190 throws PrivilegedActionException 191 { 192 VMAccessController.pushContext(context); 193 try 194 { 195 return action.run(); 196 } 197 catch (RuntimeException e) 198 { 199 throw e; 200 } 201 catch (Exception e) 202 { 203 throw new PrivilegedActionException(e); 204 } 205 finally 206 { 207 VMAccessController.popContext(); 208 } 209 } 210 211 /** 212 * Returns the complete access control context of the current thread. 213 * The returned object encompasses all {@link ProtectionDomain} objects 214 * for all classes in the current call stack, or the set of protection 215 * domains until the last call to {@link 216 * #doPrivileged(java.security.PrivilegedAction)}. 217 * 218 * <p>Additionally, if a call was made to {@link 219 * #doPrivileged(java.security.PrivilegedAction,java.security.AccessControlContext)} 220 * that supplied an {@link AccessControlContext}, then that context 221 * will be intersected with the calculated one. 222 * 223 * @return The context. 224 */ 225 public static AccessControlContext getContext() 226 { 227 return VMAccessController.getContext(); 228 } 229}