org.mozilla.javascript.PolicySecurityController Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aem-sdk-api Show documentation
Show all versions of aem-sdk-api Show documentation
The Adobe Experience Manager SDK
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
package org.mozilla.javascript;
import java.lang.ref.SoftReference;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Policy;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureClassLoader;
import java.util.Map;
import java.util.WeakHashMap;
import org.mozilla.classfile.ByteCode;
import org.mozilla.classfile.ClassFileWriter;
/**
* A security controller relying on Java {@link Policy} in effect. When you use
* this security controller, your securityDomain objects must be instances of
* {@link CodeSource} representing the location from where you load your
* scripts. Any Java policy "grant" statements matching the URL and certificate
* in code sources will apply to the scripts. If you specify any certificates
* within your {@link CodeSource} objects, it is your responsibility to verify
* (or not) that the script source files are signed in whatever
* implementation-specific way you're using.
* @author Attila Szegedi
*/
public class PolicySecurityController extends SecurityController
{
private static final byte[] secureCallerImplBytecode = loadBytecode();
// We're storing a CodeSource -> (ClassLoader -> SecureRenderer), since we
// need to have one renderer per class loader. We're using weak hash maps
// and soft references all the way, since we don't want to interfere with
// cleanup of either CodeSource or ClassLoader objects.
private static final Map>>
callers =
new WeakHashMap>>();
@Override
public Class> getStaticSecurityDomainClassInternal() {
return CodeSource.class;
}
private static class Loader extends SecureClassLoader
implements GeneratedClassLoader
{
private final CodeSource codeSource;
Loader(ClassLoader parent, CodeSource codeSource)
{
super(parent);
this.codeSource = codeSource;
}
public Class> defineClass(String name, byte[] data)
{
return defineClass(name, data, 0, data.length, codeSource);
}
public void linkClass(Class> cl)
{
resolveClass(cl);
}
}
@Override
public GeneratedClassLoader createClassLoader(final ClassLoader parent,
final Object securityDomain)
{
return (Loader)AccessController.doPrivileged(
new PrivilegedAction
© 2015 - 2024 Weber Informatics LLC | Privacy Policy