All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.axis2.java.security.AccessController Maven / Gradle / Ivy

There is a newer version: 5.0.22
Show newest version
/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.axis2.java.security;

import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;

/**
 * This utility wrapper class is created to support AXIS2 runs
 * inside of Java 2 Security environment. Due to the access control
 * checking algorithm, for Java 2 Security to function properly,
 * doPrivileged()
 * is required in cases where there is application code on the stack frame
 * accessing the system resources (ie, read/write files, opening ports, and etc).
 * This class also improve performance no matther Security Manager is being enabled
 * or not.
 * 

* Note: This utility should be used properly, otherwise might introduce * security holes. *

* Usage Example: * * public void changePassword() { * ... * AccessController.doPrivileged(new PrivilegedAction() { * public Object run() { * f = Util.openPasswordFile(); * ... *

* } * }); * ... * } * */ public class AccessController { /** * Performs the specified PrivilegedAction with privileges * enabled if a security manager is present. *

* If the action's run method throws an (unchecked) exception, * it will propagate through this method. * * @param action the action to be performed. * @return the value returned by the action's run method. * @see #doPrivileged(PrivilegedAction,AccessControlContext) * @see #doPrivileged(PrivilegedExceptionAction) */ public static T doPrivileged(PrivilegedAction action) { SecurityManager sm = System.getSecurityManager(); if (sm == null) { return (action.run()); } else { return java.security.AccessController.doPrivileged(action); } } /** * Performs the specified PrivilegedAction with privileges * enabled and restricted by the specified AccessControlContext. * The action is performed with the intersection of the permissions * possessed by the caller's protection domain, and those possessed * by the domains represented by the specified * AccessControlContext if a security manager is present. *

*

* If the action's run method throws an (unchecked) exception, * it will propagate through this method. * * @param action the action to be performed. * @param context an access control context representing the * restriction to be applied to the caller's domain's * privileges before performing the specified action. * @return the value returned by the action's run method. * @see #doPrivileged(PrivilegedAction) * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext) */ public static T doPrivileged(PrivilegedAction action, AccessControlContext context) { SecurityManager sm = System.getSecurityManager(); if (sm == null) { return action.run(); } else { return java.security.AccessController.doPrivileged(action, context); } } /** * Performs the specified PrivilegedExceptionAction with * privileges enabled. The action is performed with all of the * permissions possessed by the caller's protection domain. *

* If the action's run method throws an unchecked * exception, it will propagate through this method. * * @param action the action to be performed. * @return the value returned by the action's run method. * @throws PrivilgedActionException the specified action's * run method threw a checked exception. * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext) * @see #doPrivileged(PrivilegedAction) */ public static T doPrivileged(PrivilegedExceptionAction action) throws PrivilegedActionException { SecurityManager sm = System.getSecurityManager(); if (sm == null) { try { return action.run(); } catch (java.lang.RuntimeException e) { throw e; } catch (Exception e) { throw new PrivilegedActionException(e); } } else { return java.security.AccessController.doPrivileged(action); } } /** * Performs the specified PrivilegedExceptionAction with * privileges enabled and restricted by the specified * AccessControlContext. The action is performed with the * intersection of the the permissions possessed by the caller's * protection domain, and those possessed by the domains represented by the * specified AccessControlContext. *

* If the action's run method throws an unchecked * exception, it will propagate through this method. * * @param action the action to be performed. * @param context an access control context representing the * restriction to be applied to the caller's domain's * privileges before performing the specified action. * @return the value returned by the action's run method. * @throws PrivilegedActionException the specified action's * run method * threw a checked exception. * @see #doPrivileged(PrivilegedAction) * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext) */ public static T doPrivileged(PrivilegedExceptionAction action, AccessControlContext context) throws PrivilegedActionException { SecurityManager sm = System.getSecurityManager(); if (sm == null) { try { return action.run(); } catch (java.lang.RuntimeException e) { throw e; } catch (Exception e) { throw new PrivilegedActionException(e); } } else { return java.security.AccessController.doPrivileged(action, context); } } /** * This method takes a "snapshot" of the current calling context, which * includes the current Thread's inherited AccessControlContext, * and places it in an AccessControlContext object. This context may then * be checked at a later point, possibly in another thread. * * @return the AccessControlContext based on the current context. * @see AccessControlContext */ public static AccessControlContext getContext() { return java.security.AccessController.getContext(); } /** * Determines whether the access request indicated by the * specified permission should be allowed or denied, based on * the security policy currently in effect. * This method quietly returns if the access request * is permitted, or throws a suitable AccessControlException otherwise. * * @param perm the requested permission. * @throws AccessControlException if the specified permission * is not permitted, based on the current security policy. */ public static void checkPermission(Permission perm) throws AccessControlException { java.security.AccessController.checkPermission(perm); } /** * No instantiation allowed */ private AccessController() { } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy