GNU Classpath (0.20) | |
Frames | No Frames |
1: /* AccessControlContext.java --- Access Control Context Class 2: Copyright (C) 1999, 2004 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: package java.security; 39: 40: import java.util.HashSet; 41: 42: /** 43: * AccessControlContext makes system resource access decsion 44: * based on permission rights. 45: * 46: * It is used for a specific context and has only one method 47: * checkPermission. It is similar to AccessController except 48: * that it makes decsions based on the current context instead 49: * of the the current thread. 50: * 51: * It is created by call AccessController.getContext method. 52: * 53: * @author Mark Benvenuto 54: * @since 1.2 55: */ 56: public final class AccessControlContext 57: { 58: private final ProtectionDomain[] protectionDomains; 59: private final DomainCombiner combiner; 60: 61: /** 62: * Construct a new AccessControlContext with the specified 63: * ProtectionDomains. <code>context</code> must not be 64: * null and duplicates will be removed. 65: * 66: * @param context The ProtectionDomains to use 67: */ 68: public AccessControlContext(ProtectionDomain[] context) 69: { 70: HashSet domains = new HashSet (context.length); 71: for (int i = 0; i < context.length; i++) 72: domains.add (context[i]); 73: protectionDomains = (ProtectionDomain[]) 74: domains.toArray (new ProtectionDomain[domains.size()]); 75: combiner = null; 76: } 77: 78: /** 79: * Construct a new AccessControlContext with the specified 80: * {@link ProtectionDomain}s and {@link DomainCombiner}. 81: * 82: * <p>Code calling this constructor must have a {@link 83: * SecurityPermission} of <i>createAccessControlContext</i>.</p> 84: * 85: * @throws SecurityException If the caller does not have permission 86: * to create an access control context. 87: * @since 1.3 88: */ 89: public AccessControlContext(AccessControlContext acc, 90: DomainCombiner combiner) 91: { 92: SecurityManager sm = System.getSecurityManager (); 93: if (sm != null) 94: { 95: sm.checkPermission (new SecurityPermission ("createAccessControlContext")); 96: } 97: AccessControlContext acc2 = AccessController.getContext(); 98: protectionDomains = combiner.combine (acc2.protectionDomains, 99: acc.protectionDomains); 100: this.combiner = combiner; 101: } 102: 103: AccessControlContext (ProtectionDomain[] domains, AccessControlContext acc, 104: DomainCombiner combiner) 105: { 106: protectionDomains = combiner.combine (domains, acc.protectionDomains); 107: this.combiner = combiner; 108: } 109: 110: /** 111: * Returns the Domain Combiner associated with the AccessControlContext 112: * 113: * @return the DomainCombiner 114: */ 115: public DomainCombiner getDomainCombiner() 116: { 117: return combiner; 118: } 119: 120: /** 121: * Determines whether or not the specific permission is granted 122: * depending on the context it is within. 123: * 124: * @param perm a permission to check 125: * 126: * @throws AccessControlException if the permssion is not permitted 127: */ 128: public void checkPermission(Permission perm) throws AccessControlException 129: { 130: if (protectionDomains.length == 0) 131: throw new AccessControlException ("permission " 132: + perm 133: + " not granted: no protection domains"); 134: 135: for (int i = 0; i < protectionDomains.length; i++) 136: { 137: final ProtectionDomain domain = protectionDomains[i]; 138: if (!domain.implies(perm)) 139: throw new AccessControlException ("permission " 140: + perm 141: + " not granted: " 142: + domain 143: + " does not imply it."); 144: } 145: } 146: 147: /** 148: * Checks if two AccessControlContexts are equal. 149: * 150: * It first checks if obj is an AccessControlContext class, and 151: * then checks if each ProtectionDomain matches. 152: * 153: * @param obj The object to compare this class to 154: * 155: * @return true if equal, false otherwise 156: */ 157: public boolean equals(Object obj) 158: { 159: if (obj instanceof AccessControlContext) 160: { 161: AccessControlContext acc = (AccessControlContext) obj; 162: 163: if (acc.protectionDomains.length != protectionDomains.length) 164: return false; 165: 166: int i, j; 167: for (i = 0; i < protectionDomains.length; i++) 168: { 169: for (j = 0; j < acc.protectionDomains.length; j++) 170: { 171: if (acc.protectionDomains[j].equals (protectionDomains[i])) 172: break; 173: } 174: if (j == acc.protectionDomains.length) 175: return false; 176: } 177: return true; 178: } 179: return false; 180: } 181: 182: /** 183: * Computes a hash code of this class 184: * 185: * @return a hash code representing this class 186: */ 187: public int hashCode() 188: { 189: int h = 0; 190: for (int i = 0; i < protectionDomains.length; i++) 191: h ^= protectionDomains[i].hashCode(); 192: 193: return h; 194: } 195: 196: ProtectionDomain[] getProtectionDomains () 197: { 198: return protectionDomains; 199: } 200: }
GNU Classpath (0.20) |