java.security
Class ProtectionDomain
This
ProtectionDomain
class encapsulates the characteristics
of a domain, which encloses a set of classes whose instances are granted a
set of permissions when being executed on behalf of a given set of
Principals.
A static set of permissions can be bound to a
ProtectionDomain
when it is constructed; such permissions are granted to the domain regardless
of the
Policy
in force. However, to support dynamic security
policies, a
ProtectionDomain
can also be constructed such that
it is dynamically mapped to a set of permissions by the current
Policy
whenever a permission is checked.
ClassLoader | getClassLoader() - Returns the
ClassLoader of this domain.
|
CodeSource | getCodeSource() - Returns the
CodeSource of this domain.
|
PermissionCollection | getPermissions() - Returns the static permissions granted to this domain.
|
Principal[] | getPrincipals() - Returns an array of principals for this domain.
|
boolean | implies(Permission permission) - Check and see if this
ProtectionDomain implies the
permissions expressed in the Permission object.
The set of permissions evaluated is a function of whether the
ProtectionDomain was constructed with a static set of
permissions or it was bound to a dynamically mapped set of permissions.
If the ProtectionDomain was constructed to a statically
bound PermissionCollection then the permission will only be checked
against the PermissionCollection supplied at construction.
However, if the ProtectionDomain was constructed with the
constructor variant which supports dynamically binding permissions, then
the permission will be checked against the combination of the
PermissionCollection supplied at construction and the current
Policy binding.
|
String | toString() - Convert a
ProtectionDomain to a String.
|
clone , equals , finalize , getClass , hashCode , notify , notifyAll , toString , wait , wait , wait |
ProtectionDomain
public ProtectionDomain(CodeSource codesource,
PermissionCollection permissions)
Creates a new
ProtectionDomain
with the given
CodeSource
and
Permissions
. If the permissions object is not
null
, then
setReadOnly()
will be called on the
passed in
Permissions
object. The only permissions granted to this
domain are the ones specified; the current
Policy
will not be
consulted.
codesource
- the codesource associated with this domain.permissions
- the permissions granted to this domain
ProtectionDomain
public ProtectionDomain(CodeSource codesource,
PermissionCollection permissions,
ClassLoader classloader,
Principal[] principals)
Creates a new ProtectionDomain qualified by the given CodeSource,
Permissions, ClassLoader and array of Principals. If the permissions
object is not null, then
setReadOnly()
will be called on the
passed in Permissions object. The permissions granted to this domain are
dynamic; they include both the static permissions passed to this
constructor, and any permissions granted to this domain by the current
Policy at the time a permission is checked.
This constructor is typically used by
ClassLoader
s and
DomainCombiner
s which delegate to
Policy
to actively
associate the permissions granted to this domain. This constructor affords
the Policy provider the opportunity to augment the supplied
PermissionCollection to reflect policy changes.
codesource
- the CodeSource associated with this domain.permissions
- the permissions granted to this domain.classloader
- the ClassLoader associated with this domain.principals
- the array of Principals associated with this domain.
getPermissions
public final PermissionCollection getPermissions()
Returns the static permissions granted to this domain.
- the static set of permissions for this domain which may be
null
.
getPrincipals
public final Principal[] getPrincipals()
Returns an array of principals for this domain.
- returns a non-null array of principals for this domain. Changes to
this array will have no impact on the
ProtectionDomain
.
implies
public boolean implies(Permission permission)
Check and see if this
ProtectionDomain
implies the
permissions expressed in the
Permission
object.
The set of permissions evaluated is a function of whether the
ProtectionDomain
was constructed with a static set of
permissions or it was bound to a dynamically mapped set of permissions.
If the
ProtectionDomain
was constructed to a statically
bound
PermissionCollection
then the permission will only be checked
against the
PermissionCollection
supplied at construction.
However, if the
ProtectionDomain
was constructed with the
constructor variant which supports dynamically binding permissions, then
the permission will be checked against the combination of the
PermissionCollection
supplied at construction and the current
Policy
binding.
true
if permission
is implicit to this
ProtectionDomain
.
ProtectionDomain.java -- A security domain
Copyright (C) 1998, 2003, 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA.
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from
or based on this library. If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so. If you do not wish to do so, delete this
exception statement from your version.