Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.axis2.java.security
Class AccessController

java.lang.Object
  extended by org.apache.axis2.java.security.AccessController

public class AccessController
extends Object

This utility wrapper class is created to support AXIS2 runs inside of Java 2 Security environment. Due to the access control checking algorithm, for Java 2 Security to function properly, doPrivileged() is required in cases where there is application code on the stack frame accessing the system resources (ie, read/write files, opening ports, and etc). This class also improve performance no matther Security Manager is being enabled or not.

Note: This utility should be used properly, otherwise might introduce security holes.

Usage Example: public void changePassword() { ... AccessController.doPrivileged(new PrivilegedAction() { public Object run() { f = Util.openPasswordFile(); ...

} }); ... }

Method Summary
static void checkPermission(Permission perm)
          Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect.
static
<T> T
doPrivileged(PrivilegedAction<T> action)
          Performs the specified PrivilegedAction with privileges enabled if a security manager is present.
static
<T> T
doPrivileged(PrivilegedAction<T> action, AccessControlContext context)
          Performs the specified PrivilegedAction with privileges enabled and restricted by the specified AccessControlContext.
static
<T> T
doPrivileged(PrivilegedExceptionAction<T> action)
          Performs the specified PrivilegedExceptionAction with privileges enabled.
static
<T> T
doPrivileged(PrivilegedExceptionAction<T> action, AccessControlContext context)
          Performs the specified PrivilegedExceptionAction with privileges enabled and restricted by the specified AccessControlContext.
static AccessControlContext getContext()
          This method takes a "snapshot" of the current calling context, which includes the current Thread's inherited AccessControlContext, and places it in an AccessControlContext object.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

doPrivileged

public static <T> T doPrivileged(PrivilegedAction<T> action)
Performs the specified PrivilegedAction with privileges enabled if a security manager is present.

If the action's run method throws an (unchecked) exception, it will propagate through this method.

Parameters:
action - the action to be performed.
Returns:
the value returned by the action's run method.
See Also:
doPrivileged(PrivilegedAction,AccessControlContext), doPrivileged(PrivilegedExceptionAction)

doPrivileged

public static <T> T doPrivileged(PrivilegedAction<T> action,
                                 AccessControlContext context)
Performs the specified PrivilegedAction with privileges enabled and restricted by the specified AccessControlContext. The action is performed with the intersection of the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext if a security manager is present.

If the action's run method throws an (unchecked) exception, it will propagate through this method.

Parameters:
action - the action to be performed.
context - an access control context representing the restriction to be applied to the caller's domain's privileges before performing the specified action.
Returns:
the value returned by the action's run method.
See Also:
doPrivileged(PrivilegedAction), doPrivileged(PrivilegedExceptionAction,AccessControlContext)

doPrivileged

public static <T> T doPrivileged(PrivilegedExceptionAction<T> action)
                      throws PrivilegedActionException
Performs the specified PrivilegedExceptionAction with privileges enabled. The action is performed with all of the permissions possessed by the caller's protection domain.

If the action's run method throws an unchecked exception, it will propagate through this method.

Parameters:
action - the action to be performed.
Returns:
the value returned by the action's run method.
Throws:
PrivilgedActionException - the specified action's run method threw a checked exception.
PrivilegedActionException
See Also:
doPrivileged(PrivilegedExceptionAction,AccessControlContext), doPrivileged(PrivilegedAction)

doPrivileged

public static <T> T doPrivileged(PrivilegedExceptionAction<T> action,
                                 AccessControlContext context)
                      throws PrivilegedActionException
Performs the specified PrivilegedExceptionAction with privileges enabled and restricted by the specified AccessControlContext. The action is performed with the intersection of the the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext.

If the action's run method throws an unchecked exception, it will propagate through this method.

Parameters:
action - the action to be performed.
context - an access control context representing the restriction to be applied to the caller's domain's privileges before performing the specified action.
Returns:
the value returned by the action's run method.
Throws:
PrivilegedActionException - the specified action's run method threw a checked exception.
See Also:
doPrivileged(PrivilegedAction), doPrivileged(PrivilegedExceptionAction,AccessControlContext)

getContext

public static AccessControlContext getContext()
This method takes a "snapshot" of the current calling context, which includes the current Thread's inherited AccessControlContext, and places it in an AccessControlContext object. This context may then be checked at a later point, possibly in another thread.

Returns:
the AccessControlContext based on the current context.
See Also:
AccessControlContext

checkPermission

public static void checkPermission(Permission perm)
                            throws AccessControlException
Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect. This method quietly returns if the access request is permitted, or throws a suitable AccessControlException otherwise.

Parameters:
perm - the requested permission.
Throws:
AccessControlException - if the specified permission is not permitted, based on the current security policy.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2012 The Apache Software Foundation. All Rights Reserved.