Examples of java.security.AccessControlContext

• java.security.AccessControlContext
  An AccessControlContext is used to make system resource access decisions based on the context it encapsulates.

  More specifically, it encapsulates a context and has a single method, checkPermission, that is equivalent to the checkPermission method in the AccessController class, with one difference: The AccessControlContext checkPermission method makes access decisions based on the context it encapsulates, rather than that of the current execution thread.

  Thus, the purpose of AccessControlContext is for those situations where a security check that should be made within a given context actually needs to be done from within a different context (for example, from within a worker thread).

  An AccessControlContext is created by calling the AccessController.getContext method. The getContext method takes a "snapshot" of the current calling context, and places it in an AccessControlContext object, which it returns. A sample call is the following:

   AccessControlContext acc = AccessController.getContext() 

  Code within a different context can subsequently call the checkPermission method on the previously-saved AccessControlContext object. A sample call is the following:

   acc.checkPermission(permission) 

  @see AccessController @author Roland Schemers

        RhinoInterpreter interp =
            (RhinoInterpreter)window.getInterpreter();
        final String uri = (String)NativeJavaObject.coerceType(String.class, args[0]);
        final GetURLFunctionWrapper fw = new GetURLFunctionWrapper(interp, (Function)args[1], ww);

        AccessControlContext acc =
            ((RhinoInterpreter)window.getInterpreter()).getAccessControlContext();

        if (len == 2) {
            AccessController.doPrivileged( new PrivilegedAction() {
                    public Object run(){

            _logger.debug("User trying to create or unregister an MBean");
            throw new SecurityException("Access denied: " + methodName);
        }

        // Retrieve Subject from current AccessControlContext
        AccessControlContext acc = AccessController.getContext();
        Subject subject = Subject.getSubject(acc);

        try
        {
            if(invokeDirectly(methodName, args, subject))

        SecurityManager sm = System.getSecurityManager();
        if (sm != null) sm.checkPermission(SET_CONTEXT);

        if (subject == null) throw new IllegalArgumentException("Subject must not be null");

        AccessControlContext acc = (AccessControlContext) Subject.doAsPrivileged(subject, new PrivilegedAction() {
            public Object run() {
                return AccessController.getContext();
            }
        }, null);

        this.initLifetime = initLifetime;
        this.acceptLifetime = acceptLifetime;
        this.usage = usage;

        if (isInitiatorCredential()) {
            AccessControlContext acc = AccessController.getContext();
            credential = (UsernamePasswordCredential) AccessController.doPrivileged(new SubjectComber(acc, name.toString()));
        }
    }

            }
            if (user == SecurityHandler.__NOBODY) {
                return true;
            }

            AccessControlContext acc = ContextManager.getCurrentContext();

            /**
             * JACC v1.0 secion 4.1.1
             */

            acc.checkPermission(wudp);

            /**
             * JACC v1.0 secion 4.1.2
             */
            acc.checkPermission(webResourcePermission);
        } catch (HttpException he) {
            response.sendError(he.getStatus(), he.getReason());
            return false;
        } catch (AccessControlException ace) {
            response.sendError(403);

            String name = (type == null)? null: type.getSpecName();

            Permission permission = new EJBMethodPermission(ejbName, name, method);

            AccessControlContext accessContext = ContextManager.getCurrentContext();

            if (permission != null) accessContext.checkPermission(permission);

        } catch (AccessControlException e) {
            return false;
        }
        return true;

            getWorkspaceInfo(workspaceName);

            if (credentials == null) {
                // null credentials, obtain the identity of the already-authenticated
                // subject from access control context
                AccessControlContext acc = AccessController.getContext();
                Subject subject = Subject.getSubject(acc);
                if (subject != null) {
                    return createSession(subject, workspaceName);
                }
            }

public class JAASUserProvider implements UserProvider {

    @Override
    public FeatureUser getCurrentUser() {

        AccessControlContext acc = AccessController.getContext();
        if (acc != null) {
            Subject subject = Subject.getSubject(acc);
            if (subject != null) {
                Iterator<Principal> iter = subject.getPrincipals().iterator();
                if (iter.hasNext()) {

   */
  @InterfaceAudience.Public
  @InterfaceStability.Evolving
  public synchronized
  static UserGroupInformation getCurrentUser() throws IOException {
    AccessControlContext context = AccessController.getContext();
    Subject subject = Subject.getSubject(context);
    if (subject == null || subject.getPrincipals(User.class).isEmpty()) {
      return getLoginUser();
    } else {
      return new UserGroupInformation(subject);

    private Session extendAuthentication(String workspaceName)
            throws RepositoryException, AccessDeniedException {

        Subject subject = null;
        try {
            AccessControlContext acc = AccessController.getContext();
            subject = Subject.getSubject(acc);
        } catch (SecurityException e) {
            log.warn("Can't check for preauthentication. Reason:", e.getMessage());
        }
        if (subject == null) {