Examples of java.security.CodeSource

• java.security.CodeSource

  This class extends the concept of a codebase to encapsulate not only the location (URL) but also the certificate chains that were used to verify signed code originating from that location. @version 1.41, 11/17/05 @author Li Gong @author Roland Schemers

   static void displayClassInfo(Class clazz, StringBuffer results)
   {
      // Print out some codebase info for the ProbeHome
      ClassLoader cl = clazz.getClassLoader();
      results.append("\n"+clazz.getName()+".ClassLoader="+cl);
      CodeSource clazzCS = clazz.getProtectionDomain().getCodeSource();
      if( clazzCS != null )
         results.append("\n++++CodeSource: "+clazzCS);
      else
         results.append("\n++++Null CodeSource");

      results.append("\nImplemented Interfaces:");
      Class[] ifaces = clazz.getInterfaces();
      for(int i = 0; i < ifaces.length; i ++)
      {
         results.append("\n++"+ifaces[i]);
         ClassLoader loader = ifaces[i].getClassLoader();
         results.append("\n++++ClassLoader: "+loader);
         ProtectionDomain pd = ifaces[i].getProtectionDomain();
         CodeSource cs = pd.getCodeSource();
         if( cs != null )
            results.append("\n++++CodeSource: "+cs);
         else
            results.append("\n++++Null CodeSource");
      }

      out.println("<body><h1>Class Info</h1>");
      try
      {
         Class clazz = Class.forName(className);
         ProtectionDomain pd = clazz.getProtectionDomain();
         CodeSource cs = pd.getCodeSource();
         response.addHeader("X-CodeSource", cs.getLocation().toString());
         out.println("<pre>\n");
         StringBuffer results = new StringBuffer();
         Debug.displayClassInfo(clazz, results);
         out.println(results.toString());
         out.println("</pre>");

            .getDefaultSecurityDomain()), SecurityActions.loadClass(config.getSecurityContextClassName()), getSecurityManagement(), component);
      context.addValve(scevalve);

      // Add a valve to estalish the JACC context before authorization valves
      Certificate[] certs = null;
      CodeSource cs = new CodeSource(warUrl, certs);
      JaccContextValve jaccValve = new JaccContextValve(metaData, cs);
      context.addValve(jaccValve);

      // Set listener
      context.setConfigClass("org.jboss.web.tomcat.service.deployers.JBossContextConfig");

   public ClassVersionInfo(String name, ClassLoader loader)
      throws ClassNotFoundException
   {
      this.name = name;
      Class c = loader.loadClass(name);
      CodeSource cs = c.getProtectionDomain().getCodeSource();
      if( cs != null )
         location = cs.getLocation();
      if( c.isInterface() == false )
      {
         ObjectStreamClass osc = ObjectStreamClass.lookup(c);
         if( osc != null )
         {

        }

        final byte[] bytes = res.getBytes();
        final Certificate[] certs =
            res.getFileObject().getContent().getCertificates();
        final CodeSource cs = new CodeSource(url, certs);
        return defineClass(name, bytes, 0, bytes.length, cs);
    }

            for (FileObject parent = parentLayer;
                 parent != null;
                 parent = parent.getFileSystem().getParentLayer())
            {
                final CodeSource parentcs =
                    new CodeSource(parent.getURL(),
                        parent.getContent().getCertificates());
                permCollect = super.getPermissions(parentcs);
                copyPermissions(permCollect, combi);
            }

    // ---------------------------------

    public ProfilingSecurityManager() {
        thisClassName=this.getClass().getName();
        CodeSource thisCodeSource = this.getClass().getProtectionDomain().getCodeSource();
        thisCodeSourceURLString = thisCodeSource.getLocation().toString();
    }

    }

    // -----------------

    private String formatRule(final Permission permission, final ProtectionDomain pd) {
        final CodeSource cs = pd.getCodeSource();

        if ( null == cs ) {
            return null;
        }
        final URL url = cs.getLocation();
        if( null == url ) {
           return null;
        }

        // Remove ProfilingSecurityManager.class codebase from output rule consideration

        final String clsAsResource = clazz.getName().replace('.', '/')
                + ".class";

        final ProtectionDomain pd = clazz.getProtectionDomain();
        if (pd != null) {
            final CodeSource cs = pd.getCodeSource();
            // 'cs' can be null depending on the classloader
            if (cs != null) {
                result = cs.getLocation();
            }

            if (result != null) {
                if ("file".equals(result.getProtocol())) {
                    try {

        try {
            args[0] = className;
            args[1] = data;
            args[2] = new Integer(off);
            args[3] = new Integer(len);
            args[4] = new CodeSource(new URL("file:stub"), new Certificate[0]);
        } catch (java.net.MalformedURLException ex) {
            throw new Error(ex.toString());
        }
        return (Class) AccessController.doPrivileged(new PrivilegedAction() {
            public Object run() {