Examples of java.security.DomainCombiner

java.security.DomainCombiner
A DomainCombiner provides a means to dynamically update the ProtectionDomains associated with the current AccessControlContext.
A DomainCombiner is passed as a parameter to the appropriate constructor for AccessControlContext. The newly constructed context is then passed to the AccessController.doPrivileged(..., context) method to bind the provided context (and associated DomainCombiner) with the current execution Thread. Subsequent calls to AccessController.getContext or AccessController.checkPermission cause the DomainCombiner.combine to get invoked.
The combine method takes two arguments. The first argument represents an array of ProtectionDomains from the current execution Thread, since the most recent call to AccessController.doPrivileged. If no call to doPrivileged was made, then the first argument will contain all the ProtectionDomains from the current execution Thread. The second argument represents an array of inherited ProtectionDomains, which may be null. ProtectionDomains may be inherited from a parent Thread, or from a privileged context. If no call to doPrivileged was made, then the second argument will contain the ProtectionDomains inherited from the parent Thread. If one or more calls to doPrivileged were made, and the most recent call was to doPrivileged(action, context), then the second argument will contain the ProtectionDomains from the privileged context. If the most recent call was to doPrivileged(action), then there is no privileged context, and the second argument will be null.
The combine method investigates the two input arrays of ProtectionDomains and returns a single array containing the updated ProtectionDomains. In the simplest case, the combine method merges the two stacks into one. In more complex cases, the combine method returns a modified stack of ProtectionDomains. The modification may have added new ProtectionDomains, removed certain ProtectionDomains, or simply updated existing ProtectionDomains. Re-ordering and other optimizations to the ProtectionDomains are also permitted. Typically the combine method bases its updates on the information encapsulated in the DomainCombiner.
After the AccessController.getContext method receives the combined stack of ProtectionDomains back from the DomainCombiner, it returns a new AccessControlContext that has both the combined ProtectionDomains as well as the DomainCombiner. @see AccessController @see AccessControlContext @version 1.9, 04/07/06 @since 1.3

        PrivilegedAction<DomainCombiner> action = new PrivilegedAction<DomainCombiner>() {
            public DomainCombiner run() {
                return context.getDomainCombiner();
            }
        };
        DomainCombiner combiner = AccessController.doPrivileged(action);


        if ((combiner == null) || !(combiner instanceof SubjectDomainCombiner)) {
            return null;
        }
        return ((SubjectDomainCombiner) combiner).getSubject();

View Full Code Here

     * Case 0: If no Config provided by user, then LoginContext uses 
     * its own context to invoke LoginModule's methods.
     */
    public void testContextUsage_0() throws Exception {
        Subject dummySubj = new Subject();
        final DomainCombiner dc = new SubjectDomainCombiner(dummySubj);
        AccessControlContext acc = new AccessControlContext(AccessController
                .getContext(), dc);
        PrivilegedExceptionAction<Void> action = new PrivilegedExceptionAction<Void>() {
            public Void run() throws Exception {
                implTestContextUsage(true, dc);

View Full Code Here

     * uses stored user's context and performs all call to LoginModule's 
     * methods in that context.
     */
    public void testContextUsage_1() throws Exception {
        Subject dummySubj = new Subject();
        final DomainCombiner dc = new SubjectDomainCombiner(dummySubj);
        AccessControlContext acc = new AccessControlContext(AccessController
                .getContext(), dc);
        PrivilegedExceptionAction<Void> action = new PrivilegedExceptionAction<Void>() {
            public Void run() throws Exception {
                implTestContextUsage(false, dc);

View Full Code Here

            fail("must not pass here");
        } catch (LoginException _) {
            // gut
        }


        DomainCombiner match = useInstalledConfig ? null : dc;
        //
        if (checkModuleStatic) {
            assertSame(TestLoginModule_Contexted.accStatic.getDomainCombiner(),
                    match);
        }

View Full Code Here

     */
    private static AccessControlContext createPrivilegedContext(
                Class caller,
                AccessControlContext acc)
    {
  DomainCombiner comb = acc.getDomainCombiner();
  ProtectionDomain pd = caller.getProtectionDomain();
  ProtectionDomain[] pds = (pd != null) ?
      new ProtectionDomain[]{pd} : null;
  if (comb != null) {
      pds = comb.combine(pds, null);
  }
  if (pds == null) {
      pds = new ProtectionDomain[0];
  }
  return new AccessControlContext(new AccessControlContext(pds), comb);

View Full Code Here

    public SecurityContext getContext() {
  final AccessControlContext acc0 = AccessController.getContext();
  final AccessControlContext racc = (AccessControlContext)
      AccessController.doPrivileged(new PrivilegedAction() {
    public Object run() {
        DomainCombiner comb0 = acc0.getDomainCombiner();
        AccessControlContext acc1 =
      new AccessControlContext(acc0, new Combiner(comb0));
        AccessControlContext acc2 = (AccessControlContext)
      AccessController.doPrivileged(new PrivilegedAction() {
        public Object run() {

View Full Code Here

        }
    }
    
    private AccessControlContext createAccessControlContext() {
        return new AccessControlContext(AccessController.getContext(),
                new DomainCombiner() {               
                    public ProtectionDomain[] combine(ProtectionDomain[] arg0,
                                                      ProtectionDomain[] arg1) {                    
                        return new ProtectionDomain[] { new ProtectionDomain(null, null) {                        
                            public boolean implies(Permission permission) {                                                           
                                return bundleContext.getBundle().hasPermission(permission);

View Full Code Here

   * of blueprint-core. To achieve this we use an access context. 
   * @return
   */
    private AccessControlContext createAccessControlContext() {
        return new AccessControlContext(AccessController.getContext(),
                new DomainCombiner() {               
                    public ProtectionDomain[] combine(ProtectionDomain[] arg0,
                                                      ProtectionDomain[] arg1) {                    
                        return new ProtectionDomain[] { new ProtectionDomain(null, null) {                        
                            public boolean implies(Permission permission) {                                                           
                                return getBundleContextForServiceLookup().getBundle().hasPermission(permission);

View Full Code Here

0 1 2

TOP

Related Classes of java.security.DomainCombiner

com.ecyrd.jspwiki.auth.permissions.GroupPermission

net.jini.security.proxytrust.BasicUntrustedObjectSecurityContext

net.jini.security.Security

org.apache.aries.blueprint.container.AbstractServiceReferenceRecipe

org.apache.aries.blueprint.container.BlueprintContainerImpl

org.apache.harmony.auth.tests.javax.security.auth.login.LoginContext1Test

org.apache.wiki.auth.permissions.GroupPermission

org.jboss.beach.priv.runner.RunAfters

org.jboss.beach.priv.runner.RunBefores

javax.security.auth.Subject

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.