Examples of java.security.ProtectionDomain

• java.security.ProtectionDomain

  This ProtectionDomain class encapsulates the characteristics of a domain, which encloses a set of classes whose instances are granted a set of permissions when being executed on behalf of a given set of Principals.

  A static set of permissions can be bound to a ProtectionDomain when it is constructed; such permissions are granted to the domain regardless of the Policy in force. However, to support dynamic security policies, a ProtectionDomain can also be constructed such that it is dynamically mapped to a set of permissions by the current Policy whenever a permission is checked.

  @version 1.47, 11/17/05 @author Li Gong @author Roland Schemers @author Gary Ellison

    return result;
  }
  private static URI getJarURI()
          throws URISyntaxException
      {
          final ProtectionDomain domain;
          final CodeSource       source;
          final URL              url;
          final URI              uri;

          domain = TimeTest.class.getProtectionDomain();
          source = domain.getCodeSource();
          url    = source.getLocation();
          uri    = url.toURI();

          return (uri);
      }

            String path = "file:/" + Boot.getMyJarPath() + "!/" + codebase + resource;
            URL url = new URL("jar", "", -1, path, jarHandler);
            return url;
        }
        public URL getCodeBase(String jar) throws MalformedURLException {
            ProtectionDomain cd = JarClassLoader.class.getProtectionDomain();
            URL url = cd.getCodeSource().getLocation();
            if (url != null) {
                url = new URL("jar", "", -1, url + "!/" + jar, jarHandler);
            }
            return url;
        }

            if (record) {
                record(bytecode);
            }
            // Use a protectionDomain to associate the codebase with the
            // class.
            ProtectionDomain pd = (ProtectionDomain)pdCache.get(bytecode.codebase);
            if (pd == null) {
                try {
                    URL url = urlFactory.getCodeBase(bytecode.codebase);

                    CodeSource source = new CodeSource(url, (Certificate[])null);
                    pd = new ProtectionDomain(source, null, this, null);
                    pdCache.put(bytecode.codebase, pd);
                } catch (MalformedURLException mux) {
                    throw new ClassNotFoundException(name, mux);
                }
            }

            // Do it the simple way.
            byte bytes[] = bytecode.bytes;

      int i = name.lastIndexOf('.');
      if (i != -1) {
        String pkgname = name.substring(0, i);
        // Check if package already loaded.
        Package pkg = getPackage(pkgname);
        Manifest man = bytecode.manifest;
        if (pkg != null) {
          // Package found, so check package sealing.
          if (pkg.isSealed()) {
            // Verify that code source URL is the same.
            if (!pkg.isSealed(pd.getCodeSource().getLocation())) {
              throw new SecurityException("sealing violation: package " + pkgname + " is sealed");
            }

          } else {
            // Make sure we are not attempting to seal the package
            // at this code source URL.
            if ((man != null) && isSealed(pkgname, man)) {
              throw new SecurityException("sealing violation: can't seal package " + pkgname + ": already loaded");
            }
          }
        } else {
          if (man != null) {
            definePackage(pkgname, man, pd.getCodeSource().getLocation());
          } else {
            definePackage(pkgname, null, null, null, null, null, null, null);
          }
        }
      }

    private AccessControlContext createAccessControlContext() {
        return new AccessControlContext(AccessController.getContext(),
                new DomainCombiner() {
                    public ProtectionDomain[] combine(ProtectionDomain[] arg0,
                                                      ProtectionDomain[] arg1) {
                        return new ProtectionDomain[] { new ProtectionDomain(null, null) {
                            public boolean implies(Permission permission) {
                                return getBundleContextForServiceLookup().getBundle().hasPermission(permission);
                            }
                        }
                    };

        //
        // Create the Rhino ProtectionDomain
        // and AccessControlContext
        //
        ProtectionDomain rhinoProtectionDomain
            = new ProtectionDomain(codeSource,
                                   getPermissions(codeSource));

        rhinoAccessControlContext
            = new AccessControlContext(new ProtectionDomain[]{
                rhinoProtectionDomain});

        JarFile jar = new JarFile(file);
        InputStream in = jar.getInputStream(jar
                .getEntry("packA/SecurityTest.class"));
        byte[] bytes = drain(in);
        Class c = myloader.define("packA.SecurityTest", bytes);
    ProtectionDomain pd = c.getProtectionDomain();
    assertNotNull("Expected dynamic policy", pd.getClassLoader());
    assertNull("Expected null permissions", pd.getPermissions());
  }

   }

   private static Class<?> generateProxy(Class<?> clazz, ProxyMixin[] mixins) throws Exception
   {
      CtClass proxy = createProxyCtClass(mixins, clazz);
      ProtectionDomain pd = clazz.getProtectionDomain();
      Class<?> proxyClass = TransformerCommon.toClass(proxy, pd);
      Map<Long, MethodPersistentReference> methodmap = ClassProxyFactory.getMethodMap(proxyClass);
      Field field = proxyClass.getDeclaredField("methodMap");
      SecurityActions.setAccessible(field);
      field.set(null, methodmap);

         else
         {
            //We need to do all the work again
            AspectManager manager = AspectManager.instance();
            ClassPool pool = manager.findClassPool(classloader);
            ProtectionDomain pd = advisorClass.getProtectionDomain();
            generatedClass = generateJoinpointClass(pool, info, classloader, pd);
            generatedJoinPointClassCache.put(infoAdviceString, generatedClass);
         }
         Object obj = generatedClass.createJoinPointInstance(classloader, info);

   private static Class<?> generateProxy(boolean objectAsSuper, Class<?> clazz, Advisor advisor, MarshalledContainerProxy outOfVmProxy) throws Exception
   {
      ArrayList<InterfaceIntroduction> introductions = advisor.getInterfaceIntroductions();
      CtClass proxy = createProxyCtClass(objectAsSuper, introductions, clazz, advisor, outOfVmProxy);
      ProtectionDomain pd = clazz.getProtectionDomain();
      Class<?> proxyClass = TransformerCommon.toClass(proxy, pd);
      return proxyClass;
   }

        Set principalsSet = caller.getPrincipals();
        principals = new Principal[ principalsSet.size() ];
        principalsSet.toArray( principals );
      }

      ProtectionDomain pd = new ProtectionDomain( ejbCS, null, null, principals );
      if ( !policy.implies( pd, methodPerm ) ) {
        String msg = "Denied: " + methodPerm + ", caller=" + caller;
        SecurityException e = new SecurityException( msg );
        throw e;
      }