Examples of java.security.ProtectionDomain

• java.security.ProtectionDomain

  This ProtectionDomain class encapsulates the characteristics of a domain, which encloses a set of classes whose instances are granted a set of permissions when being executed on behalf of a given set of Principals.

  A static set of permissions can be bound to a ProtectionDomain when it is constructed; such permissions are granted to the domain regardless of the Policy in force. However, to support dynamic security policies, a ProtectionDomain can also be constructed such that it is dynamically mapped to a set of permissions by the current Policy whenever a permission is checked.

  @version 1.47, 11/17/05 @author Li Gong @author Roland Schemers @author Gary Ellison

    * @param principals - the possibly null set of principals for the caller
    * @return true if the permission is allowed, false otherwise
    */
   private boolean checkPolicy(Permission perm, Principal[] principals)
   {
      ProtectionDomain pd = new ProtectionDomain(webCS, null, null, principals);
      boolean allowed = policy.implies(pd, perm);
      if( trace )
      {
         String msg = (allowed ? "Allowed: " : "Denied: ") +perm;
         log.trace(msg);

    private final void addUniqueToList(List<ProtectionDomain> ctxList,
                                       ProtectionDomain[] context) {
        final int count = context.length;
        for (int i = 0; i < count; i++) {
            final ProtectionDomain pd = context[i];
            if (pd != null) {
                if (!ctxList.contains(pd)) {
                    ctxList.add(pd);
                }
            }

                        reader.debugStackTrace();
                        Unsafe.die("Recursive checkPermission");
                    }
                } else {
                    final VmType<?> declClass = method.getDeclaringClass();
                    final ProtectionDomain pd = declClass.getProtectionDomain();
                    if (pd != null) {
                        // Unsafe.debug(":pd");
                        if (!pd.implies(perm)) {
                            // Unsafe.debug("Permission denied");
                            throw new AccessControlException("Permission \""
                                + perm + "\" not granted due to "
                                + declClass.getName());
                        }

        final VmStackReader reader = VmProcessor.current()
            .getArchitecture().getStackReader();
        final VmStackFrame[] stack = reader.getVmStackTrace(VmMagic
            .getCurrentFrame(), null, Integer.MAX_VALUE);
        final int count = stack.length;
        final ProtectionDomain domains[] = new ProtectionDomain[count];

        for (int i = 0; i < count; i++) {
            final VmMethod method = stack[i].getMethod();
            if (method.hasDoPrivilegedPragma()) {
                // Stop here

            final URL sourceUrl = jar.getResource(name.replace('.', '/')
                + ".class");
            final CodeSource cs = new CodeSource(sourceUrl, (Certificate[]) null);
            final Policy policy = (Policy) AccessController
                .doPrivileged(GetPolicyAction.getInstance());
            final ProtectionDomain pd = new ProtectionDomain(cs, policy
                .getPermissions(cs));
            final Class<?> cls = defineClass(name, b, pd);
            resolveClass(cls);
            return cls;
        } else {

        ObjectClass.link();
        ClassClass.link();
        CloneableClass.link();
        SerializableClass.link();

        final ProtectionDomain protectionDomain = null;
        BooleanClass = new VmPrimitiveClass("boolean", ObjectClass, clc,
            JvmType.BOOLEAN, 1, false, protectionDomain);
        ByteClass = new VmPrimitiveClass("byte", ObjectClass, clc,
            JvmType.BYTE, 1, false, protectionDomain);
        CharClass = new VmPrimitiveClass("char", ObjectClass, clc,

    private static ProtectionDomain getProtectionDomain0(Class<?> instance) {
        final SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(new RuntimePermission("getProtectionDomain"));
        }
        final ProtectionDomain pd = getLinkedVmClass(instance).getProtectionDomain();
        if (pd != null) {
            return pd;
        } else {
            return getUnknownProtectionDomain();
        }

            System.out.println("NativeVMVirtualMachine.redefineClass()");

        String name = oldClass.getName();
        VmType old_type = VmType.fromClass(oldClass);
        VmClassLoader loader = VmType.fromClass(oldClass).getLoader();
        ProtectionDomain pd = oldClass.getProtectionDomain();
        VmType new_type = ClassDecoder.defineClass(name, ByteBuffer.wrap(classData), false, loader, pd);
        for(int i = 0; i < old_type.getNoDeclaredMethods(); i++){
            VmMethod old_method = old_type.getDeclaredMethod(i);
            if (!old_method.isNative()) {
                VmMethod new_method = new_type.getDeclaredMethod(old_method.getName(), old_method.getSignature());

     */
    private static final ProtectionDomain getUnknownProtectionDomain() {
        if (unknownProtectionDomain == null) {
            Permissions permissions = new Permissions();
            permissions.add(new AllPermission());
            unknownProtectionDomain = new ProtectionDomain(null, permissions);
        }
        return unknownProtectionDomain;
    }

            protDomain = AccessController
                    .doPrivileged(new PrivilegedAction<ProtectionDomain>() {

                        public ProtectionDomain run() {
                            final CodeSource cs = new CodeSource(null, (Certificate[]) null);
                            return new ProtectionDomain(cs, Policy.getPolicy().getPermissions(cs));
                        }
                    });
        }
        return ((VmClassLoader) loader.getVmClassLoader()).
                defineClass(name, b, off, len, protDomain).asClass();