org.apache.axis2.java.security
Class AccessController

java.lang.Object
  extended by org.apache.axis2.java.security.AccessController

public class AccessController
extends java.lang.Object

This utility wrapper class is created to support AXIS2 runs inside of Java 2 Security environment. Due to the access control checking algorithm, for Java 2 Security to function properly, doPrivileged() is required in cases where there is application code on the stack frame accessing the system resources (ie, read/write files, opening ports, and etc). This class also improve performance no matther Security Manager is being enabled or not.

Note: This utility should be used properly, otherwise might introduce security holes.

Usage Example: public void changePassword() { ... AccessController.doPrivileged(new PrivilegedAction() { public Object run() { f = Util.openPasswordFile(); ...

} }); ... }


Method Summary
static void checkPermission(java.security.Permission perm)
          Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect.
static java.lang.Object doPrivileged(java.security.PrivilegedAction action)
          Performs the specified PrivilegedAction with privileges enabled if a security manager is present.
static java.lang.Object doPrivileged(java.security.PrivilegedAction action, java.security.AccessControlContext context)
          Performs the specified PrivilegedAction with privileges enabled and restricted by the specified AccessControlContext.
static java.lang.Object doPrivileged(java.security.PrivilegedExceptionAction action)
          Performs the specified PrivilegedExceptionAction with privileges enabled.
static java.lang.Object doPrivileged(java.security.PrivilegedExceptionAction action, java.security.AccessControlContext context)
          Performs the specified PrivilegedExceptionAction with privileges enabled and restricted by the specified AccessControlContext.
static java.security.AccessControlContext getContext()
          This method takes a "snapshot" of the current calling context, which includes the current Thread's inherited AccessControlContext, and places it in an AccessControlContext object.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

doPrivileged

public static java.lang.Object doPrivileged(java.security.PrivilegedAction action)
Performs the specified PrivilegedAction with privileges enabled if a security manager is present.

If the action's run method throws an (unchecked) exception, it will propagate through this method.

Parameters:
action - the action to be performed.
Returns:
the value returned by the action's run method.
See Also:
doPrivileged(PrivilegedAction,AccessControlContext), doPrivileged(PrivilegedExceptionAction)

doPrivileged

public static java.lang.Object doPrivileged(java.security.PrivilegedAction action,
                                            java.security.AccessControlContext context)
Performs the specified PrivilegedAction with privileges enabled and restricted by the specified AccessControlContext. The action is performed with the intersection of the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext if a security manager is present.

If the action's run method throws an (unchecked) exception, it will propagate through this method.

Parameters:
action - the action to be performed.
context - an access control context representing the restriction to be applied to the caller's domain's privileges before performing the specified action.
Returns:
the value returned by the action's run method.
See Also:
doPrivileged(PrivilegedAction), doPrivileged(PrivilegedExceptionAction,AccessControlContext)

doPrivileged

public static java.lang.Object doPrivileged(java.security.PrivilegedExceptionAction action)
                                     throws java.security.PrivilegedActionException
Performs the specified PrivilegedExceptionAction with privileges enabled. The action is performed with all of the permissions possessed by the caller's protection domain.

If the action's run method throws an unchecked exception, it will propagate through this method.

Parameters:
action - the action to be performed.
Returns:
the value returned by the action's run method.
Throws:
PrivilgedActionException - the specified action's run method threw a checked exception.
java.security.PrivilegedActionException
See Also:
doPrivileged(PrivilegedExceptionAction,AccessControlContext), doPrivileged(PrivilegedAction)

doPrivileged

public static java.lang.Object doPrivileged(java.security.PrivilegedExceptionAction action,
                                            java.security.AccessControlContext context)
                                     throws java.security.PrivilegedActionException
Performs the specified PrivilegedExceptionAction with privileges enabled and restricted by the specified AccessControlContext. The action is performed with the intersection of the the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext.

If the action's run method throws an unchecked exception, it will propagate through this method.

Parameters:
action - the action to be performed.
context - an access control context representing the restriction to be applied to the caller's domain's privileges before performing the specified action.
Returns:
the value returned by the action's run method.
Throws:
java.security.PrivilegedActionException - the specified action's run method threw a checked exception.
See Also:
doPrivileged(PrivilegedAction), doPrivileged(PrivilegedExceptionAction,AccessControlContext)

getContext

public static java.security.AccessControlContext getContext()
This method takes a "snapshot" of the current calling context, which includes the current Thread's inherited AccessControlContext, and places it in an AccessControlContext object. This context may then be checked at a later point, possibly in another thread.

Returns:
the AccessControlContext based on the current context.
See Also:
AccessControlContext

checkPermission

public static void checkPermission(java.security.Permission perm)
                            throws java.security.AccessControlException
Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect. This method quietly returns if the access request is permitted, or throws a suitable AccessControlException otherwise.

Parameters:
perm - the requested permission.
Throws:
java.security.AccessControlException - if the specified permission is not permitted, based on the current security policy.


Copyright © 2007 Apache Web Services Project. All Rights Reserved.